An account cannot be created on Linux endpoint with "missing 'eTDYNAccountContainerName=Accounts' in DN" error
search cancel

An account cannot be created on Linux endpoint with "missing 'eTDYNAccountContainerName=Accounts' in DN" error

book

Article ID: 212705

calendar_today

Updated On:

Products

CA Identity Suite CA Identity Manager

Issue/Introduction

When trying to create an account on Linux by assigning a provisioning role to IM user, account creation fails.

The error reported in etatrans log is

20210406:101324:TID=adeb70:CreateAcct:C095:C093:F: FAILURE: Child CreateAcct (eTDYNDirectoryName=XXXXXXXXX)
20210406:101324:TID=adeb70:CreateAcct:C095:C093:F:     rc:  0x0040 (Naming violation)
20210406:101324:TID=adeb70:CreateAcct:C095:C093:F:     msg: :ETA_E_0016<AAC>, Account for Global User 'xxxxxx' on Endpoint 'XXXXXXXXX'
20210406:101324:TID=adeb70:CreateAcct:C095:C093:F:+ creation failed: :ETA_E_0004<AAC>, Account 'xxxxxx' on 'XXXXXXXXX'
20210406:101324:TID=adeb70:CreateAcct:C095:C093:F:+ creation failed: Connector Server Add failed: code 64 (NAMING_VIOLATION): fail
20210406:101324:TID=adeb70:CreateAcct:C095:C093:F:+ed to add entry eTDYNAccountName=xxxxxx,eTDYNDirectoryName=XXXXXXXXX,eTNam
20210406:101324:TID=adeb70:CreateAcct:C095:C093:F:+espaceName=UNIX v2,dc=im,dc=etasa: JCS@XXXXXXXXX: missing 'eTDYNAccountConta
20210406:101324:TID=adeb70:CreateAcct:C095:C093:F:+inerName=Accounts' in DN referencing CLASS: ['eTDYNAccount' => account], NAMING_A
20210406:101324:TID=adeb70:CreateAcct:C095:C093:F:+TTR: ['eTDYNAccountName' => name] (ldaps://XXX.XXX.XXX.XXX:20411)

 

Environment

Release : 14.x

Component : CA IDENTITY MANAGER, CA IDENTITY SUITE (VIRTUAL APPLIANCE)

Cause

A problem with account template: eTAccountContainer attribute is not populated with proper container RDN

Resolution

For some reason account template object does not have a proper value in eTAccountContainer attribute.

To fix the problem populate the attribute.

For instance, it can be done in IM Provisioning Manager:

  1. Open account template under question
  2. Select 'Account Container' tab
  3. Select '[Common]' in 'Available List Search' panel and push 'Search' button
  4. Select 'Accounts' in 'Available' panel and push '>' button
  5. Push 'OK' or 'Apply' button

 

 

Powered by Wolken Software