Error: "Failed Sync Action Exception Info: CREATE - No user found for the specified identifier". While syncing Directory with VIDM
search cancel

Error: "Failed Sync Action Exception Info: CREATE - No user found for the specified identifier". While syncing Directory with VIDM

book

Article ID: 386694

calendar_today

Updated On:

Products

VMware Aria Suite

Issue/Introduction

  • Failed to sync Active Directory users with VIDM. 
  • Navigate to Identity and Access Management>>Directory>Select the Directory>>Click Sync Now>Error: "Failed Sync Action Exception Info: CREATE - No user found for the specified identifier". 

Environment

  • VMware Identity Manager 3.3.X

Cause

  • The issue is caused when there is incorrect mapping of VIDM Directory Attributes and Active Directory Attributes. 
  • Select the attributes that are required and add other attributes to sync to the directory.
  • The added attribute name you enter is case-sensitive. For example, address, Address, and ADDRESS are different attributes.
  • Reference: Managing User Attributes that Sync from Active Directory

Resolution

To resolve the issue, Map VMware Identity Manager Directory Attributes to the respective Active Directory Attribute by following these steps:

    1. Logon to VIDM Administrator Console. 
    2. Navigate to Identity & Access Management tab>>Setup>>User Attributes. 
    3. VIDM Directory Attributes and Active Directory Attributes to be Mapped as below: 
    4. Default Active Directory Attributes to Sync to Directory:
       
      VMware Identity Manager Directory Attribute Name
      Default Mapping to Active Directory Attribute
      userPrincipalName
      userPrincipalName
      distinguishedName
      distinguishedName
      employeeId
      employeeID
      domain
      canonicalName. Adds the fully qualified domain name of object.
      disabled (external user disabled)
      userAccountControl. Flagged with UF_Account_Disable
      When an account is disabled, users cannot log in to access their applications and resources. The resources that users were entitled to are not removed from the account so that when the flag is removed from the account users can log in and access their entitled resources
      phone
      telephoneNumber
      lastName
      sn
      firstName
      givenName
      email
      mail
      userName
      sAMAccountName.

            After these changes, the issue should be resolved, and the Directory Users should sync with VMware Identity Manager.

  •