Getting error during AD creation

saikumar39 · June 21, 2023, 2:55pm

Hi Team,

I’m getting error during Creation of AD below is the error .

Please find below error for ref.

Error generating a unique value, the exception was: java.lang.Exception: Unable to contact connector to generate unique value and is not retry-able. Action:UniqueAccountIdValidator: Calling getObject for objectType ‘account’ using id ‘CN=testfn102, testln10249 (sbs999952),ou=users,ou=TCS,ou=hospitals,ou=sb-departments,dc=XXX,dc=’ and options ‘{cloudConfigOverrides={aggregateTimeout=30, disablePooling=true, timeout=30}}’ on source ‘ActiveDirectorySecondarySource [source]’. Exception: sailpoint.connector.ConnectorException: Failed to find connection settings for the dc=xxx,dc=

Thank you,
Saikumar

sharvari · June 21, 2023, 2:58pm

From Account activity in Search, verify the correct FQDN is being setup in the provisioning plan

the last dc= is missing value in 'CN=testfn102, testln10249 (sbs999952),ou=users,ou=TCS,ou=hospitals,ou=sb-departments,dc=XXX,dc=’

Please provide the correct distinguishedName in the Source Account Create Profile page and retry creation.

saikumar39 · June 22, 2023, 8:27am

Hi @shravari,

Thank you for reply .

Yes seems like this is DN length issue ,Can you le me know how to resolve this issue.

Thank you,
Saikumar

aditya_pathak · June 22, 2023, 8:48am

maximum length of dn is 255 characters which doesn’t seem the case here. Have you masked the values dc=XXX,dc= ? If not then your code/config/transform has issue.

saikumar39 · June 22, 2023, 9:19am

Hi Aditya,

We are able to provision 35 char length OU but below 60+char OU’s not able to provision

CCC/CKH/BHS-35
TCS-64
CTS-66
KSC-67

aditya_pathak · June 22, 2023, 9:27am

refer this Active Directory Maximum Limits Scalability Capacity | Microsoft Learn

you might need to talk to your ad team to understand the feasibility of increasing the length , else you need to tweak you create profile / provisioning policy to provision values within permitted length

rajeshs · June 22, 2023, 9:29am

Check with your AD Team

sharvari · June 22, 2023, 11:18am

In your AD Create Profile source code, verify that you have not specified any soft limit for distinguishedName attribute like

"cloudMaxSize": "100"

If yes, please modify it to meet your requirements.

saikumar39 · June 22, 2023, 11:38am

Thank you Sharvari …We are able to provision now after changing cloudMaxSize to 200

system · August 21, 2023, 11:38am

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Error with AD account ISC Discussion and Questions	12	5151	July 19, 2023
Getting error during create account for AD ISC Discussion and Questions transforms , identity-security-cloud , provisioning	10	112	April 22, 2024
Pipeline Error when creating account on Active Directory ISC Discussion and Questions identity-security-cloud , connectors	10	361	March 10, 2024
Error with Active Directory User creation IIQ Discussion and Questions identityiq , provisioning	6	681	October 27, 2023
Issues on Provisioning All Attributes to AD ISC Discussion and Questions identity-security-cloud , provisioning	7	802	November 20, 2023

Getting error during AD creation

Related Topics