Click HERE to see how Saviynt Intelligence is transforming the industry. |
03/30/2023 01:04 AM
Hi,
The use case is to access the windows server via CPAM using domain account - both credential and credential-less account.
We are encountering an error during bootstrap process where the instance is not PAM- enabled. we are attempting to bootstrap a window server using a domain account in place of "IDQueryDomainCredentials" and "IDQueryDomainCredentialess" in the PAM_config . After the bootstrap, we can see domain accounts under the windows endpoint, but they are not PAM Enabled and there status shows inactive
In the windows endpoint-> PAM attribute-> Error description :-com.saviynt.pam.exception.PAMException: SID Column Mapping not found in AD connection for Domain Group.
Can some one assist us to resolving this issue
Thank you
03/30/2023 06:52 PM
How is instance created? Is it through bootstrap process or manually created?
03/31/2023 03:42 PM
@Pooja Thanks for posting the issue here. This error implies that your account attribute mapping and/or Group import mapping is missing the entry for objectSid. Map this to one of the custom properties and retry bootstrap
ex: CUSTOMPROPERTY27::objectSid#Binary
(you can change the customproperty as required)
Thanks,
Nagesh K