Is it possible to catch exactly the error when trying to create an account in Active Directory via Transform?

Is it possible to catch exactly the error when trying to create an account in Active Directory via Transform?

If I use (“ignoreErrors”: “true”) I will be able to identify that an error occurred, but I would like to identify what the error is so that I can set a life cycle status exactly according to the error presented.

Thanks.

Hi @thiagogosantanasi ,

I am unaware if provisioning failures can be caught via transforms.

Here is a thought on your use case, you can create a workflow to catch provisioning failures and update the lifecycle states accordingly:

Step1: Provisioning Completed trigger with filter:

$.errors != null && $.accountRequests[?(@.accountOperation == "Create" && NOT (@.provisioningResult == "SUCCESS" || @.provisioningResult == "committed) && @.source.name == "TARGET AD SOURCE NAME")]

Step 2: Define Variable step to read the exact error

Step 3: A series of compare String operators to compare the error and decide on the desired lifecycle state

Step4:: Use this API - update-lifecycle-states | SailPoint Developer Community to update the lifecycle state of the user

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.