A provisioning attribute should be mapped

book

Article ID: 128930

calendar_today

Updated On:

Products

CA Identity Manager CA Identity Governance CA Identity Portal CA Risk Analytics CA Secure Cloud SaaS - Arcot A-OK (WebFort) CLOUDMINDER ADVANCED AUTHENTICATION CA Secure Cloud SaaS - Advanced Authentication CA Secure Cloud SaaS - Identity Management CA Secure Cloud SaaS - Single Sign On

Issue/Introduction

When I run Explore and Correlate with "Create users as needed" option the following error is shown in the Application Server log

ERROR [im.provisioning.translator] (default task-44) The attribute sn in the corporate directory is required. A provisioning attribute should be mapped to it to ensure proper inbound synchronization.
or
ERROR [im.provisioning.translator] (http-/0.0.0.0:8080-3) The attribute givenName in the corporate directory is required.  A provisioning attribute should be mapped to it to ensure proper inbound synchronization.

and I can see Inbound Notification/Synchronization is not happening, i.e. corporate users are not created.

Etanotify log shows

20190226:104048:TID=7acb40:I: Try sending payload to http://<IM Server>:8080/iam/im/ETACALLBACK/?env=<environment>

20190226:104048:TID=7acb40:A: ALERT: Payload rejected by IMS: Unable to submit create user due to missing required attribute. Missi

20190226:104048:TID=7acb40:A:+ng attribute: givenName

Cause

This issue can be caused by various reasons but normally this is due to "Update user fields" option was not selected in Explore and Correlate Definition. Without the "Update user fields" option selected, Provisioning Server won't update Global User attributes, thus newly created Global User will only have minimal attributes. And when Inbound Notification is created to create IM corporate user, it failed with above-mentioned error as notification payload doesn't contain sn or givenName value which is mandatory attribute.

Environment

Identity Suite 14.x

Resolution

Modify Explore and Correlate Definition and select "Update user fields" option.

<Please see attached file for image>

Update user fields
And run Explore and Correlate again.

Attachments

1558689152748000128930_sktwi1f5rjvs16ftm.png get_app
Powered by Wolken Software