Enabled Account Authentication Failed in SailPoint IDN

Hi Experts,

I’m currently testing a use case for rehiring an employee (userID and email is re-use) where the AD account was previously moved to OU=Disabled, Then upon rehire, it’s moved back to the designated OU=SailPointTest and the AD accountExpire value is updated to “10/02/2025 12:00:00 AM UTC”

I manually transfer the account to new identity that automatically triggers the enabling of account including SAP HANA and SAP HCM ESS and all the Accounts status is “Enabled”

However when I tried to login the user in SailPoint, I’m receiving an error of “Authentication Failed.”
I also did a password reset for the new identity, but same error.
(Please note that the AD is configured as the Authentication source for SailPoint IDN.)

I ask the AD team to verify the account, and it was change to OU=SailPoint test from Disabled, and the account was verified to be enabled also.

I’m not sure if I’m missing something.

Any advise on what else to check or solution on this?

Thank you in advance :slight_smile:

What is the UUID of the account you trying to login?

Hi @ipobeidi,

DistinguisedName is set as the accountID in the schema (unique identifier) and sAMAccountName is used by user as their userID(for login).

ON IDN side, what is mapped to the UID field?

Hi @jinmartin.

Please Check in AD is the “user must change password at next logon” is unchecked or not?

Hi @jinmartin ,
Greetings of the day!

Please check in additional settings (Pass thorough authentication settings).please refer the below screenshot .

Thank You
Mahesh M