Skip to Content
0

Create Active directory groups with SAP IDM

Mar 05 at 04:24 PM

73

avatar image
Former Member

Hi expert,

We are trying to create group in active directory with SAP IDM, these groups have some Exchange attribute as msexchrequireauthtosendto, it accept only a boolean value.

The problem is this attribute doesn't accept the value True/False sent by SAP IDM. We have try to modify directly in active directory with the appropriate value and it works. or when we send True/False, 1/0 from sap IDM the group creation failed. Alaso, we made some troubleshouting and it shows that all values sent from SAP IDM are not accepted on this attribute. We got the error code 21, attribute data conversion failed.

Does anyone got the same issue before, any workaround, or recommandation will be very appreciated.

Best regards,

10 |10000 characters needed characters left characters exceeded
* Please Login or Register to Answer, Follow or Comment.

2 Answers

Matt Pollicove
Mar 07 at 02:09 PM
1

Hi Elmehdhi,

This should not be an issue for IDM. There would be two ways to consider this.

1. Look in AD via ADUC and maybe another tool such as Apache Directory Explorer or Softerra LDAP Browser. See what the raw data is that is being written to AD, while it might say True or False, there could be some other value as you noted.

2. The second possiblility is to read a template of the entry directly into IDM so that you can see this. You might find some information on this in the To/From LDAP pass documentation, but I'll try and write something up today.

Matt

Share
10 |10000 characters needed characters left characters exceeded
Harri Jäske Apr 04 at 03:19 PM
0

Just put big caps TRUE or FALSE to toLDAP pass.

Share
10 |10000 characters needed characters left characters exceeded