Error while Joiner Event

YashPradhan · October 23, 2025, 8:36am

| **Exception occurred while executing the RPCRequest: Errors returned from IQService. Error occurred while setting password for the account. Exception has been thrown by the target of an invocation.One or more input parameters are invalid . HRESULT:[0x80070005], Error occurred while setting password for the account. Exception has been thrown by the target of an invocation.One or more input parameters are invalid . HRESULT:[0x80070005]

I get the above error from AD IQService while triggering Joiner Event**

charankoona · October 23, 2025, 9:58am

Hi @YashPradhan ,

error shows you input value is not correct, can you share what fields you are passing while creating AD account.

msingh900 · October 23, 2025, 10:18am

Hi @YashPradhan

Please explain how are you setting the password when you are sending a request for AD creation.

Is the password generation rule present in the form of FieldValue Rule type.

If rule is being used, Please provide the rule so that we can help you troubleshoot this issue.

YashPradhan · October 23, 2025, 11:04am

I have wrote the script for Business process Joiner: It does not defines The password. afte Adding a person and Trigeering the Joiner Event I get the Form to Approve Provisions in AD , tHere only i am setting up the password as a Mix of diff character, numbers, upper and lower case chars too.

here is the script:
import sailpoint.object.Identity;
import sailpoint.object.ProvisioningPlan;
import sailpoint.object.ProvisioningPlan.AccountRequest;
import sailpoint.object.ProvisioningPlan.AttributeRequest;
import java.util.List;
import java.util.ArrayList;

ProvisioningPlan provPlan = new ProvisioningPlan();
Identity userIdentity = context.getObjectByName(Identity.class, identityName);

List accountRequestsList = new ArrayList();

AccountRequest accountReq = new AccountRequest();

accountReq.setOperation(AccountRequest.Operation.Create);

accountReq.setApplication(“AD App”);

accountReq.add(new AttributeRequest(“sAMAccountName”, identityName));

accountReq.add(new AttributeRequest(“ObjectType”, “User”));

accountReq.add(new AttributeRequest(“IIQDisabled”, false));

accountReq.setNativeIdentity(“cn=” + identityName + “,cn=Users,dc=IIQAD,dc=com”);

accountRequestsList.add(accountReq);

provPlan.setAccountRequests(accountRequestsList);

provPlan.setIdentity(userIdentity);

return provPlan;

msingh900 · October 23, 2025, 11:30am

Are you setting the password as per the password policy of AD? Make sure that the password that you are setting is as per the password policy of AD otherwise it will give error.

Thanks

YashPradhan · October 23, 2025, 11:41am

The paswword I am setting is as per the policy of AD
Not contain the user’s account name or parts of the user’s full name that exceed two consecutive characters
Be at least six characters in length
Contain characters from three of the following four categories:
English uppercase characters (A through Z)
English lowercase characters (a through z)
Base 10 digits (0 through 9)
Non-alphabetic characters (for example, !, $, #, %)
Complexity requirements are enforced when passwords are changed or created.

msingh900 · October 23, 2025, 11:50am

Refer to this article. They faced similar issue.

IdentityIQ Scenarios For Active Directory | IDMWORKS

msingh900 · October 23, 2025, 3:37pm

Let me know if your issue is fixed or not.

YashPradhan · October 26, 2025, 10:55am

No sir, Isuue is not fixed.

santhirajumunganda · October 27, 2025, 9:03am

Hello @YashPradhan did you check the provisioning transactions? You can see from which attribute it is failing

YashPradhan · October 27, 2025, 3:02pm

Checked all the logs, Nothing specific, did Manual Provisioning. Accounts are fetched from ad to sailpoint but i Get same err while creating a joinee

santhirajumunganda · October 27, 2025, 3:18pm

Take a look into this Refuse to set password

The server is unwilling to process

YashPradhan · October 27, 2025, 4:55pm

Sailpoint error after Joiner even task form filling and provisioning approval:

Exception occurred while executing the RPCRequest:
Errors returned from IQService. Error occurred while setting password for the account. Exception has been thrown by the target of an invocation.One or more input parameters are invalid . HRESULT:[0x80070005], Error occurred while setting password for the account. Exception has been thrown by the target of an invocation.One or more input parameters are invalid . HRESULT:[0x80070005]

error/log from IQService:
10/27/2025 11:18:04 : ADConnectorServices [ Thread-21 ] ERROR : “Error occurred while setting password for the account. Exception has been thrown by the target of an invocation.One or more input parameters are invalid . HRESULT:[0x80070005]”

Error/ log file before provisioning: from code context pasted log4j2 file logs:

2025-10-27T16:47:51,965 ERROR QuartzScheduler_Worker-4 sailpoint.server.InternalContext:166 - identityName=Karan.Kumar
2025-10-27T16:47:52,068 WARN QuartzScheduler_Worker-4 sailpoint.api.Workflower:6960 - Unable to determine requester for work item from launcher 'Scheduler'
2025-10-27T16:47:58,619 WARN http-nio-8080-exec-6 sailpoint.api.Workflower:6960 - Unable to determine requester for work item from launcher 'Scheduler'
2025-10-27T16:47:58,647 WARN http-nio-8080-exec-6 sailpoint.api.Workflower:448 - Unable to notify, no email address for: spadmin
2025-10-27T16:48:03,486 ERROR http-nio-8080-exec-9 sailpoint.server.InternalContext:166 - Before Prov rule AD:<?xml version='1.0' encoding='UTF-8'?>
<!DOCTYPE ProvisioningPlan PUBLIC "sailpoint.dtd" "sailpoint.dtd">
<ProvisioningPlan nativeIdentity="Karan.Kumar" targetIntegration="AD App" trackingId="15ecd6866ff048489a7fcc1bbe4f8fbf">
<AccountRequest application="AD App" nativeIdentity="CN=Karan.Kumar,OU=Users,OU=Test OU,DC=IIQAD,DC=com" op="Create">
<AttributeRequest name="sAMAccountName" op="Set" value="Karan.Kumar"/>
<AttributeRequest name="objectType" op="Set" value="User"/>
<AttributeRequest name="password" op="Set" value="QIc#KWKt@6vIT">
<Attributes>
<Map>
<entry key="secret" value="true"/>
</Map>
</Attributes>
</AttributeRequest>
<AttributeRequest name="IIQDisabled" op="Set">
<Value>
<Boolean></Boolean>
</Value>
</AttributeRequest>
<AttributeRequest name="givenName" op="Set" value="Karan"/>
<AttributeRequest name="sn" op="Set" value="Kumar"/>
<AttributeRequest name="mail" op="Set" ``value="Karan.Kumar@demoexample.com``"/>
</AccountRequest>
<Attributes>
<Map>
<entry key="identityRequestId" value="0000000032"/>
<entry key="requester" value="Scheduler"/>
<entry key="source" value="LCM"/>
</Map>
</Attributes>
</ProvisioningPlan>

2025-10-27T16:48:04,606 ERROR http-nio-8080-exec-9 sailpoint.connector.RPCService:554 - Exception occurred while executing the RPCRequest: Errors returned from IQService. Error occurred while setting password for the account. Exception has been thrown by the target of an invocation.One or more input parameters are invalid . HRESULT:[0x80070005], Error occurred while setting password for the account. Exception has been thrown by the target of an invocation.One or more input parameters are invalid . HRESULT:[0x80070005]

bruno-co · October 27, 2025, 6:01pm

From the logs the nativeIdentity is in the OU=Users, but you are trying to set it as cn=Users:

Topic		Replies	Views
Provisioning error IIQ Discussion and Questions identityiq	12	652	August 25, 2024
IQService Refuse to set Password IIQ Discussion and Questions aggregation , identityiq , iqservice	4	3346	March 5, 2024
Active Directory Provisioning Error while creating a new account ISC Discussion and Questions identity-security-cloud , provisioning , iqservice	13	3330	February 28, 2024
Ad user creation issue ISC Discussion and Questions identity-security-cloud , provisioning	9	476	June 4, 2024
Active Directory Provisioning issue IIQ Discussion and Questions identityiq , provisioning	6	657	June 15, 2024

Error while Joiner Event

Related topics