IQService Refuse to set Password

Alyson_Trad · January 5, 2024, 3:53pm

Which IIQ version are you inquiring about?

Version 8.2

Share all details related to your problem, including any error messages you may have received.

We have seen some instances where we get the below error in the logs during the AD aggregation. This pertains to creating the AD account for the identity. This doesn’t happen every time, but I’m wondering why this error is seen and what a resolution to this is?

Error:
Exception occurred while executing the RPCRequest: Errors returned from IQService. "Error occurred while setting password for the account. Exception has been thrown by the target of an invocation.The server is unwilling to process the request. (Exception from HRESULT: 0x80072035)0000052D: SvcErr: DSID-031A124C, problem 5003 (WILL_NOT_PERFORM), data 0 ", "Error occurred while setting password for the account. Exception has been thrown by the target of an invocation.The server is unwilling to process the request.

This prevents the creation of the AD account and we have to manuallt create it. Has anyone seen something similar to this?

HemantSingh · January 5, 2024, 4:09pm

There may be couple of reason why its not setting the password

An attempt to violate a password policy, such as history, password length, blank password, etc.
account may already locked
you may need to check with Active Directory team to see if windows events or some log for actual reason of failure.

kjakubiak · January 5, 2024, 5:31pm

Usualy AD returns this exception when password which Sailpoint tried to set does not met the AD minimum password complexity policy.

Try to set more complex password and check if the error is still there.

drosenbauer · January 5, 2024, 5:37pm

The error message actually provides useful information. Specifically, this part:

0000052D: SvcErr: DSID-031A124C, problem 5003

The error code is 52D, which is a hexadecimal number corresponding to decimal 1325. Microsoft publishes a difficult-to-Google list of error codes here.

ERROR_PASSWORD_RESTRICTION
1325 (0x52D)
Unable to update the password. The value provided for the new password does not meet the length, complexity, or history requirements of the domain.

system · March 5, 2024, 5:37pm

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
IQService is throwing an error IIQ Discussion and Questions identityiq , provisioning	11	53	November 13, 2024
AD connection issue IIQ Discussion and Questions aggregation , identityiq	29	124	November 10, 2024
Error Enabling Account in Active Directory: "The server is unwilling to process the request" (0000052D) IIQ Discussion and Questions identityiq , provisioning , iqservice	3	67	November 9, 2024
AD creation issue ISC Discussion and Questions identity-security-cloud	3	264	June 4, 2024
Random Password generation ISC Discussion and Questions webservice-connector , identity-security-cloud , provisioning	2	377	May 26, 2024

IQService Refuse to set Password

Which IIQ version are you inquiring about?

Share all details related to your problem, including any error messages you may have received.

Related topics