IIQ 8.3
When I am going to create an account in Active Directory application then it throwing an error as mention on the screenshot
Hi @Shalaka_Gawande,
Ensure that all required fields for user creation in Active Directory are specified in your Create provisioning policy.
Enable the IQService logs for more details.
Hi @Shalaka_Gawande I suspect you are trying to enable an account without setting the password first.
Hi @Shalaka_Gawande,
The password set on the account might be an issue. If the password does not meet the configured policy, Active Directory will reject the request.
Please check the password policy with your AD team. and update the password artifact according for enabling account.
This is the most probable cause. However there are other problems that can cause the issue. @Shalaka_Gawande please check the log on the IQService host. There should be more details. Either spelled out or with an error code you can resolve to find the actual issue. Could be password, missing attributes, duplicated naming attributes etc.
Please check Access request and what values you are sending to provisioning engine are correct.
Hi @Vinodcsod and @Shalaka_Gawande - The OP states that the issue is caused when enabling the account, not when setting the password, so lack of password is still the likely cause of that log entry. However, the password may have been rejected in a previous call (as you say, for policy violation), but we don’t have a log entry for that.
Hi @Felix_Witt AD doesn’t normally give any details about password issues as that would assist an attacker - hence the “unwilling to perform” message.
Yes it doesn’t give any more details, other that the password doesn’t match the complexity requirements. But unwilling to perform is also thrown if an attribute is missing or you’re trying to set a non unique value to a unique field. Therefor the answer is in the IQService log,
Right @j_place I have tried with the password & its working.
Thank You !
Good news. If you could mark my earlier post as the solution that will help others in the future.
Hello @Shalaka_Gawande! Please check your password policy, as this error usually arises when the password fails to meet the necessary criteria.
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.
