Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry.
Saviynt Copilot Icon

Error during bootstrapping windows server with domain account-onpremises

Pooja
New Contributor II
New Contributor II

Hi,

The use case is to access the windows server via CPAM using domain account - both credential and credential-less account.

We are encountering an error during bootstrap process where the instance is not PAM- enabled. we are attempting to bootstrap a window server using a domain account in place of "IDQueryDomainCredentials" and "IDQueryDomainCredentialess" in the PAM_config . After the bootstrap, we can see domain accounts under the windows endpoint, but they are not PAM Enabled and there status shows inactive

In the windows endpoint-> PAM attribute-> Error description :-com.saviynt.pam.exception.PAMException: SID Column Mapping not found in AD connection for Domain Group.

Can some one assist us to resolving this issue 

Thank you

 

 

2 REPLIES 2

Saathvik
All-Star
All-Star

How is instance created? Is it through bootstrap process or manually created?


Regards,
Saathvik
If this reply answered your question, please Accept As Solution and give Kudos to help others facing similar issue.

NageshK
Saviynt Employee
Saviynt Employee

@Pooja Thanks for posting the issue here. This error implies that your account attribute mapping and/or Group import mapping is missing the entry for objectSid. Map this to one of the custom properties and retry bootstrap

ex: CUSTOMPROPERTY27::objectSid#Binary                 
(you can change the customproperty as required)

Thanks,

Nagesh K