Password reset made in IDM not syncing with AD
search cancel

Password reset made in IDM not syncing with AD


Article ID: 143168


Updated On:


CA Identity Manager CA Identity Governance CA Identity Portal CA Identity Suite


Account modifications made in IDM (Password resets, phone number, location etc) are not synced to Active Directory. When submitting the task the status shows as failed. Drilling down further into the task the event name that specifically fails is "Synchronize user attributes with accounts".  Here is the sample of error message
LDAP:error code 70 Global user 'xxxxx' updated successfully. Associated accounts update failed (accounts update:0, unchanged:0, failures: 1) 


Release : 14.3

Component : IdentityMinder(Identity Manager)


This is due to insufficient privilege for the credential that was used to connect to AD 


Configure AD credential with proper permission and then restart Provisioning and Connector server