Saviynt unveils its cutting-edge Intelligence Suite products to revolutionize Identity Security!
Click HERE to see how Saviynt Intelligence is transforming the industry. Saviynt Copilot Icon
This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Issue with Onpremises windows Server Onboarding to CPAM

Pooja
New Contributor II
New Contributor II

‎11/05/2023 09:47 PM

We are getting below error while bootstrap, in endpoints we see the accounts are imported , but the account permissions are not getting reflecting properly, so the instance is  not getting PAM enabled. how we can fix this issue? Please advice. 

Pooja_0-1699249468854.png

 

Pooja_1-1699249576435.png

Pooja_2-1699249597649.png

Pooja_3-1699249626161.png

 

Labels:
0 Kudos
5 REPLIES 5

NageshK
Saviynt Employee
Saviynt Employee

‎11/06/2023 06:41 AM

@Pooja Thanks for posting your question. Here are couple of things to verify:

1. In the endpoint, go to entitlements tab and see if the windows groups have been imported or not
2. Right after the import process, capture the logs of windowsconnectorms and share the same

You can use the advanced logging capabilities to capture the logs specifically from windowsconnectorms. Here is the doc portal link for ref. : 
https://docs.saviyntcloud.com/bundle/EIC-Admin-v23x/page/Content/Chapter07-General-Administrator/Man...

The same link is also present in the right side widget of the pam forums board

NageshK_0-1699281645357.png

Thanks

Nagesh K



0 Kudos

Pooja
New Contributor II
New Contributor II

‎11/08/2023 05:30 AM

Hi @NageshK 

After bootstrap job (Onpremisesdiscovery - externaljartype) we see in endpoint two groups are created in entitlement type and logs error as below

Pooja_0-1699450042535.png

 
2023-11-07 08:22:23.659 DEBUG [TENANT_ID=DEFAULT] 7 --- [org.springframework.amqp.rabbit.RabbitListenerEndpointContainer#1-13] c.s.s.c.s.RepositoryReconServiceImpl : jobSummaryXML :: <filename> Connector MS Job<jobid>30348</jobid><updateDate>1699345333256</updateDate><noOfBatch>2</noOfBatch><id>cb700096-1367-45d9-94ad-38487cdd86b5</id><jobDone>false</jobDone><Error-in-updateRepositaryActual-reconcile>Duplicate key Group (attempted merging values 34 and 35)</Error-in-updateRepositaryActual-reconcile><createDate>1699345333256</createDate></filename>
2023-11-07 08:22:23.662 DEBUG [TENANT_ID=DEFAULT] 7 --- [org.springframework.amqp.rabbit.RabbitListenerEndpointContainer#1-13] c.s.s.c.s.RepositoryReconServiceImpl : Exception in Duplicate key Group (attempted merging values 34 and 35)
2023-11-07 08:23:14.778 DEBUG [TENANT_ID=DEFAULT] 7 --- [http-nio-8980-exec-9] c.s.s.c.controller.ConnectorController : Enter jobStatus
0 Kudos

NageshK
Saviynt Employee
Saviynt Employee

‎11/08/2023 01:18 PM

@Pooja Thanks for sharing the details. There shouldn't be two entitlement types with the same name. Was one of them created manually? 
Please delete the entitlement type that does not have any entitlements associated to it and then retry the bootstrap.

Thanks,

Nagesh K

0 Kudos

Pooja
New Contributor II
New Contributor II
In response to NageshK

‎11/09/2023 05:49 PM

Hi @NageshK  - it got created automatically when we run the onprem discovery job (external jar job) while onboaridn the instance from the CSV, for some instance it was fine and for some it got created 2 groups. pls provide some idea to fix this issue, we don;'t see the delete option.

0 Kudos

Pooja
New Contributor II
New Contributor II

‎11/09/2023 01:46 AM

Hi Nagesh,

Could you please suggest way, How we can delete one entitlement? we don't see any option to delete it.

0 Kudos
Copyright © 2024 Khoros, LLC