Hi everyone,
I’m encountering an issue related to the provisioning process in SailPoint, and I’m hoping for some insights from the community.
Context:
- I was working on a workflow that provisions accounts to a target application.
- In the workflow, I mistakenly set the
nativeidentity
attribute (username) in lowercase (tabsolut_uat1), whereas it should have been in uppercase (TABSOLUT_UAT1).
acctReqAbsolut.setNativeIdentity(sAMAccountName);
<ProvisioningPlan nativeIdentity="testwfabsolut" targetIntegration="Absolut" trackingId="e0af444c0be44c97823f72d5713f8d1e">
<AccountRequest application="Absolut" nativeIdentity="tabsolut_uat1" op="Create">
<AttributeRequest name="username" op="Set" value="TABSOLUT_UAT1"/>
<AttributeRequest name="firstname" op="Set" value="TESTWF"/>
<AttributeRequest name="lastname" op="Set" value="ABSOLUT"/>
<AttributeRequest name="startDate" op="Set" value="2024-08-20"/>
<AttributeRequest name="level" op="Set" value="95"/>
</AccountRequest>
<Attributes>
<Map>
<entry key="identityRequestId" value="0000000446"/>
<entry key="requester" value="spadmin"/>
<entry key="source" value="LCM"/>
</Map>
</Attributes>
</ProvisioningPlan>
What Happened:
Provisioning Error:
- The workflow executed a provisioning step using the lowercase username. Although the account was successfully created in the target application, SailPoint threw a 404 error (
"Username not found."
), likely due to the mismatch in the username’s case.
2024-08-19T22:10:36,845 WARN Workflow Event Thread 1 connector.webservices.v2.RequestOrchestratorV2:667 - After operation rule returned invalid information for endpoint: Register new user
2024-08-19T22:10:36,960 ERROR Workflow Event Thread 1 connector.webservices.v2.WebServiceFacadeV2:735 - Identity tabsolut_uat1 options : null objectType : account Exception occurred : {"error":{"statusCode":404,"name":"NotFoundError","message":"Username not found."}}
connector.sdk.webservices.exception.WebServicesSdkException: {"error":{"statusCode":404,"name":"NotFoundError","message":"Username not found."}}
2.This suggests that SailPoint might have tried to retrieve or validate the account using the incorrect (lowercase) username, leading to the error.
Post-Provisioning Steps
-
I ran an aggregation task afterward, and it correctly linked the newly created account in the target application to the corresponding identity in SailPoint.
-
However, when I proceeded to run a refresh identity task (intended to sync attributes between SailPoint and the target application), I encountered a new error: An internal error occurred while processing the request.
2024-08-19T22:50:21,363 ERROR RefreshWorker 4 connector.webservices.v2.WebServiceFacadeV2:1587 - Error performing update operation: {"errors":[{"tag":"-","error":"IDENT_INTERNAL_ERROR","message":"An internal error occured while processing the request."}]}
2024-08-19T22:50:21,378 ERROR RefreshWorker 4 connector.webservices.v2.WebServiceFacadeV2:538 - Exception occurred in handling object request for ''TABSOLUT_UAT1'' for operation ''Modify''
sailpoint.connector.ConnectorException: {"errors":[{"tag":"-","error":"IDENT_INTERNAL_ERROR","message":"An internal error occured while processing the request."}]}
what i don’t understand:
- Despite the account being successfully created and linked during the aggregation task, the refresh identity task failed with an internal error.
- I suspect that the case mismatch during the initial provisioning might have caused some inconsistencies or issues in the identity linkage, but I’m not sure how this could result in an internal error during the attribute synchronization process.