AD account creation fails because of The object already exist issue.
Reason is user resides in that OU which is out of scope of Search DN.
Using AttributeGenerator rule to generate the username.
I am thinking to have an IDN source which pull all the accounts under DC.
The accounts can be uncorrelated and using accountExistsByDisplayName method can fetch the account, if it exists then increase the counter.
Can anyone please let me know if this can be achieved by other way as well?
Yes somehow you need a logic to generate a unqiue cn . this will work .
If it’s outside the search scope, I don’t think that method (accountExistsByDisplayName) will return true. My understanding is that this method is only checking the accounts that have aggregated into ISC.
I would try checking idn.isUniqueLDAPValue(String identityName(or id), String applicationName (or Id), String attributeName, String attributeValue)
ex:
String dn = <your generated dn>
String identityName = identity.getName();
String adName = <name of your AD instance>
if (idn.isUniqueLDAPValue(identityName, adName, "distinguishedName", dn)){
return dn;
} else {
//iterate dn value, and recheck for uniqueness.
}
@schattopadhy What do you do if firstName.lastName is longer than 20 characters?
How do you prevent the fail?
This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.
