schattopadhy
April 5, 2024, 10:49am
1
docs and API specs before asking for help. Also, please be sure you’ve searched the forum for your answer before you create a new topic.
Hi Team,
I have tried many options as suggested in compass but no luck.
Thanks
schattopadhy
April 5, 2024, 10:55am
3
iq service logs:
<RpcResponse version="1.0" requestId="847973a7-5889-4d5c-a838-5e172f3dc8d4" complete="true">
<RpcErrors>
<List>
<String>Error occurred while setting password for the account. Exception has been thrown by the target of an invocation.One or more input parameters are invalid . HRESULT:[0x80070005]</String>
<String>Error occurred while setting password for the account. Exception has been thrown by the target of an invocation.One or more input parameters are invalid . HRESULT:[0x80070005]</String>
</List>
</RpcErrors>
<ResultAttributes>
<Map>
<entry key="requestProcessedOn" value="4/5/2024 7:05:42 AM" />
<entry key="returnRequest">
<value>
<AccountRequest application="dev test active [source]" op="Create" nativeIdentity="CN=dibri,CN=Users,DC=domaincon,DC=com">
<AttributeRequest op="Add" name="memberOf" value="CN=Guests,CN=Builtin,DC=domaincon,DC=com" />
<AttributeRequest op="Add" name="ObjectType" value="User" />
<AttributeRequest op="Add" name="sAMAccountName" value="dibri" />
<AttributeRequest op="Add" name="displayName" value="Antonio.Franklin" />
<AttributeRequest op="Add" name="userPrincipalName" value="[email protected] " />
<AttributeRequest op="Add" name="mail" value="[email protected] " />
<AttributeRequest op="Add" name="password" value="**********">
<Attributes>
<Map>
<entry key="secret" value="true" />
</Map>
</Attributes>
</AttributeRequest>
<AttributeRequest op="Add" name="givenName" value="Antonio" />
<AttributeRequest op="Add" name="sn" value="Franklin" />
<AttributeRequest op="Add" name="pwdLastSet">
<Value>
<Boolean>true</Boolean>
</Value>
</AttributeRequest>
<AttributeRequest op="Add" name="IIQDisabled">
<Value>
<Boolean>false</Boolean>
</Value>
</AttributeRequest>
</AccountRequest>
</value>
</entry>
<entry key="objectguid" value="{85bfb9fd-1ee3-4010-9ef3-7e0ea8da2473}" />
<entry key="createdOnServer" value="172.172.233.144" />
</Map>
</ResultAttributes>
</RpcResponse>"
04/05/2024 07:05:42 : RpcHandler [ Thread-7 ] DEBUG : "ENTER Close"
04/05/2024 07:05:42 : RpcHandler [ Thread-7 ] DEBUG : "EXIT Close"
type or paste code here
sharvari
April 5, 2024, 11:25am
4
Please verify that the password being set meets the AD password policy in addition to any password policy you may have in identity now.
1 Like
schattopadhy
April 5, 2024, 11:31am
5
Hi @sharvari thanks for the responce but this is the password policy and in ad with same password i am able to create password
sharvari
April 5, 2024, 12:47pm
6
Have you tried by using dynamic/generate password option so ISC will generate a password itself. Check if it still fails?
sharvari
April 5, 2024, 12:48pm
7
Also verify that the service account being used in AD connector has all the necessary permissions
schattopadhy
April 5, 2024, 12:58pm
8
@sharvari i was able to create it now after i changed the ip in the domain settings to the domain name so users are getting created but it gives timeout issues in sailpoint .should i increase the timeout?
sharvari
April 5, 2024, 1:12pm
9
Yes, you can increase the timeout. We have done it many times in the past so ISC gets sufficient time to get a response back from AD.
schattopadhy
April 5, 2024, 1:45pm
10
Yes i did it and it has worked
Please be sure you’ve read the docs and API specs before asking for help. Also, please be sure you’ve searched the forum for your answer before you create a new topic.
