Correlate Global User to AD account using etautil command
search cancel

Correlate Global User to AD account using etautil command

book

Article ID: 129006

calendar_today

Updated On:

Products

CA Identity Manager CA Identity Governance CA Identity Portal

Issue/Introduction

I run the following command for correlate the active directory object with the global user but I am getting the following error

  ETA_E_0030<MGU>, Inclusion between Object '<AD Account Name>' and Global User '<Global User Name>' creation failed: Entry '<AD Account Name>' does not exist in the provisioning directory



How to correlate Global User and AD account using etautil command?

Environment

CA Identity Manager 14.x

Resolution

Run etautil command like below

etautil -u <Admin User> -p <Admin User Password> add 'eTGlobalUserContainerName=Global Users,eTNamespaceName=CommonObjects' eTGlobalUser eTGlobalUserName='<Global User Name>' in 'eTADSContainerName=<Container Name>,eTADSDirectoryName=<Endpoint Name>,eTNamespaceName=ActiveDirectory' eTADSAccount eTADSAccountName='<ADS Account Name>' relationship=USERACCOUNT;
 
For example

etautil -u etaadmin -p Password01 add 'eTGlobalUserContainerName=Global Users,eTNamespaceName=CommonObjects' eTGlobalUser eTGlobalUserName=testuser100 in 'eTADSContainerName=Users,eTADSDirectoryName=ADEndpoint,eTNamespaceName=ActiveDirectory'
 eTADSAccount eTADSAccountName=testuser100 relationship=USERACCOUNT;

:ETA_S_0029<MGU>, Inclusion between Active Dir. Account 'testuser100' and Global User 'testuser100' created successfully
:ETA_I_1336, ETAUTIL command completed  Wed Mar 06 18:33:49 2024
 

Powered by Wolken Software