Create Active directory groups with SAP IDM

Former Member · ‎03-05-2018

Hi expert,

We are trying to create group in active directory with SAP IDM, these groups have some Exchange attribute as msexchrequireauthtosendto, it accept only a boolean value.

The problem is this attribute doesn't accept the value True/False sent by SAP IDM. We have try to modify directly in active directory with the appropriate value and it works. or when we send True/False, 1/0 from sap IDM the group creation failed. Alaso, we made some troubleshouting and it shows that all values sent from SAP IDM are not accepted on this attribute. We got the error code 21, attribute data conversion failed.

Does anyone got the same issue before, any workaround, or recommandation will be very appreciated.

Best regards,

former_member2987 · ‎03-07-2018

Hi Elmehdhi,

This should not be an issue for IDM. There would be two ways to consider this.

1. Look in AD via ADUC and maybe another tool such as Apache Directory Explorer or Softerra LDAP Browser. See what the raw data is that is being written to AD, while it might say True or False, there could be some other value as you noted.

2. The second possiblility is to read a template of the entry directly into IDM so that you can see this. You might find some information on this in the To/From LDAP pass documentation, but I'll try and write something up today.

Matt

former_member422641 · ‎04-04-2018

Just put big caps TRUE or FALSE to toLDAP pass.

Create Active directory groups with SAP IDM

Accepted Solutions (0)

Answers (2)

Answers (2)

Is it possible to capture the Logged on User and t...

Unable to connect to S4Cal via eclipse from local ...

Re: How does RAP obtain the values in the filter b...

Re: Parameter has no data type- error in service b...

Re: Setting Year parameter to Data Action based on...