Provisioning IN LDAP - Getting LDAP error code 65

Pucha_Rohan_12 · November 9, 2023, 1:59pm

Hi All,

I am able to do provision for LDAP with default attributes in Sailpoint IdentityNow (whatever attributes are there in the create account section when we setup a fresh LDAP connection). The account is created in LDAP, but when I try to add one extra attribute in the create account section in sailpoint identityNow, it is giving me LDAP error code 65.

NOTE: All these attributes I have also added to the account schema.

Can anyone give any suggestions on how to proceed further? If you have any questions about the problem, I can elaborate more on that.

Thank you in advance.

sunnyajmera · November 9, 2023, 8:12pm

Can you share what attribute you are adding and may be your plan or request?

Pucha_Rohan_12 · November 10, 2023, 11:14am

I have a few extra attributes other than the default attributes, which are listed in the create section. Example: employeeid is an attribute in LDAP, but it was not populated in the create section for the account. So when I try to add an employeeid in the Create section and do provisioning, it is giving LDAP error code 65. It is the same with all other attributes.

gauravsajwan1 · November 10, 2023, 2:07pm

Hi @Pucha_Rohan_12 , LDAP: error code 65 is Object Class Violation.
It looks like the extra attribute added to your account schema belongs to a different object class which you are not passing in the Create Profile of your source.
Can you check the object class of that attribute and try add it on the object class property in your Create Profile policy?

HTH

Pucha_Rohan_12 · November 13, 2023, 8:51am

Can you please guide me on how to add multiple object class values to the Create Provisioning Policy?

KarthikBBY · November 29, 2023, 3:39pm

Hi Rohan,

you can add as below

import java.util.List; import java.util.ArrayList;

          list = new ArrayList();

          list.add("bbyperson");
          list.add("inetOrgPerson");
          list.add("organizationalPerson");
          list.add("person");
          list.add("top");
          list.add("shadowAccount");
          list.add("posixAccount");

          return list;
        </Source>
      </Script>
    </Field>

system · January 28, 2024, 3:40pm

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
LDAP: error code 65 atribute not allowed ISC Discussion and Questions identity-security-cloud	3	189	April 7, 2024
Active Directory Create Account failing because of undefined required string attribute 'User' ISC Discussion and Questions identity-security-cloud , provisioning	15	510	April 26, 2024
OpenLDAP Connector - Entitlement Provisioning ISC Discussion and Questions identity-security-cloud , provisioning	4	510	June 16, 2023
Provisioning plan attributes ISC Discussion and Questions rules , provisioning	8	2606	July 19, 2023
OpenLDAP userPassword on user creation ISC Discussion and Questions	1	635	July 19, 2023

Provisioning IN LDAP - Getting LDAP error code 65

Related Topics