Active Directory/PHP

Similar Messages

• Active Directory integration problem, Bind AC and OD

  Hi.
  I'm trying to set an Open Directory as "connect to a Directory System" because I have a windows 2000 server with Active Directory. But i have a problem when i click on "open directory Access", Access Directory appear and I select Active Directory.
  xxx.yyy is the server with active directory, with its admin and its password. but i cant Bind it and an error always appear.
  can you help me?
  what's "active directory domain"?is it xxx.yyy?
  and what's "computer ID"?
  Are there others parameters to set for example in DNS or other?
  help help help

  What are you trying to achieve by doing this?
  Got to http://www.afp548.com/ and serach for AD-OD integration.
  http://www.afp548.com/article.php?story=20051202151540574

• Joining 10.8.5 with existing account to Active Directory domain

  Hi-
  I have a MacBook Pro that I am using as a test computer to figure out how to introduce the growing population of Mac's into our Active Directory environment in our small company. This comptuer is running OSX 10.8.5
  There is a test account in AD that I will be using to connect to the windows domain. I am able to get the Laptop binded to AD, and have no problem authenticating, and seeing all the network resources required.
  Here is the part that has me stumped:
  Is there any way to take my existing "local" account that was configured when I began using my MBP without Active Directory and continue to use it, but logon to the laptop using my Active Directory account?
  Perhaps copy all the settings and preferences from the local account ontop of the AD account on the laptop?
  I have been using this laptop as my personal machine for many months and have quite a few customizations made to my deskop preferences, icon layouts, etc. This will be same case with all of the users that will soon be authenticating on the domain. We need this for centralized management of network shares, password policies, and number of other security features.
  There is some limited information on the web, but nothing that I have tried really works, here's some of what i found and the difficulty that resulted.
  http://community.spiceworks.com/how_to/show/37886-convert-mac-local-user-into-ac tive-directory-network-user
  - The script mentioned in step 3 was not able to copy local account to the destination folder.
  http://robotcloud.screenstepslive.com/s/2459/m/5322/l/112415-convert-local-accou nts-to-network-mobile-accounts
  - The sudo mv /Users/USERNAME /Users/DIRUSERNAME command was not able to make the "DIRUSERNAME" directory, and did not have any effect if this directory already existed due to a prior logon.
  I'm just looking for some help making it so that my users can retain their desktop layouts that they are used to, but logon to the domain using AD credentials.
  Seems simple, but is pretty difficult to get done.
  Thanks in advance for any help....
  -Aaron

  This might help:
  http://www.afp548.com/article.php?story=20060517222656622&query=radius

• Automatically create users in SharePoint based on Active Directory OU

  Hi,
  This is one of our client's requirements.
  Is it possible to automatically create a user in SharePoint and assign him/her read privileges on the portal when ever a new user is created in Active Directory?
  To re-iterate the above question in a different way; when a new employee joins the organization, a user is created in the Active Directory OU. Is it possible to automatically create this user in SharePoint without any manual intervention?
  If yes, how? Is it a third party synchronization tool or does SharePoint has a sync feature / service?
  Thank you,
  Regards,
  Gagandeep Singh
  My CRM blog |
  My SharePoint blog

  Hi,
  user profile synchronization is responsible for that, once user are created in active directory you have syn service running on certain schedule and all users are grabbed the only left step is to either grant permission on SharePointor you have a generic
  access to grant to all authenticated users or certain active directory groups that the user is assigned to
  More about user profile :
  https://technet.microsoft.com/en-us/library/ee721049.aspx
  http://social.technet.microsoft.com/wiki/contents/articles/12545.sharepoint-2013-setting-up-user-profile-synchronization-12.aspx
  https://technet.microsoft.com/en-us/library/ff382639.aspx
  http://blog.sharedove.com/adisjugo/index.php/2012/07/23/setting-user-profile-synchronization-service-in-sharepoint-2013/
  Kind Regards,
  John Naguib
  Senior Consultant
  John Naguib Blog
  John Naguib Twitter
  Please remember to mark this as answered if it helped you

• SSO configuration in BOBJ 4 with Active Directory

  Hi Experts,
  Our client wants to implement the BOBJ on AIX 7.1 box with oracle 11G and wants to configure the Active Directory authentication for the BOBJ.
  BI 7.0 is already implemented on AIX. I have searched a lot to find the relevant document for the same but unable to do but I found the doc for BOBJ on windows with AD but not sure if the method is similar for the AIX box, Could you please help me to find out the required doc and explain me what should be our approach to configure the same
  Also , Is it possible that if we configure the AD authentication for SAP BI and then used the SAP authentication in BOBJ side with importing the SAP role and BOBJ transports in SAP. Will BOBJ work for the user created in BI ?
  Kindly suggest.
  Regards
  Saurabh mishra

  Thanks Tim,
  Actually I haven't worked on the AD and LDAP side so can you please elaborate your sentence and can you also assist me with the guide required for this configuration or any other example document. I read the article on below link -
  http://sboblog.infotrust.dk/index.php/2010/05/21/active-directory-sso-on-sap-businessobjects-xi-3-1/
  but I believe that this will not applicable for me as we have BOBJ box on AIX.
  Regards
  Saurabh Mishra

• Hide all except one object in Active Directory Users and Computers.

  Hello,
  I have a question.. I need to allow to one group of "administrators" creating users in one OU and adding computers to the domain, nothing else. I allowed them to log on DC using the GPO "Allow log on locally", because I don't want to give
  them administrator rights, I allowed them to do these operations on one OU through delegation wizard and now I need to make all OUs, groups etc. invisible to them except this OU. What is the best way how to achieve this? Thank you...
  d.

  I would disable the ability to allow them to login. I suggest to create a Computers OU that you can delegate to the "admins" to add computers, and don't use the default Computers container.
  I assume the admins are using Windows 7 or newer. You can customize an RSAT installation to just provide the ADAC.
  Description of Remote Server Administration Tools for Windows 7:
  http://support.microsoft.com/default.aspx/kb/958830
  Remote Server Administration Tools for Windows 7:
  http://technet.microsoft.com/en-us/library/ee449475(WS.10).aspx
  Remote Server Administration Tools for Windows 7
  http://www.microsoft.com/downloads/details.aspx?FamilyID=7D2F6AD7-656B-4313-A005-4E344E43997D&displaylang=en
  Customizing - Installing Remote Server Administration Tools (RSAT) for Windows 7
  http://www.petri.co.il/remote-server-administration-tools-for-windows-7.htm
  Or if you want to chop it down and control it further, create a custom ADUC with just that OU you've delegated. I've done this in the past and worked fine for my customer:
  Delegate an Organizational Unit (OU) in Active Directory Users and Computers (ADUC), then create a custom MMC or customized RSAT
  http://blogs.msmvps.com/acefekay/2014/09/04/delegate-an-organizational-unit-ou-in-active-directory-users-and-computers-aduc-then-create-a-custom-mmc-or-customized-rsat/
  Ace Fekay
  MVP, MCT, MCSE 2012, MCITP EA & MCTS Windows 2008/R2, Exchange 2013, 2010 EA & 2007, MCSE & MCSA 2003/2000, MCSA Messaging 2003
  Microsoft Certified Trainer
  Microsoft MVP - Directory Services
  Complete List of Technical Blogs: http://www.delawarecountycomputerconsulting.com/technicalblogs.php
  This posting is provided AS-IS with no warranties or guarantees and confers no rights.

• MS-Windows Active Directory

  Forms Version: Forms [32 Bit] Version 10.1.2.3.0 (Production)
  Is there a way to access MS Window's Active Directory in my version of forms?
  Thanks
  Added: my goal is to save to a database table the user listed on the active directory.
  Edited by: DM on Sep 6, 2010 3:08 PM

  Active Directory users are stored in an LDAP Directory; an easy way could be to use the dbms_ldap package:
  http://download.oracle.com/docs/cd/B10501_01/appdev.920/a96612/d_ldap2.htm#1019412
  e.g.:
  http://www.oracle-base.com/articles/9i/LDAPFromPLSQL9i.php
  cheers

• Third Party Load Balancing Active Directory

  We have serveral applications that target individual Active Directory domain controllers for authentication. If the domain controller goes down then that service stops working.
  I'm interested in using a Citrix Netscaler to load balance authentication requests.
  What I want to know is, "Does Microsoft support the use of an external load balancer", not from the perspective of third party device support obviously, rather functionally. Will AD work and be supported when using the Netscaler.
  IT Manager

  If you simply plan to use the Citrix NetScaler to load balance say, reading LDAP on port 389 as an example, you will be OK.  
  Rather than pointing the app to a single DC, why not create multiple DNS records with the same host name, different IPs and use Round Robin.  Not as sophistacted, but it isnt going to cost you tens of thousands of dolllars in load balancing.
  Visit: anITKB.com, an IT Knowledge Base.
  Have you actually tested and used this in a production environment? If I understand correctly, what you are suggesting is to take existing (hypothetical) domain controller DNS entries:
  A record: dc1.contosso.com, 10.1.1.10
  A record: dc2.contosso.com, 10.1.1.11
  And add the following entries to create quasi fault tolerance?
  A record: dc3.contosso.com, 10.1.1.10
  A record: dc3.contosso.com, 10.1.1.11 
  I honestly don't think it will work, because of a few things, such as DC registration occurs every 60 min, including the netlogon service overwriting whatever static entries created for the quasi load balancing, and possibly Kerberos auth failing due to a different
  IP authenticating from a different SPN. I know the hardware load balancers have options to preserve session cookies, which work fine for IIS implementations, such as Exchange HUB, and especially for CAS access, otherwise Outlook will not accept it if it sends
  an auth request on one IP and another backend responds, which the LB help preserve this, however with AD LDAP, RPC, etc, I *don't* think it will work, due to Kerberos failing it thinking it's a spoof. If you get it working, I would be very curious to see the
  documented implementation, settings, results, etc.
  Ace
  Ace Fekay
  MVP, MCT, MCITP Enterprise Administrator, MCTS Windows 2008 & Exchange 2007 & Exchange 2010, Exchange 2010 Enterprise Administrator, MCSE & MCSA 2003/2000, MCSA Messaging 2003
  Microsoft Certified Trainer
  Microsoft MVP - Directory Services
  Complete List of Technical Blogs: http://www.delawarecountycomputerconsulting.com/technicalblogs.php
  This posting is provided AS-IS with no warranties or guarantees and confers no rights.

• Printing to Active Directory Printer Share

  I followed the instructions provided at AFP548 (http://www.afp548.com/article.php?story=20070108171607985) for printing from OS X to a printer that is "published" in Active Directory.
  However, I am unable to actually add any printers using ksmb.
  Nowhere do I see an "Advanced" option in the Printer Setup Utility, and the available options when clicking "More Printers" in the Printer Browser window are: Windows Printing, Bluetooth, and AppleTalk. There is no option for "Windows Printer via SAMBA with Kerberos support" and no place to enter a "ksmb://servername/printershare" URI.
  I have tried this on OS X (10.4.8 and 10.4.9) and OS X Server (10.4.8 and 10.4.9), with the same results?
  What am I doing wrong?

  Hi applyd
  Don't take this the wrong way either...
  No problem.
  It's not difficult having to hold down one key one
  time. But holding down a key, clicking a button,
  dropping down a list, selecting an option, dropping
  down another list, selecting another option, and then
  finally getting to use the keyboard to specify what
  printer I want to use, even once, let alone having do
  to it over and over again for each printer, is, at
  the very least, incredibly unnecessary. And it would
  seem that Apple actually went "out of their way" to
  implement this, which means it's more "difficult" for
  everyone.
  I take your point and it is a good one to make.
  You may find this useful if you need to do this for a large user base. Set up your printers, make a copy of com.apple.prin.PrintCenter.plist from the Users/Home/Library/Preferences folder and push it out to all your users using ARD. This would mean you only have to set up your printers once.

• Active Directory on VMware

  I am having an argument with a co worker.  Can someone please settle this;
  Are Active Directory Domain Controllers
  OFFICIALLY supported on VMware???
  Yes???
  http://www.vmware.com/files/pdf/solutions/Virtualizing-Active-Directory-Do
  main-Services-on-VMware-vSphere.pdf
  No???
  http://support.microsoft.com/kb/888794
  http://support.microsoft.com/kb/897615
  http://support.microsoft.com/kb/957006
  BlankMonkey

  Thank you so much for the detailed reply, although this is not exactly what I was looking for. 
  Do we have links to the
  No, it is not supported on 2008
  Yes, it is supported on 2012
  I understand it will run, in fact we have 4 test domains running in VM.  I have even experienced the snapshot issue to my dismay.  I will read over closer the bullet points so I can address them.  But for this argument, I need an OFFICIaL
  position.  Links would be the evidence.
  BlankMonkey
  To answer your original question, below...
  >>>  "Are Active Directory Domain Controllers
  OFFICIALLY supported on VMware???"
  No. I agree with Hinte. You will NOT find anything from Microsoft
  stating that they support DCs or any other of their server products virtualized on any third party hypervisor. It's not their product to support. That's like on Windows 2008 R2, you download the Intel NIC drivers from Dell, a Microsoft untested driver, in
  order to team your NICs. Then something goes wrong with networking. You call Microsoft Support and ask to help, but they see that you have a third party driver you've downloaded and state they are not able to help you because you didn't use the built-in Intel
  drivers, albeit the drivers do not offer teaming.
  In Windows 2012 and newer, teaming is supported because they offer it with the built in drivers.
  In KB888794 that you posted, they do mention VMware as hypervisor, but there's nothing in the KB implying or explicitly saying they support it.
  But they will for their own hypervisor, and this is a pretty informative link:
  Running Domain Controllers in Hyper-V
  - Applies To: Windows Server 2008, Windows Server 2008 R2, Windows Virtualization.
  This topic will be updated in order to make the guidance applicable to Windows Server 2012.
  http://technet.microsoft.com/en-us/library/virtual_active_directory_domain_controller_virtualization_hyperv(WS.10).aspx
  Here are some links from VMware as far as their official position on DCs virtualization:
  Virtualizing existing domain controllers in VMware vCenter Converter (1006996)
  http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1006996
  Windows Server 2012 VM-Generation ID Support in vSphere
  http://blogs.vmware.com/apps/2013/01/windows-server-2012-vm-generation-id-support-in-vsphere.html
  I hope they help provide you official VMware documentation supporting virtualized DCs.
  If you want an official position from Microsoft about running virtualized DCs on VMware, a third party product, I highly doubt it.
  However, I highly suggest contacting your Microsoft TAM (Technical Accounts Manager), if you have an account, for their official support on it. You also have the option to contact Microsoft Support.
  I don't know the size of your organization, but if large enough, you can ask for a TAM to assist with products, purchases, discounts, and frontline support. If you don't have a TAM and would like to get started for your organization, here's the link to get
  you started:
  https://premier.microsoft.com/
  Ace Fekay
  MVP, MCT, MCSE 2012, MCITP EA & MCTS Windows 2008/R2, Exchange 2013, 2010 EA & 2007, MCSE & MCSA 2003/2000, MCSA Messaging 2003
  Microsoft Certified Trainer
  Microsoft MVP - Directory Services
  Complete List of Technical Blogs: http://www.delawarecountycomputerconsulting.com/technicalblogs.php
  This posting is provided AS-IS with no warranties or guarantees and confers no rights.

• EMacs cant log into active directory anymore

  Hello,
  I'm hoping you can give me some insight as to what is going on.
  We run an active directory network which is basically all PCs.
  We do however have two rooms with 12 eMacs in them each. Up until mid December they had been mostly fine but what we are exeriencing now is that they are having real difficulty logging into the active directory.
  If i click on the names of the machines eventually i will see one of three things:
  1. Green dot- network accounts available. These we can log into.
  2. Yellow dot - some network accounts available. These we cant log into.
  3. Red dot - no network accounts available. These we cant log into.
  My knowledge of Macs is about a 3 on a scale of 1 to 10.
  The DHCP server is server 2003
  The eMacs are running OS X 10.4.11
  I can log into them as local administrator and can browse the network and even get onto the internet when they are unable to log onto Active directory.
  What ive done so far...
  1. If i unbind and then rebind the mac using directory access they can log in for a while but then randomly they change so that we cant log into them anymore.
  2. gave each of the macs an ip reservation on the dhcp server so that they always pick up the same ip address.
  3. removed them from Active directory and re added them. even gave them different names.
  4. Changed out the switch they were plugged into.
  none of these has solved the issue so far so im hoping that someone might have seen something like this before...
  thank you.

  Hi halo511, and a warm welcome to the forums!
  My knowledge of Win/2003 is about 3 on a scale of 1 to 100!
  I wonder if these might help...
  http://support.microsoft.com/kb/834498
  http://www.macwindows.com/Win2003.html
  http://www.macosxhints.com/article.php?story=20050302023720578
  http://allinthehead.com/retro/218/accessing-a-windows-2003-share-from-os-x
  Does the Server have more than 1 NIC?
  http://forum.soft32.com/mac/Windows-Server-2003-MacIntosh-ftopict7128.html
  For stubborn Mac<->Windows® problems...
  http://www.thursby.com/products/admitmac.html

• Howto: VPN server authing off Active Directory

  It is indeed possible to use the VPN server on OS X Server to authenticate VPN users against Active Directory using Radius. I've set it up twice now and it works well. Binding your server to AD doesn't work for the VPN service, you only have this option at the present for using those AD accounts.
  http://www.afp548.com/article.php?story=20060517222656622

  This might help:
  http://www.afp548.com/article.php?story=20060517222656622&query=radius

• How to handle SQL connection if password Active directory always change? (Connection using Active directory via network SQL 2012 )

  I have 3 server (Web server, database sql 2012 server and Active directory). I'm using sqlsvr version 3.0,  PHP version 5.3 ,IIS version 7 and windows server 2008.
  Right now my php connection to SQL 2012 using AD id, so How to handle if password on active directory change?

  Solved : Using Kaberos

• SharePoint Foundation Active Directory Problem

  Hey,
  I have a problem with the Active Directory connection to SharePoint Foundation.
  My Situation looks like this:
  I'm working on a kind of project controlling plattform. Each of our customers has its own site. Also each customer has an account in our Active Directory. For the administrative part, we have a list which contains some infos of the customer, the url to its
  site and the contact person.
  I wrote an import-script which creates a site and a new item in the list. To put the contact person in the list-item, I use a code-snippet like this:
  try
  user = web.EnsureUser(loginName);
  catch (Exception ex)
  throw new Exception("LoginName " + loginName + " not found");
  Now the problem is, that the try/catch block fails too often which means: SharePoint doesn't know the loginNames of some of our customers.
  Why does SharePoint not know maybe 1/5 of all our customers? All of them have an account in our active directory, none of them ever logged in the SharePoint (at the time they even doesn't know, that they have a SharePoint site for this project).
  I searched the internet for the problem but all I found where questions related to the synchronization of ad-properties to SharePoint Foundation. But I don't want to sync the phone-number or something like that - I want SharePoint only to know all the loginNames
  of our customers, not only 1/5 of them.
  How do I achive this, what am I doing wrong?
  Thank you!

  web.EnsureUser has nothing to do with the UPS at all. This has nothing to do with synchronisation (it does have a role but it's a maintenance one and nothing to do with authentication.
  The simplest answer is that the login names are being entered wrongly. Having said that there are a few areas you can look at to try to identify the problem:
  Does it fail repeatedly for the same username? Can you add that user to the site manually using a people picker control and if so will the script work afterwards? Are there any trends in the user accounts that SharePoint cannot find?

• Error while creating a user in Active Directory.

  Hi Guys,
  I am creating a custom connector for AD and Exchnage , I am able to create user in AD using my Java Code... but i am also getting below error, I want to finish the operation smoothly.... Please find below error logs.
  13:51:15,635 ERROR [STDERR] Data AccessException:
  13:51:15,636 ERROR [STDERR] com.thortech.xl.orb.dataaccess.tcDataAccessException: DB_READ_FAILEDDetail: SQL: select UD_AD_CHILD_GRP_NAME from UD_AD_CHILD where UD_AD_CHILD_KEY = Description: ORA-00936: missing expression
  SQL State: 42000Vendor Code: 936Additional Debug Info:com.thortech.xl.orb.dataaccess.tcDataAccessException
  at com.thortech.xl.dataaccess.tcDataAccessExceptionUtil.createException(Unknown Source)
  at com.thortech.xl.dataaccess.tcDataBase.createException(Unknown Source)
  at com.thortech.xl.dataaccess.tcDataBase.readPartialStatement(Unknown Source)
  at com.thortech.xl.dataobj.tcDataBase.readPartialStatement(Unknown Source)
  at com.thortech.xl.dataaccess.tcDataSet.executeQuery(Unknown Source)
  at com.thortech.xl.dataobj.tcDataSet.executeQuery(Unknown Source)
  at com.thortech.xl.dataaccess.tcDataSet.executeQuery(Unknown Source)
  at com.thortech.xl.dataobj.tcDataSet.executeQuery(Unknown Source)
  at com.thortech.xl.adapterfactory.events.tcAdpEvent.getChildTableFieldValue(Unknown Source)
  at com.thortech.xl.adapterfactory.events.tcAdpEvent.getRunTimeValue(Unknown Source)
  at com.thortech.xl.adapterfactory.events.tcAdpEvent.getRunTimeValue(Unknown Source)
  at com.thortech.xl.adapterGlue.ScheduleItemEvents.adpADDUSERTOADGROUP.implementation(adpADDUSERTOADGROUP.java:49)
  at com.thortech.xl.client.events.tcBaseEvent.run(Unknown Source)
  at com.thortech.xl.dataobj.tcDataObj.runEvent(Unknown Source)
  at com.thortech.xl.dataobj.tcScheduleItem.runMilestoneEvent(Unknown Source)
  at com.thortech.xl.dataobj.tcScheduleItem.eventPostInsert(Unknown Source)
  at com.thortech.xl.dataobj.tcDataObj.insert(Unknown Source)
  at com.thortech.xl.dataobj.tcDataObj.save(Unknown Source)
  at com.thortech.xl.dataobj.tcScheduleItem.insertResponseMilestones(Unknown Source)
  at com.thortech.xl.dataobj.tcScheduleItem.eventPostUpdate(Unknown Source)
  at com.thortech.xl.dataobj.tcDataObj.update(Unknown Source)
  at com.thortech.xl.dataobj.tcDataObj.save(Unknown Source)
  at com.thortech.xl.adapterfactory.events.tcAdpEvent.updateSchItem(Unknown Source)
  at com.thortech.xl.adapterfactory.events.tcAdpEvent.finalizeProcessAdapter(Unknown Source)
  at com.thortech.xl.adapterfactory.events.tcAdpEvent.finalizeAdapter(Unknown Source)
  at com.thortech.xl.adapterGlue.ScheduleItemEvents.adpCREATEADUSER.implementation(adpCREATEADUSER.java:85)
  at com.thortech.xl.client.events.tcBaseEvent.run(Unknown Source)
  at com.thortech.xl.dataobj.tcDataObj.runEvent(Unknown Source)
  at com.thortech.xl.dataobj.tcScheduleItem.runMilestoneEvent(Unknown Source)
  at com.thortech.xl.dataobj.tcScheduleItem.eventPostInsert(Unknown Source)
  at com.thortech.xl.dataobj.tcDataObj.insert(Unknown Source)
  at com.thortech.xl.dataobj.tcDataObj.save(Unknown Source)
  at com.thortech.xl.dataobj.tcORC.insertNonConditionalMilestones(Unknown Source)
  at com.thortech.xl.dataobj.tcORC.completeSystemValidationMilestone(Unknown Source)
  at com.thortech.xl.dataobj.tcOrderItemInfo.completeCarrierBaseMilestone(Unknown Source)
  at com.thortech.xl.dataobj.tcOrderItemInfo.eventPostInsert(Unknown Source)
  at com.thortech.xl.dataobj.tcUDProcess.eventPostInsert(Unknown Source)
  at com.thortech.xl.dataobj.tcDataObj.insert(Unknown Source)
  at com.thortech.xl.dataobj.tcDataObj.save(Unknown Source)
  at com.thortech.xl.dataobj.tcTableDataObj.save(Unknown Source)
  at com.thortech.xl.ejb.beansimpl.tcFormInstanceOperationsBean.setProcessFormData(Unknown Source)
  at com.thortech.xl.ejb.beansimpl.tcFormInstanceOperationsBean.setProcessFormData(Unknown Source)
  at com.thortech.xl.ejb.beans.tcFormInstanceOperationsSession.setProcessFormData(Unknown Source)
  at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
  at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
  at java.lang.reflect.Method.invoke(Method.java:597)
  at org.jboss.invocation.Invocation.performCall(Invocation.java:359)
  at org.jboss.ejb.StatelessSessionContainer$ContainerInterceptor.invoke(StatelessSessionContainer.java:237)
  at org.jboss.resource.connectionmanager.CachedConnectionInterceptor.invoke(CachedConnectionInterceptor.java:158)
  at org.jboss.ejb.plugins.StatelessSessionInstanceInterceptor.invoke(StatelessSessionInstanceInterceptor.java:169)
  at org.jboss.ejb.plugins.CallValidationInterceptor.invoke(CallValidationInterceptor.java:63)
  at org.jboss.ejb.plugins.AbstractTxInterceptor.invokeNext(AbstractTxInterceptor.java:121)
  at org.jboss.ejb.plugins.TxInterceptorCMT.runWithTransactions(TxInterceptorCMT.java:350)
  at org.jboss.ejb.plugins.TxInterceptorCMT.invoke(TxInterceptorCMT.java:181)
  at org.jboss.ejb.plugins.SecurityInterceptor.invoke(SecurityInterceptor.java:168)
  at org.jboss.ejb.plugins.LogInterceptor.invoke(LogInterceptor.java:205)
  at org.jboss.ejb.plugins.ProxyFactoryFinderInterceptor.invoke(ProxyFactoryFinderInterceptor.java:138)
  at org.jboss.ejb.SessionContainer.internalInvoke(SessionContainer.java:648)
  at org.jboss.ejb.Container.invoke(Container.java:960)
  at sun.reflect.GeneratedMethodAccessor135.invoke(Unknown Source)
  at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
  at java.lang.reflect.Method.invoke(Method.java:597)
  at org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatcher.java:155)
  at org.jboss.mx.server.Invocation.dispatch(Invocation.java:94)
  at org.jboss.mx.server.Invocation.invoke(Invocation.java:86)
  at org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:264)
  at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:659)
  at org.jboss.invocation.local.LocalInvoker$MBeanServerAction.invoke(LocalInvoker.java:169)
  at org.jboss.invocation.local.LocalInvoker.invoke(LocalInvoker.java:118)
  at org.jboss.invocation.InvokerInterceptor.invokeLocal(InvokerInterceptor.java:209)
  at org.jboss.invocation.InvokerInterceptor.invoke(InvokerInterceptor.java:195)
  at org.jboss.proxy.TransactionInterceptor.invoke(TransactionInterceptor.java:61)
  at org.jboss.proxy.SecurityInterceptor.invoke(SecurityInterceptor.java:70)
  at org.jboss.proxy.ejb.StatelessSessionInterceptor.invoke(StatelessSessionInterceptor.java:112)
  at org.jboss.proxy.ClientContainer.invoke(ClientContainer.java:100)
  at $Proxy758.setProcessFormData(Unknown Source)
  at Thor.API.Operations.tcFormInstanceOperationsClient.setProcessFormData(Unknown Source)
  at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
  at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
  at java.lang.reflect.Method.invoke(Method.java:597)
  at Thor.API.Base.SecurityInvocationHandler$1.run(Unknown Source)
  at Thor.API.Security.LoginHandler.jbossLoginSession.runAs(Unknown Source)
  at Thor.API.Base.SecurityInvocationHandler.invoke(Unknown Source)
  at $Proxy803.setProcessFormData(Unknown Source)
  at com.thortech.xl.webclient.actions.DirectProvisionUserAction.handleVerifyProcessData(Unknown Source)
  at com.thortech.xl.webclient.actions.DirectProvisionUserAction.goNext(Unknown Source)
  at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
  at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
  at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
  at java.lang.reflect.Method.invoke(Method.java:597)
  at org.apache.struts.actions.DispatchAction.dispatchMethod(DispatchAction.java:280)
  at com.thortech.xl.webclient.actions.tcLookupDispatchAction.execute(Unknown Source)
  at com.thortech.xl.webclient.actions.tcActionBase.execute(Unknown Source)
  at com.thortech.xl.webclient.actions.tcAction.execute(Unknown Source)
  at org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:484)
  at org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:274)
  at org.apache.struts.action.ActionServlet.process(ActionServlet.java:1482)
  at org.apache.struts.action.ActionServlet.doPost(ActionServlet.java:525)
  at javax.servlet.http.HttpServlet.service(HttpServlet.java:710)
  at javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
  at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
  at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
  at com.thortech.xl.webclient.security.SecurityFilter.doFilter(Unknown Source)
  at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
  at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
  at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
  at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
  at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
  at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:230)
  at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
  at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:182)
  at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84)
  at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
  at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
  at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:157)
  at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
  at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:262)
  at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)
  at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
  at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:446)
  at java.lang.Thread.run(Thread.java:619)
  Thanks,
  Hemant

  at com.thortech.xl.adapterGlue.ScheduleItemEvents.adpADDUSERTOADGROUP.implementation(adpADDUSERTOADGROUP.java:49)
  This is definitely a Custom Adapter because OOTB Adapter name is adpADCSADDUSERTOGROUP and NOT adpADDUSERTOADGROUP
  So, it is your custom code and in the code you are passing incorrect value of the Active Directory Child process form...
  The correct name is UD_ADUSRC and the Group Name column name is UD_ADUSRC_GROUPNAME.
  While you are passing UD_AD_CHILD as the child process form and UD_AD_CHILD_GRP_NAME as Group Name column name..
  Use OOTB Adapter... Correct these discrepancies... Your addition of group will work
  And since you are creating custom adapter, you need to be more careful and remain consistent throughout..
  Then if you want to use UD_AD_CHILD_GRP_NAME, use it everywhere consistently... Pass only this value in the adapter...
  And even in lookups, if any... Search everywhere... Keep things consistent... They will work... Because good news is that you are able to create user in AD via Java Code...
  And if any post is even slightly helpful, it is a good habit to mark it with helpful or correct ... And also mark the entire question as answered so that other people also are benefited.