Facing issues while provisioning

Apoorv0802 · August 26, 2024, 12:53pm

Hey guys,

While provisioning into target ADLDS(using ADAM CONNECTOR) i can provision the accounts by help of the default attributes (attributes provided in create account section) but when i tried to add the custom attributes as per the requirement and tried to rpovision i am getting an error. i am attaching screenshto of it. pls help me how can i provision with all the custom attributres . thanks

varshini303 · August 26, 2024, 5:07pm

Hi @Apoorv0802,

Can you share the provisioning policy for your custom attributes? Is adding any custom attribute to the policy causing the error or just one custom attribute that is problematic?

Apoorv0802 · August 26, 2024, 5:22pm

Hey Varshini,

I am able to crate the account with the default attr (sn,dn,givenname) but whenevr i enable any custom attribute the account dont get created and i get error (Provisioning
sailpoint.connector.ConnectorException: [LDAP: error code 65 - 0000207D: UpdErr: DSID-03151D3B, problem 6002 (OBJ_CLASS_VIOLATION), data -1770594129 ],sailpoint.connector.ConnectorException: [LDAP: error code 65 - 0000207D: UpdErr: DSID-03151D3B, problem 6002 (OBJ_CLASS_VIOLATION), data -1770594129 ]
SHOW LESS) whwen i tried provisoing woth custom atribute.

varshini303 · August 26, 2024, 5:45pm

You might need to check which certain custom attributes are allowed for each object class (like userProxyFull, top, person…) What are the values of objectClass attribute that you have indicated in your create account policy?

Thanks!

ts_fpatterson · August 26, 2024, 5:51pm

Try only allowing one extra attribute at a time, beside the defaults, to help identify which attribute(s) is causing the problem. Once identified it may be a matter of reviewing the schema for the attribute.

Apoorv0802 · August 26, 2024, 5:58pm

Hey SO THIS IS MY objectClass

top

person

organizationalPerson

user

Apoorv0802 · August 26, 2024, 6:06pm

is it correct way of putting objectclass?? because this is the object class i found from the target system

varshini303 · August 27, 2024, 7:27am

I assume that the objectClass in your policy looks something like this:

{
  "attributes": {
    "cloudDelimiter": ";"
  },
  "isRequired": false,
  "isMultiValued": true,
  "name": "objectClass",
  "transform": {
    "attributes": {
      "value": "top;biibRequests;biibResources;person;biibPerson"
    },
    "type": "static"
  },
  "type": "string"
}

Like @ts_fpatterson said, troubleshoot by adding custom attribute one by one to the policy with different combinations of objectclass to find which attribute(s) are allowed and not allowed for each object class in your target system.

Thanks!

Apoorv0802 · August 27, 2024, 9:28am

it is like this

“attributes”: {
“value”: “{"top", "person", "biibPerson", "biibResources", "biibRequests"}”

Apoorv0802 · August 27, 2024, 9:29am

in create account i defined it like this

Apoorv0802 · August 28, 2024, 7:58am

can u pls rply on query

Topic		Replies	Views
Getting error while provisioning into ADLDS ISC Discussion and Questions identity-security-cloud	5	40	August 22, 2024
SAP Direct connector - provisioning policy attributes not populated ISC Discussion and Questions identity-security-cloud , provisioning	3	78	July 19, 2024
Looking for alternative to Attribute Sync - Need just provisioning ISC Discussion and Questions identity-security-cloud	6	453	May 15, 2024
Provisioning Policy - Create Account ISC Discussion and Questions identity-security-cloud , provisioning	2	54	August 28, 2024
AD source default OU? ISC Discussion and Questions identity-security-cloud , provisioning , connectors	6	65	August 16, 2024

Facing issues while provisioning

Related Topics