Skip to Content
avatar image
Former Member

trying to assign User to ADS-Group

Hi,

i'm trying to assign a User to an ADS group using the script "sap_getGroupDN".

Unfortunately the mskey given to that method is the mskey from the user and not from the group.

Any suggestions or ideas?

How managed you that case?

Kind regards,

Achim Heinekamp

CONET Solutions GmbH

Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

3 Answers

  • Best Answer
    avatar image
    Former Member
    Sep 08, 2008 at 05:17 AM

    Hello,

    Instead of Using a script you can use a ToLDAP Pass with the following config :

    dn %GROUPDN%

    . Objectclass group

    changetype modify

    + member %USER_DN%

    You can link the task to the workflow. I presume you know the GROUPDN value which comes from the Idstore if not you can create it by adding a script infront of dn

    The thing is the group should exist before you add a user as a member. You can run the task for different group names.

    Hope this helps while you fix your script.

    Regards,

    Dev

    Add comment
    10|10000 characters needed characters exceeded

  • avatar image
    Former Member
    Sep 02, 2008 at 02:27 PM

    Achim,

    So you're saying that the script is returning the MSKEY of the user and not the group?

    Trying working in the fuction: uIS_sGetValue to get the MSKEY of the proper group and then you can write it in using uIS_sSetValue

    Add comment
    10|10000 characters needed characters exceeded

  • avatar image
    Former Member
    Jul 22, 2009 at 01:05 AM

    Hi folks,

    it seems I'm having a very similar problem to Achim, although the sympton is a little different. When I run the task to assign a role (1 AS ABAP, 1 AS Java and 1 AD OU) on the task AssignUserToADSGroupI get an error message that reads:

    PrivDN: !ERROR:No such attribute

    I've assigned the privelege to the role, and it seems to recognize that and create the user, however...the groups don't get assigned.

    The full output s below:

    <?xml version="1.0" encoding="UTF-8"?>

    http://www.maxware.com/EMS">

    <mx:GENERAL>

    <mx:DATE>21.07.2009 20:57:41</mx:DATE>

    <mx:VERSION>DSE.JAR version: 7.10.02.0 Built: 01.07.2009 15:49:23 (c) Copyright 2008 SAP AG. All rights reserved.</mx:VERSION>

    <mx:MACHINE>clklabvm3-disp01</mx:MACHINE>

    <mx:JOBID>045EB0C2-E35B-4AD7-8D0A-84B51594EAAF</mx:JOBID>

    <mx:WORKAREA>C:/Program Files (x86)/SAP/IdM/Identity Center/Jobs/045EB0C2-E35B-4AD7-8D0A-84B51594EAAF</mx:WORKAREA>

    <mx:JOB>jdbc:sqlserver://clklabvm3\idm:1988;responseBuffering=full;encrypt=false;databaseName=mxmc_db;selectMethod=direct;trustServerCertificate=false;lastUpdateCount=true; - MACHINE:clklabvm3-disp01</mx:JOB>

    <mx:PRODUCT>Provisioning</mx:PRODUCT>

    <mx:CUSTOMER>SAP customer : f9c1c5cd66189d133765ac44ea6c127a</mx:CUSTOMER>

    <mx:TIMEUSED>5</mx:TIMEUSED>

    <mx:NERRORS>0</mx:NERRORS>

    <mx:NWARNINGS>3</mx:NWARNINGS>

    <mx:NENTRIES adds="3" mods="0" dels="0" noops="0" markdels="0">3</mx:NENTRIES>

    </mx:GENERAL>

    <mx:PASSES>

    <mx:PASS name="Job Initialization" title="Messages that occurred before the job was loaded" type="init" seq="0">

    <mx:MESSAGES>

    <WARNING seq="1">

    <mx:TEXT>Failed loading JDBC Driver class com.microsoft.jdbc.sqlserver.SQLServerDriver</mx:TEXT>

    <mx:TEXT>java.lang.ClassNotFoundException: com.microsoft.jdbc.sqlserver.SQLServerDriver</mx:TEXT>

    </WARNING>

    <WARNING seq="2">

    <mx:TEXT>Failed loading JDBC Driver class com.sap.dbtech.jdbc.DriverSapDB</mx:TEXT>

    <mx:TEXT>java.lang.ClassNotFoundException: com.sap.dbtech.jdbc.DriverSapDB</mx:TEXT>

    </WARNING>

    <WARNING seq="3">

    <mx:TEXT>Failed loading JDBC Driver class org.gjt.mm.mysql.Driver</mx:TEXT>

    <mx:TEXT>java.lang.ClassNotFoundException: org.gjt.mm.mysql.Driver</mx:TEXT>

    </WARNING>

    <WARNING seq="4">

    <mx:TEXT>Failed loading JDBC Driver class oracle.jdbc.driver.OracleDriver</mx:TEXT>

    <mx:TEXT>java.lang.ClassNotFoundException: oracle.jdbc.driver.OracleDriver</mx:TEXT>

    </WARNING>

    <WARNING seq="5">

    <mx:TEXT>Failed loading JDBC Driver class COM.ibm.db2.jdbc.app.DB2Driver</mx:TEXT>

    <mx:TEXT>java.lang.ClassNotFoundException: COM.ibm.db2.jdbc.app.DB2Driver</mx:TEXT>

    </WARNING>

    <WARNING seq="6">

    <mx:TEXT>Failed loading JDBC Driver class COM.ibm.db2.jcc.DB2Driver</mx:TEXT>

    <mx:TEXT>java.lang.ClassNotFoundException: COM.ibm.db2.jcc.DB2Driver</mx:TEXT>

    </WARNING>

    <WARNING seq="7">

    <mx:TEXT>Failed loading JDBC Driver class COM.ibm.db2.jdbc.net.DB2Driver</mx:TEXT>

    <mx:TEXT>java.lang.ClassNotFoundException: COM.ibm.db2.jdbc.net.DB2Driver</mx:TEXT>

    </WARNING>

    </mx:MESSAGES>

    </mx:PASS>

    <mx:PASS name="6D5485D1-2CF6-4E5B-9972-7141CB9051EA" title="AssignUserToADSGroup" type="ToLDIF" seq="1">

    <mx:MESSAGES>

    <mx:WARNING seq="1">

    <mx:TEXT>PrivDN: !ERROR:No such attribute</mx:TEXT>

    <mx:ENTRY/>

    </mx:WARNING>

    <mx:WARNING seq="2">

    <mx:TEXT>PrivDN: !ERROR:No such attribute</mx:TEXT>

    <mx:ENTRY/>

    </mx:WARNING>

    <mx:WARNING seq="3">

    <mx:TEXT>PrivDN: !ERROR:No such attribute</mx:TEXT>

    <mx:ENTRY/>

    </mx:WARNING>

    </mx:MESSAGES>

    <mx:DELTA>0</mx:DELTA>

    <mx:TIMEUSED>2</mx:TIMEUSED>

    <mx:NENTRIES adds="3" mods="0" dels="0" noops="0" markdels="0">3</mx:NENTRIES>

    <mx:NERRORS>0</mx:NERRORS>

    <mx:NWARNINGS>3</mx:NWARNINGS>

    </mx:PASS>

    </mx:PASSES>

    </mx:EMSLOG>

    Add comment
    10|10000 characters needed characters exceeded