Facing issues while provisioning

Apoorv0802 · August 26, 2024, 12:53pm

Hey guys,

While provisioning into target ADLDS(using ADAM CONNECTOR) i can provision the accounts by help of the default attributes (attributes provided in create account section) but when i tried to add the custom attributes as per the requirement and tried to rpovision i am getting an error. i am attaching screenshto of it. pls help me how can i provision with all the custom attributres . thanks

varshini303 · August 26, 2024, 5:07pm

Hi @Apoorv0802,

Can you share the provisioning policy for your custom attributes? Is adding any custom attribute to the policy causing the error or just one custom attribute that is problematic?

Apoorv0802 · August 26, 2024, 5:22pm

Hey Varshini,

I am able to crate the account with the default attr (sn,dn,givenname) but whenevr i enable any custom attribute the account dont get created and i get error (Provisioning
sailpoint.connector.ConnectorException: [LDAP: error code 65 - 0000207D: UpdErr: DSID-03151D3B, problem 6002 (OBJ_CLASS_VIOLATION), data -1770594129 ],sailpoint.connector.ConnectorException: [LDAP: error code 65 - 0000207D: UpdErr: DSID-03151D3B, problem 6002 (OBJ_CLASS_VIOLATION), data -1770594129 ]
SHOW LESS) whwen i tried provisoing woth custom atribute.

varshini303 · August 26, 2024, 5:45pm

You might need to check which certain custom attributes are allowed for each object class (like userProxyFull, top, person…) What are the values of objectClass attribute that you have indicated in your create account policy?

Thanks!

ts_fpatterson · August 26, 2024, 5:51pm

Try only allowing one extra attribute at a time, beside the defaults, to help identify which attribute(s) is causing the problem. Once identified it may be a matter of reviewing the schema for the attribute.

Apoorv0802 · August 26, 2024, 5:58pm

Hey SO THIS IS MY objectClass

top

person

organizationalPerson

user

Apoorv0802 · August 26, 2024, 6:06pm

is it correct way of putting objectclass?? because this is the object class i found from the target system

varshini303 · August 27, 2024, 7:27am

I assume that the objectClass in your policy looks something like this:

{
  "attributes": {
    "cloudDelimiter": ";"
  },
  "isRequired": false,
  "isMultiValued": true,
  "name": "objectClass",
  "transform": {
    "attributes": {
      "value": "top;biibRequests;biibResources;person;biibPerson"
    },
    "type": "static"
  },
  "type": "string"
}

Like @ts_fpatterson said, troubleshoot by adding custom attribute one by one to the policy with different combinations of objectclass to find which attribute(s) are allowed and not allowed for each object class in your target system.

Thanks!

Apoorv0802 · August 27, 2024, 9:28am

it is like this

“attributes”: {
“value”: “{"top", "person", "biibPerson", "biibResources", "biibRequests"}”

Apoorv0802 · August 27, 2024, 9:29am

in create account i defined it like this

Apoorv0802 · August 28, 2024, 7:58am

can u pls rply on query

system · October 27, 2024, 7:59am

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Looking for alternative to Attribute Sync - Need just provisioning ISC Discussion and Questions identity-security-cloud	6	478	May 15, 2024
How to add ISC Identity ID into account Provisioning Plan ISC Discussion and Questions identity-security-cloud , provisioning	5	37	October 9, 2024
Attribute sync issue ISC Discussion and Questions apis , identity-security-cloud , provisioning , roles	5	62	October 14, 2024
Active Directory Account Provisioning on Identity Cube Creation IIQ Discussion and Questions identityiq , provisioning	14	1136	January 15, 2024
targetAddress attribute is mapped to exch_externalEmailAddress in AD? ISC Discussion and Questions identity-security-cloud , provisioning , connectors	5	79	August 30, 2024

Facing issues while provisioning

Related topics