Click HERE to see how Saviynt Intelligence is transforming the industry. |
06/13/2024 12:50 AM - edited 06/13/2024 12:54 AM
Hi,
I am attempting to have the change password functionality working for existing OUD accounts.
RESETANDCHANGEPASSWRDJSON:
{
"userPassword": "${randomPassword}"
}
PAM Attributes:
LOGs:
"2024-06-13T05:36:11.838+00:00","ecm-worker","pam.PamService","quartzScheduler_Worker-2-lk29h","DEBUG","inside convertJsonStringToMap"
"2024-06-13T05:36:11.838+00:00","ecm-worker","pam.PamService","quartzScheduler_Worker-2-lk29h","DEBUG","Error while converting JsonStringToMap"
"2024-06-13T05:36:11.838+00:00","ecm-worker","pam.PamService","quartzScheduler_Worker-2-lk29h","DEBUG","rotateKey - true"
"2024-06-13T05:36:11.841+00:00","ecm-worker","services.ArsTaskService","quartzScheduler_Worker-2-lk29h","DEBUG","Calling changePasswordAccountGLDAP with Sec System - STOUDDEV and tasklist - [ed283414:[com.saviynt.ecm.task.ArsTasks : 1001]]"
"2024-06-13T05:36:11.841+00:00","ecm-worker","ldap.SaviyntGroovyLdapService","quartzScheduler_Worker-2-lk29h","DEBUG","Enter changePasswordAccountGLDAP"
"2024-06-13T05:36:11.841+00:00","ecm-worker","ldap.SaviyntGroovyLdapService","quartzScheduler_Worker-2-lk29h","DEBUG","Fetching LDAP connection"
"2024-06-13T05:36:11.841+00:00","ecm-worker","ldap.SaviyntGroovyLdapService","quartzScheduler_Worker-2-lk29h","DEBUG","Connection is 14:: STOUDDEV"
"2024-06-13T05:36:11.841+00:00","ecm-worker","ldap.SaviyntGroovyLdapService","quartzScheduler_Worker-2-lk29h","DEBUG","enable_dclocator = false"
"2024-06-13T05:36:11.841+00:00","ecm-worker","ldap.SaviyntGroovyLdapService","quartzScheduler_Worker-2-lk29h","DEBUG","Inside validateEnforceNonLeafSearchContext"
"2024-06-13T05:36:11.842+00:00","ecm-worker","ldap.SaviyntGroovyLdapService","quartzScheduler_Worker-2-lk29h","DEBUG","enforceNonLeafSearchContextValue ::::: false"
"2024-06-13T05:36:11.843+00:00","ecm-worker","ldap.SaviyntGroovyLdapService","quartzScheduler_Worker-2-lk29h","DEBUG","server, managedn LDAPS://eul3a04.sgp.st.com:636st-eduid=ed999111,ou=people,dc=st,dc=com"
"2024-06-13T05:36:11.843+00:00","ecm-worker","ldap.SaviyntGroovyLdapService","quartzScheduler_Worker-2-lk29h","DEBUG","Checking for url = LDAPS://eul3a04.sgp.st.com:636"
"2024-06-13T05:36:12.042+00:00","ecm-worker","ldap.SaviyntGroovyLdapService","quartzScheduler_Worker-2-lk29h","DEBUG","Connection Successful"
"2024-06-13T05:36:12.042+00:00","ecm-worker","ldap.SaviyntGroovyLdapService","quartzScheduler_Worker-2-lk29h","DEBUG","connectionsuccessful-1 = true"
"2024-06-13T05:36:12.042+00:00","ecm-worker","ldap.SaviyntGroovyLdapService","quartzScheduler_Worker-2-lk29h","DEBUG","connectionsuccessful-2 = true"
"2024-06-13T05:36:12.044+00:00","ecm-worker","ldap.SaviyntGroovyLdapService","quartzScheduler_Worker-2-lk29h","DEBUG","Enter isADConnection"
"2024-06-13T05:36:12.044+00:00","ecm-worker","ldap.SaviyntGroovyLdapService","quartzScheduler_Worker-2-lk29h","DEBUG","External connection is :: STOUDDEV"
"2024-06-13T05:36:12.045+00:00","ecm-worker","ldap.SaviyntGroovyLdapService","quartzScheduler_Worker-2-lk29h","DEBUG","Connection is LDAP.. Setting to FALSE"
"2024-06-13T05:36:12.045+00:00","ecm-worker","ldap.SaviyntGroovyLdapService","quartzScheduler_Worker-2-lk29h","DEBUG","isadconnection = false"
"2024-06-13T05:36:12.045+00:00","ecm-worker","ldap.SaviyntGroovyLdapService","quartzScheduler_Worker-2-lk29h","DEBUG","Exit isADConnection"
06/16/2024 10:59 PM
Hello @sureshchalla,
You are seeing the error in the log or password is not getting changed?,
if you are just seeing the error.
Thanks.
06/16/2024 11:29 PM
Hi @sudeshjaiswal ,
I saw that error.
ERROR","Error occured while changing password"
"2024-06-17T05:30:58.540+00:00","ecm-worker","","null-pvpzx","","javax.naming.directory.SchemaViolationException: [LDAP: error code 65 - Entry st-eduid=ed131201,ou=people,dc=st,dc=com cannot not be modified because the resulting entry would have violated the server schema: Entry st-eduid=ed131201,ou=people,dc=st,dc=com violates the Directory Server schema configuration because it includes attribute userPassword which is not allowed by any of the objectclasses defined in that entry]; remaining name 'st-eduid=ed131201,ou=people,dc=st,dc=com'
What is the reason for this error?
06/17/2024 02:20 AM
Hello @sureshchalla
Could you please specify which error you are referring to? Also, did you notice any functionality not working?
If you are refferring to this error,
"2024-06-13T05:36:11.838+00:00","ecm-worker","pam.PamService","quartzScheduler_Worker-2-lk29h","DEBUG","Error while converting JsonStringToMap"
It might be due to a missing or undefined optional config JSON. You can ignore this error.
If you are refferring to this error,
ERROR","Error occured while changing password"
"2024-06-17T05:30:58.540+00:00","ecm-worker","","null-pvpzx","","javax.naming.directory.SchemaViolationException: [LDAP: error code 65 - Entry st-eduid=ed131201,ou=people,dc=st,dc=com cannot not be modified because the resulting entry would have violated the server schema: Entry st-eduid=ed131201,ou=people,dc=st,dc=com violates the Directory Server schema configuration because it includes attribute userPassword which is not allowed by any of the objectclasses defined in that entry]; remaining name 'st-eduid=ed131201,ou=people,dc=st,dc=com'
Please refer this article for the above error : https://forums.saviynt.com/t5/saviynt-knowledge-base/ldap-access-provisioning-issue-ldap-error-code-...
Thanks
06/17/2024 02:25 AM
LDAP Access Provisioning Issue - LDAP: error code ... - Saviynt Forums - 50550 Based on this forum all are in places but getting same error.
06/17/2024 02:29 AM
Can you please confirm which fucntionality is not working as expected?
Thanks.
06/17/2024 03:30 AM
"Error occured while changing password"