Error while reading back account: null

Which IIQ version are you inquiring about?

8.3p1

Please share any other relevant files that may be required (for example, logs).

2024-12-04T10:16:47,475 ERROR Thread-5017 services.standard.connector.LogiPlexConnector:872 - Error while reading back account: null
2024-12-04T10:16:47,837 WARN Thread-5017 engine.jdbc.spi.SqlExceptionHelper:137 - SQL Error: 515, SQLState: 23000
2024-12-04T10:16:47,837 ERROR Thread-5017 engine.jdbc.spi.SqlExceptionHelper:142 - Cannot insert the value NULL into column ‘native_identity’, table ‘identityiq_81p1.identityiq.spt_link’; column does not allow nulls. INSERT fails.
2024-12-04T10:16:47,837 ERROR Thread-5017 sailpoint.provisioning.PlanEvaluator:1748 - org.hibernate.exception.ConstraintViolationException: could not execute statement
sailpoint.tools.GeneralException: org.hibernate.exception.ConstraintViolationException: could not execute statement

Share all details about your problem, including any error messages you may have received.

When running joiner via Rapid Setup, I get this error during Active Directory using Logiplex. The account is created and upon next aggregation, correlates.

Front end I get An unexpected error occurred: Row was updated or deleted by another transaction (or unsaved-value mapping was incorrect) : [sailpoint.object.Link#] on the task

Hi @thasheider1,

can you share the response plan? you can use plan.toXml() in the after prov. rule

<ProvisioningPlan nativeIdentity="52735" targetIntegration="Active Directory" trackingId="a1802e48466e445ea475dbf5cb93fb24">
  <AccountRequest application="Active Directory" op="Create">
    <Attributes>
      <Map>
        <entry key="flow" value="Lifecycle"/>
        <entry key="interface" value="LCM"/>
        <entry key="logiplexTrackingId" value="7c6d07d4-6fc1-479d-9f4a-58e7d8d44b06"/>
        <entry key="operation" value="Create"/>
      </Map>
    </Attributes>
    <AttributeRequest name="ObjectType" op="Add" value="user"/>
    <AttributeRequest name="distinguishedName" op="Set" value="DN here "/>
    <AttributeRequest name="displayName" op="Set" value="Test, Name"/>
    <AttributeRequest name="password" op="Set" value="0H4NixSQZf@,"/>
    <AttributeRequest name="primaryGroupID" op="Add" value="513"/>
    <AttributeRequest name="IIQDisabled" op="Set">
      <Value>
        <Boolean>true</Boolean>
      </Value>
    </AttributeRequest>
    <AttributeRequest name="employeeType" op="Set" value="Regular"/>
    <AttributeRequest name="givenName" op="Set" value="Name"/>
    <AttributeRequest name="sn" op="Set" value="Test"/>
    <AttributeRequest name="department" op="Set" value="Test Department"/>
    <AttributeRequest name="description" op="Set" value="Provision operation: Create on Wed Dec 04 12:05:03 CST 2024"/>
    <AttributeRequest name="l" op="Set" value="location"/>
    <AttributeRequest name="employeeNumber" op="Set" value="123456"/>
    <AttributeRequest name="homeDirectory" op="Set" value="directory here"/>
    <AttributeRequest name="st" op="Set" value="USA-IL"/>
    <AttributeRequest name="title" op="Set" value="Test Supervisor"/>
    <AttributeRequest name="preSAMAccountName" op="Set" value="NTest"/>
    <AttributeRequest name="emailSuffix" op="Set" value="test.com"/>
    <AttributeRequest name="pwdLastSet" op="Set">
      <Value>
        <Boolean>true</Boolean>
      </Value>
    </AttributeRequest>
    <AttributeRequest name="manager" op="Set" value="some manager dn"/>
    <AttributeRequest name="division" op="Set" value="Test"/>
    <ProvisioningResult status="committed">
      <Errors>
        <Message key="java.lang.NullPointerException" type="Error"/>
      </Errors>
      <Warnings>
        <Message key="Create operation is successful but post script execution failed : After script returned non zero exit code : 1 : " type="Warn"/>
      </Warnings>
    </ProvisioningResult>
  </AccountRequest>
  <Attributes>
    <Map>
      <entry key="identityRequestId" value="0000034342"/>
      <entry key="requester" value="spadmin"/>
      <entry key="source" value="RapidSetup"/>
    </Map>
  </Attributes>
  <Requesters>
    <Reference class="sailpoint.object.Identity" id="8a16821d63b642ad0163b643637b0105" name="spadmin"/>
  </Requesters>
  <ProvisioningResult>
    <Errors>
      <Message key="java.lang.NullPointerException" type="Error"/>
    </Errors>
    <Warnings>
      <Message key="Create operation is successful but post script execution failed : After script returned non zero exit code : 1 : " type="Warn"/>
    </Warnings>
  </ProvisioningResult>
</ProvisioningPlan>

I removed company info but it looks pretty standard to a create on AD. Nothing appears null, and all the values I’m expecting are there.

In a plan if an attribute is null, doesnt appears.

What is you Identity Attribute for account on this application?

It was GUID, as I was trying to make it something unique vs DN.

try with DN or samAccountName

That worked, is there a way to ensure this works with GUID? This way if an account moves or anything it’s unique and won’t have a cannot be found error.

@thasheider1

As per 8.3 release notes, the recommendation is to use distinguishedName for leveraging new features. You can go through below links and snap.

https://community.sailpoint.com/t5/IdentityIQ-Articles/What-s-New-in-IdentityIQ-8-3/ta-p/214235

https://community.sailpoint.com/t5/IdentityIQ-Blog/Active-Directory-ObjectGUID-move-rename-support-FAQ/ba-p/206646

1 Like