Saviynt Forums

sureshchalla · ‎06/13/2024

Hi,

I am attempting to have the change password functionality working for existing OUD accounts.

RESETANDCHANGEPASSWRDJSON:

{
"userPassword": "${randomPassword}"
}

PAM Attributes:

LOGs:

"2024-06-13T05:36:11.838+00:00","ecm-worker","pam.PamService","quartzScheduler_Worker-2-lk29h","DEBUG","inside convertJsonStringToMap"
"2024-06-13T05:36:11.838+00:00","ecm-worker","pam.PamService","quartzScheduler_Worker-2-lk29h","DEBUG","Error while converting JsonStringToMap"
"2024-06-13T05:36:11.838+00:00","ecm-worker","pam.PamService","quartzScheduler_Worker-2-lk29h","DEBUG","rotateKey - true"
"2024-06-13T05:36:11.841+00:00","ecm-worker","services.ArsTaskService","quartzScheduler_Worker-2-lk29h","DEBUG","Calling changePasswordAccountGLDAP with Sec System - STOUDDEV and tasklist - [ed283414:[com.saviynt.ecm.task.ArsTasks : 1001]]"
"2024-06-13T05:36:11.841+00:00","ecm-worker","ldap.SaviyntGroovyLdapService","quartzScheduler_Worker-2-lk29h","DEBUG","Enter changePasswordAccountGLDAP"
"2024-06-13T05:36:11.841+00:00","ecm-worker","ldap.SaviyntGroovyLdapService","quartzScheduler_Worker-2-lk29h","DEBUG","Fetching LDAP connection"
"2024-06-13T05:36:11.841+00:00","ecm-worker","ldap.SaviyntGroovyLdapService","quartzScheduler_Worker-2-lk29h","DEBUG","Connection is 14:: STOUDDEV"
"2024-06-13T05:36:11.841+00:00","ecm-worker","ldap.SaviyntGroovyLdapService","quartzScheduler_Worker-2-lk29h","DEBUG","enable_dclocator = false"
"2024-06-13T05:36:11.841+00:00","ecm-worker","ldap.SaviyntGroovyLdapService","quartzScheduler_Worker-2-lk29h","DEBUG","Inside validateEnforceNonLeafSearchContext"
"2024-06-13T05:36:11.842+00:00","ecm-worker","ldap.SaviyntGroovyLdapService","quartzScheduler_Worker-2-lk29h","DEBUG","enforceNonLeafSearchContextValue ::::: false"
"2024-06-13T05:36:11.843+00:00","ecm-worker","ldap.SaviyntGroovyLdapService","quartzScheduler_Worker-2-lk29h","DEBUG","server, managedn LDAPS://eul3a04.sgp.st.com:636st-eduid=ed999111,ou=people,dc=st,dc=com"
"2024-06-13T05:36:11.843+00:00","ecm-worker","ldap.SaviyntGroovyLdapService","quartzScheduler_Worker-2-lk29h","DEBUG","Checking for url = LDAPS://eul3a04.sgp.st.com:636"
"2024-06-13T05:36:12.042+00:00","ecm-worker","ldap.SaviyntGroovyLdapService","quartzScheduler_Worker-2-lk29h","DEBUG","Connection Successful"
"2024-06-13T05:36:12.042+00:00","ecm-worker","ldap.SaviyntGroovyLdapService","quartzScheduler_Worker-2-lk29h","DEBUG","connectionsuccessful-1 = true"
"2024-06-13T05:36:12.042+00:00","ecm-worker","ldap.SaviyntGroovyLdapService","quartzScheduler_Worker-2-lk29h","DEBUG","connectionsuccessful-2 = true"
"2024-06-13T05:36:12.044+00:00","ecm-worker","ldap.SaviyntGroovyLdapService","quartzScheduler_Worker-2-lk29h","DEBUG","Enter isADConnection"
"2024-06-13T05:36:12.044+00:00","ecm-worker","ldap.SaviyntGroovyLdapService","quartzScheduler_Worker-2-lk29h","DEBUG","External connection is :: STOUDDEV"
"2024-06-13T05:36:12.045+00:00","ecm-worker","ldap.SaviyntGroovyLdapService","quartzScheduler_Worker-2-lk29h","DEBUG","Connection is LDAP.. Setting to FALSE"
"2024-06-13T05:36:12.045+00:00","ecm-worker","ldap.SaviyntGroovyLdapService","quartzScheduler_Worker-2-lk29h","DEBUG","isadconnection = false"
"2024-06-13T05:36:12.045+00:00","ecm-worker","ldap.SaviyntGroovyLdapService","quartzScheduler_Worker-2-lk29h","DEBUG","Exit isADConnection"

sudeshjaiswal · ‎06/16/2024

Hello @sureshchalla,

You are seeing the error in the log or password is not getting changed?,
if you are just seeing the error.

Thanks.

If you find the above response useful, Kindly Mark it as "Accept As Solution".

sureshchalla · ‎06/16/2024

Hi @sudeshjaiswal ,

I saw that error.

ERROR","Error occured while changing password"
"2024-06-17T05:30:58.540+00:00","ecm-worker","","null-pvpzx","","javax.naming.directory.SchemaViolationException: [LDAP: error code 65 - Entry st-eduid=ed131201,ou=people,dc=st,dc=com cannot not be modified because the resulting entry would have violated the server schema: Entry st-eduid=ed131201,ou=people,dc=st,dc=com violates the Directory Server schema configuration because it includes attribute userPassword which is not allowed by any of the objectclasses defined in that entry]; remaining name 'st-eduid=ed131201,ou=people,dc=st,dc=com'

What is the reason for this error?

sudeshjaiswal · ‎06/17/2024

Hello @sureshchalla

Could you please specify which error you are referring to? Also, did you notice any functionality not working?

If you are refferring to this error,
"2024-06-13T05:36:11.838+00:00","ecm-worker","pam.PamService","quartzScheduler_Worker-2-lk29h","DEBUG","Error while converting JsonStringToMap"

It might be due to a missing or undefined optional config JSON. You can ignore this error.

If you are refferring to this error,
ERROR","Error occured while changing password"
"2024-06-17T05:30:58.540+00:00","ecm-worker","","null-pvpzx","","javax.naming.directory.SchemaViolationException: [LDAP: error code 65 - Entry st-eduid=ed131201,ou=people,dc=st,dc=com cannot not be modified because the resulting entry would have violated the server schema: Entry st-eduid=ed131201,ou=people,dc=st,dc=com violates the Directory Server schema configuration because it includes attribute userPassword which is not allowed by any of the objectclasses defined in that entry]; remaining name 'st-eduid=ed131201,ou=people,dc=st,dc=com'

Please refer this article for the above error : https://forums.saviynt.com/t5/saviynt-knowledge-base/ldap-access-provisioning-issue-ldap-error-code-...

Thanks

If you find the above response useful, Kindly Mark it as "Accept As Solution".

sureshchalla · ‎06/17/2024

LDAP Access Provisioning Issue - LDAP: error code ... - Saviynt Forums - 50550 Based on this forum all are in places but getting same error.

sudeshjaiswal · ‎06/17/2024

Can you please confirm which fucntionality is not working as expected?

Thanks.

If you find the above response useful, Kindly Mark it as "Accept As Solution".

sureshchalla · ‎06/17/2024

"Error occured while changing password"

Saviynt Forums

An error occurred while attempting to change a password in Oracle Directory server .