When trying to create an account on Linux by assigning a provisioning role to IM user, account creation fails.
The error reported in etatrans log is
20210406:101324:TID=adeb70:CreateAcct:C095:C093:F: FAILURE: Child CreateAcct (eTDYNDirectoryName=XXXXXXXXX)
20210406:101324:TID=adeb70:CreateAcct:C095:C093:F: rc: 0x0040 (Naming violation)
20210406:101324:TID=adeb70:CreateAcct:C095:C093:F: msg: :ETA_E_0016<AAC>, Account for Global User 'xxxxxx' on Endpoint 'XXXXXXXXX'
20210406:101324:TID=adeb70:CreateAcct:C095:C093:F:+ creation failed: :ETA_E_0004<AAC>, Account 'xxxxxx' on 'XXXXXXXXX'
20210406:101324:TID=adeb70:CreateAcct:C095:C093:F:+ creation failed: Connector Server Add failed: code 64 (NAMING_VIOLATION): fail
20210406:101324:TID=adeb70:CreateAcct:C095:C093:F:+ed to add entry eTDYNAccountName=xxxxxx,eTDYNDirectoryName=XXXXXXXXX,eTNam
20210406:101324:TID=adeb70:CreateAcct:C095:C093:F:+espaceName=UNIX v2,dc=im,dc=etasa: JCS@XXXXXXXXX: missing 'eTDYNAccountConta
20210406:101324:TID=adeb70:CreateAcct:C095:C093:F:+inerName=Accounts' in DN referencing CLASS: ['eTDYNAccount' => account], NAMING_A
20210406:101324:TID=adeb70:CreateAcct:C095:C093:F:+TTR: ['eTDYNAccountName' => name] (ldaps://XXX.XXX.XXX.XXX:20411)
Release : 14.x
Component : CA IDENTITY MANAGER, CA IDENTITY SUITE (VIRTUAL APPLIANCE)
A problem with account template: eTAccountContainer attribute is not populated with proper container RDN
For some reason account template object does not have a proper value in eTAccountContainer attribute.
To fix the problem populate the attribute.
For instance, it can be done in IM Provisioning Manager: