Failed to create an account on Unix v2 endpoint with "code 64 (NAMING_VIOLATION)"
search cancel

Failed to create an account on Unix v2 endpoint with "code 64 (NAMING_VIOLATION)"

book

Article ID: 199445

calendar_today

Updated On:

Products

CA Identity Manager CA Identity Suite

Issue/Introduction

Failed to create an account on Unix v2 endpoint when assigning a provisioning role to an existing user.

 

Error message in the failed task:

Global User 'testuser01' provisioning role memberships added successfully. Associated accounts creation or update failed: (accounts created: 0, updated: 0, re-created: 0, failures: 1)

 

Error in the Provisioning Server log:

20200915:061259:TID=001a0c:Add       :S823:C820:F: FAILURE: Connector Server Add (eTDYNAccountName=testuser01)
20200915:061259:TID=001a0c:Add       :S823:C820:F:     rc:  0x0040 (Naming violation)
20200915:061259:TID=001a0c:Add       :S823:C820:F:     msg: Connector Server Add failed: code 64 (NAMING_VIOLATION): failed to add e
20200915:061259:TID=001a0c:Add       :S823:C820:F:+ntry eTDYNAccountName=testuser01,eTDYNDirectoryName=Endpoint_Name,eTNamespa
20200915:061259:TID=001a0c:Add       :S823:C820:F:+ceName=UNIX v2,dc=im,dc=etasa: JCS@CS_Server_Name: missing 'eTDYNAccountContainerN
20200915:061259:TID=001a0c:Add       :S823:C820:F:+ame=Accounts' in DN referencing CLASS: ['eTDYNAccount' => account], NAMING_ATTR: 
20200915:061259:TID=001a0c:Add       :S823:C820:F:+['eTDYNAccountName' => name] (ldaps://IAM_CS:20411)

 

Environment

Release : 14.x

Component : IdentityMinder(Identity Manager)

Cause

Possible causes are as follows:

  1. "Explore And Correlate" is not executed against the endpoint
  2. “Accounts” is missing in the Account Container settings in the account template

Resolution

Steps to confirm:

  1. Log in to Provisioning Manager as an admin user (e.g. etaadmin)
  2. Click the [Roles] button at the top of the screen
  3. Select "UNIX v2 [DYN Account Template]" from the drop-down list next to "Object type" at the top right of the screen, and click [Search] at the bottom right.
  4. Right-click <Account Template Name> displayed in the left pane of the screen and select [Properties].
  5. Click the "Account Container" tab in the displayed “Account Template”, and confirm that "Accounts" is in "Assigned" at the top right of the screen.
  6. If “Accounts” does not exist, select [Common] in “Available List Search” at the bottom of the same screen, and then click the [Search] button.
  7. When "Accounts [Common]" is displayed in "Available" at the top left of the screen, click the display.
  8. After that, click ">" between "Available" and "Assigned", confirm that "Accounts [Common]" has moved to "Assigned", and click [OK] at the bottom of the screen.
Powered by Wolken Software