AD connection issue

Hi All,

I have encountered the below error while testing the AD connection

Exception occurred while executing the RPCRequest: Errors returned from IQService. Authentication Failed : No such user registered with IQService.

Looks like issue with the IQ service user we have a service account as an IQservice user. Do i need to check that service account is registered with IQservice? If yes. Please help with sharing those steps.

Thanks,
Shubham.

Did you do this part?

image1255×282 33.9 KB

Hi @GutteStolt ,

Yes, this issue you will get when you don’t install IQService properly with the user that you are going to use in IQService. So install the IQService and add the account as well to the service. You can follow steps given by @enistri_devo above. After this, you might get one more issue related to this same like password issue. So change the password (if you don’t remember) from AD Service and test.

image1111×747 48.2 KB

@GutteStolt

1. Open services.msc:

• Press Win + R to open the Run dialog.
• Type services.msc and press Enter to open the Services management console.

2. Locate the SailPoint Service:

• In the Services window, scroll down to find the SailPoint IdentityIQ service. It might be named something like Sailpoint-instance-1, IQService, or a custom name depending on your installation.

3. Open Service Properties:

• Right-click on the SailPoint IdentityIQ service (e.g., Sailpoint-instance-1) and select Properties.

4. Set the Service Log On Account:

• In the Properties window, go to the Log On tab.
• Select the option This account:
• Enter the service account username in the format DOMAIN\username.
• Enter and confirm the password for the service account.

5. Apply and Start the Service:

• Click Apply and then OK to save the changes.
• You might be prompted to re-enter the password for confirmation.
• Return to the Services window and start the service by right-clicking on the service and selecting Start.

6. Verify the Service:

• Ensure the service starts successfully and is running with the specified account.

This process ensures that the SailPoint IdentityIQ service runs under the correct account with the necessary permissions.

Hello @enistri_devo

As you mentioned i tried to run, but i’m getting below error

image922×189 6.9 KB

Do i need to place that IQservice folder in this path?D:\sailpoint\webapps\identityiq\WEB-INF\bin\win

Thanks,

Hello @Zekkin

I have followed the steps which you have provided. I got the below error.

“Did you use the accounts that are registered on the server?”

How i can check this?

Using the Command Prompt:

type →
net user

If you are testing it in your local machine. You can also use Admin account for now. Later, you can change to other service account if you want. Use DOMAIN\Administrator (Ex: KBP\Administrator).

Hello @Zekkin

Yes, i can see the user is registered?

you can use SHTADM credentials

Hello @bhanuprakashkuruva

Not in the local machine it is client dev environment for that we have service account as IQservice user.

Thanks

That is my admin account. Can i also use that one?

Thanks.

yes, you can use that

Try this command: IQService.exe -a list
You will get users list.

Hello

I can see the two IQservices folder?

When i tried from the first folder getting this error

image893×291 8.67 KB

And for the second folder

image884×160 6.16 KB

and one more folder i can see in this file path D:\sailpoint\webapps\identityiq\WEB-INF\bin\win this is zip folder not extracted

where exactly i need to put this IQservices folder?

Thanks,

Hello @Zekkin

I have tried with my admin account but still getting same error.

did you Enter the service account username in the format `DOMAIN\username ?

Hello @enistri_devo

As you mentioned i tried to run, but i’m getting below error

image922×189 6.9 KB

Yes. Correct