Question : I am trying to do Provisioning in my source i.e., Active Directory. Accounts are getting created in AD but all the attributes are not populating in AD end.
For example : I am sending “displayName” value via Create Account page but while doing provisioning it is failing. Value are not getting stored in AD .
But when I trying to do so directly in AD with same Service Account I am able to update its display name.
Kindly help with the issue.
The directory service cannot perform the requested operation on the RDN attribute of an object.
as mentioned by @RAKRHEEM above please check the account activity in search tab if all the attributes are populating correctly as provided in the create account, check if any of the attribute format is not correct for ex: manager dn or expiredate, try providing static values in create account and test creating account
If your base account creation is not showing AD after provisioning and there are attribute errors, look in the Provisioning Settings area of the source configuration.
Make sure that “Rollback Partially Created Account” is NOT checked.
I have tried in that manner too by providing static input in displayname, sn to check whether it is updating or not but still it is throwing same error.
Also I have reinstalled the IQ service too. Do we have to provide the IQ Service Password again in AD Connector if we have reinstalled it.
Test Connection and account aggregation will work without IQService. Can you cross check if all the connection details given are correct? Hope there are no changes made to Service account perms.
Also, I would suggest enabling logging and check the logs for more info.
Account creation is working fine but it is failing to add or modify some attributes, try creating account only with mandatory attributes and check if those attributes are populating correctly, once the account is created, keep adding attributes one by one and test account creation then you will come to know which attribute is causing the issue.
in my case it was manager DN can you check that also.
Also can you upload the full screenshot of account activity, which will show the attributes and values.
If any attributes got failed to add or update the remaining attributes also not update in the target. The actual attribute which causing issue it breaks other attributes as well. So check one by one the exact attribute which causing the failure.
