Update users in Active Directory form SQL query update

I need to update the fields in the
Active Directory 2003 users from a
SQL Server 2003 query. Any idea plissss???

This is an powershell example to create AD users from SQL Server.
The Powershell cmdlet Set-ADUser will update the AD User fields.
$SQLText = "SELECT e.BusinessEntityID, p.Title, p.FirstName, p.MiddleName, p.LastName, p.Suffix, "+
"e.JobTitle, d.Name AS Department, d.GroupName, edh.StartDate, e.LoginID"+
" FROM HumanResources.Employee AS e"+
" INNER JOIN Person.Person AS p ON p.BusinessEntityID = e.BusinessEntityID"+
" INNER JOIN HumanResources.EmployeeDepartmentHistory AS edh ON e.BusinessEntityID = edh.BusinessEntityID"+
" INNER JOIN HumanResources.Department AS d ON edh.DepartmentID = d.DepartmentID"+
" WHERE (edh.EndDate IS NULL)"+
" AND (p.FirstName ='Brian')"
$SqlCon = New-Object System.Data.SqlClient.SqlConnection
$SqlCon.ConnectionString = "Server=localhost;Database=AdventureWorks2012;Trusted_Connection=yes;;"
$SqlCon.Open()
$SqlCmd = New-Object System.Data.SqlClient.SqlCommand
$SqlCmd.Connection = $SqlCon
$SqlCmd = $SqlCon.CreateCommand()
$SQLCmd.CommandText = $SQLText
$Result = $SQLCmd.ExecuteReader()
$Table = New-Object System.Data.DataTable
$table.Load($Result)
$SqlCon.Close()
$Password = "P@assword1"
foreach($Item in $Table)
$newUserID=@{
Name=$item.FirstName+$Item.LastName
Description="This is a test of a bulk user add"
GivenName=$item.FirstName
Surname=$item.LastName
DisplayName=$item.FirstName+" "+$Item.LastName
UserPrincipalName="$($item.FirstName+"."+$Item.LastName)@corp.contoso.com"
EmployeeID=$item.BusinessEntityID
ScriptPath='login.cmd'
Company="Contoso"
Department=$Item.Department
EmailAddress="$($item.FirstName+"."+$Item.LastName)@corp.contoso.com"
Title=$Item.JobTitle
$TargetOU="OU="+$item.Department+",DC=corp,DC=contoso,DC=com"
Try{
$newUserID
New-ADUser @newUserID -Path $TargetOU -ErrorAction Stop -AccountPassword (ConvertTo-SecureString $Password -AsPlainText -Force) -Passthru
Enable-ADAccount -Identity $newUserID.Name
Set-ADUser -Identity $newUserID.Name -ChangePasswordAtLogon $true
Write-Host "UserID $($newUserID.Name) created!" -ForegroundColor green
Catch{
Write-Host "There was a problem creating UserID $($item.UserID). The account was not created!" -ForegroundColor Red

Similar Messages

How to update users to Active Directory using Hyena Active Task List?

Kevin,
thanks for your input. I was able to firgured it out. It need the full path. with the CN=John Doe
Working like a charm!! thx!!

http://www.systemtools.com/HyenaHelp/active_editor.htm"Each Active Directory object is identifiable by its directory path, called the ADsPath. A special symbol, %ADSPATH%, can be inserted in the field order list that can be associated with the directory path in the import file. The ADsPath doesNOThave to be one of the attributes for the directory objects in the Editor if the ADsPath is used as the Key Field in the import file.Using an ADsPath as a match field can be difficult, as it is a long and complex string, and if special characters are used in some directory fields, Active Directory will automatically insert additional special characters into the ADsPath. One method of getting the ADsPath into a file for directory objects is to use Hyena's Edit Copy dialog. A special symbol, %ADSPATH%, can be added to any Active Directory copied...

Adding a user in Active Directory

Hi fellows,
I am having a serious problem in creating a new user in active directory. i am using LDAP JNDI code. I can delete and update users attributes, but fail to create users.
ctx.createSubcontext("newuser,full domain", attributes);
when i specify a new user in "newuser" it gives exception invalidnameexception. I don't understand how to create a new entry within the directory structure of predefined tree. by the way, i can create users by active directory explorer but java application is giving exceptions.
Any help will be highly appreciated.

A DistinguishedName is of the form e.g. "cn=username, ou=Users,dc=hostname,dc=com". In other words it contains attribute names and values for each name component. Evidently your DN doesn't do that.

Set a default value to checkbox on Active Directory form

Hi all
how to set a default value to checkbox UD_ADUSER_MUST on Active Directory form?
I set the value 1 on the column default value (ADUSER form), i try the provisioning resource AD to the user and this field is not selected.
please help me.

hi
My problem is solved, I tried to change the default form ADUSER, but this value was overridden by the policy form.
I set this value in the policy form.
thanks

Creating users in Active Directory through LDAP connector

Hello,
If we need to create users in Active directory using LDAP connector, what are the options for the following:
1) Update back into SAP from AD. LDAP connector updates only in one direction i.e from SAP to Active directory.
2) Can we add additional fields in LDAPMAP which are not standard e.g can we we write our own code to extract data from HR to map the value with an attritube within Active directory?
Regards,
Ahmad

Hello!
I noticed the email in my inbox and understand the reason for deleting it - checked the rules again - no problem with that.
Here is the posting again - sanitized this time.
You can create users in LDAP/AD from SAP without a problem. SAP provides function modules to create/maintain/delete users with LDAP attributes in the correct ou path.
You can also perform group membership assignment in LDAP from SAP if needed.
I have done this quite a few times at different companies that use SAP HCM.
A userid in SAP is created automatically during hiring action with default password e.g. birthday of employee and certain authorization roles based on configured information.
The userid is then created right away in LDAP in the correct ou path (controlled via custom configuration table) and LDAP group membership is assigned.
A job runs every 8 hours to perform delta updates in LDAP.
The userid in SAP and LDAP are locked automatically if the user is terminated using termination action in HR.

Add user to Active directory using SAP ABAP

Hi Experts,
I am currently working on a security refractor project where we are planning on automating the user creation process in business object and Oracle Hyperion using GRC-BW.
Our Hyperion user management is based on active directory/LDAP groups.
So say for example - we have a new user say ABC and in GRC he select the SAP-BW role 'HYP_FINANCE_USA' then I want to write a program in BW which will see who all users are assigned to 'HYP_FINANCE_USA' role and will go an update the active directory distribution list group named 'HYP_FINANCE_USA'.
Has anyone written a ABAP program or used standard function modules/BADI's etc to add/delete user from active directory/LDAP group ?

Would you post your code? I have yet to see any working jndi code to add a user to AD. Thanks.

Creating a windows user in Active Directory

I am trying to create a user in Active Directory that can log on as any other Windows user, but when I try to log into Windows, I get the following error message:
"The local policy of this system does not allow you to logon interactively".
Are there any attributes or objectclass settings that must be set for the user to allow interactive logons?
Thanks in advance!

This has nothing to do with JNDI, the object class or attributes.
I assume that you are trying to logon locally to the domain controller with the new user that you have just created.
By default, the domain controller's policy only allows specific users or members of a group to logon locally at the domain domain controller's console.
Either edit the domain controller'sgroup policy and add your newly created user to the list of users permitted to logon locally, or add the user to a group which has already been granted permission to logon locally.

Saving the password of a user in active directory using java

Hello, i am trying to use java to build a class that creates a user in Active directory 2012.But the problem is that when the user is created the password is not being saved.
Can anybody help on this knowing that i tried to save in the fields userPassword and unicodePwd.
Thanks.

DirContext ctx = new InitialDirContext(pr);
          BasicAttributes entry = new BasicAttributes(true);
          String entryDN = "cn=CharbelHad,ou=test users,dc=test,dc=dev";
          Attribute cn = new BasicAttribute("cn", "ChHad");
          Attribute street = (new BasicAttribute("streetAddress", "Ach"));
          Attribute loginPreW2k = (new BasicAttribute("sAMAccountName", "[email protected]"));
          Attribute login = (new BasicAttribute("userPrincipalName", "[email protected]"));
          Attribute sn = (new BasicAttribute("sn", "Chl"));
          Attribute pwd = new BasicAttribute("unicodePwd", "\"Ch@341\"".getBytes("UTF-8"));
Attribute userAccountControl = new BasicAttribute("userAccountControl", "512");
          Attribute oc = new BasicAttribute("objectClass");
          oc.add("top");
          oc.add("person");
          oc.add("organizationalPerson");
          oc.add("user");
          // build the entry
          entry.put(cn);
          entry.put(street);
          entry.put(sn);
          entry.put(userAccountControl);
          entry.put(pwd);
          entry.put(login);
          entry.put(loginPreW2k);
          entry.put(oc);
          ctx.createSubcontext(entryDN, entry);

Need Help creating new user in Active Directory

I am trying to create a new user in active directory via a java application. I have included the code that I am using. I am able to successfully bind to Active Directory. I have been able to change passwords, and delete users, but I have not been able to create a user.
ldapHost : "mta101.DOM101.CEL.ACC.AF.MIL"
domainName: "dc=dom101,dc=cel,dc=acc,dc=af,dc=mil"
existing account: CN=Brett K. Humpherys,OU=Users,OU=CEL
I get the following error on the createSubcontext statement:
javax.naming.directory.InvalidAttributeValueException: [LDAP: error code 21 - 00000057: LdapErr: DSID-0C09098B, comment: Error in attribute conversion operation, data 0, v893 ; remaining name 'CN=test1,OU=Users,OU=CEL'
I have commented out the password portion and change the ObjectCategory to a 32 and get the same error.
    public GblStatus createAccount7(DbaDb dbConn,
                                    String jsrcName,
                                    String personName,
                                    String username,
                                    String password)
      Hashtable ldapEnv = new Hashtable(11);
      ldapEnv.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.ldap.LdapCtxFactory");
      ldapEnv.put(Context.PROVIDER_URL, "ldap://" + this.ldapHost + ":636");
      ldapEnv.put(Context.SECURITY_AUTHENTICATION, "simple");
      ldapEnv.put(Context.SECURITY_PROTOCOL, "ssl");
      ldapEnv.put(Context.REFERRAL, "ignore");
      ldapEnv.put(Context.SECURITY_PRINCIPAL,"cn=" + this.adminAcct + ",cn=users," + this.domainName);
      ldapEnv.put(Context.SECURITY_CREDENTIALS, this.adminPwd);
       try
        // Create the initial context
        DirContext ctx = new InitialDirContext(ldapEnv);
        BasicAttributes attrs = new BasicAttributes();
        BasicAttribute ocs = new BasicAttribute("objectclass");
        ocs.add("top");
        ocs.add("person");
        ocs.add("organizationalPerson");
        ocs.add("user");
        attrs.put(ocs);
        BasicAttribute gn = new BasicAttribute("givenName", "test1");
        attrs.put(gn);
        BasicAttribute sn = new BasicAttribute("sn", "");
        attrs.put(sn);
        BasicAttribute cn = new BasicAttribute("cn", "test1");
        attrs.put(cn);
        BasicAttribute uac = new BasicAttribute("userAccountControl", "66048");
        attrs.put(uac);
        BasicAttribute sam = new BasicAttribute("sAMAccountName", "test1");
        attrs.put(sam);
        BasicAttribute disName = new BasicAttribute("displayName", "test1");
        attrs.put(disName);
        BasicAttribute userPrincipalName = new BasicAttribute
                                      ("userPrincipalName", "[email protected]");
        attrs.put(userPrincipalName);
        BasicAttribute instanceType = new BasicAttribute("instanceType", "4");
        attrs.put(instanceType);
        BasicAttribute objectCategory = new BasicAttribute
                  ("objectCategory","CN=User,CN=Schema,CN=Configuration," + domainName);
        attrs.put(objectCategory);
        String newVal = new String("\"password\"");
        byte _bytes[] = newVal.getBytes("Unicode");
byte bytes[] = new byte[_bytes.length - 2];
System.arraycopy(_bytes, 2, bytes, 0, _bytes.length - 2);
BasicAttribute attribute = new BasicAttribute("unicodePwd");
attribute.add((byte[]) bytes);
attrs.put(attribute);
ctx.createSubcontext("CN=test1,OU=Users,OU=CEL", attrs);
ctx.close();
catch (NameAlreadyBoundException nex)
System.out.println("User ID is already in use, please select a different user ID ...");
catch (Exception ex)
System.out.println("Failed to create user account... Please verify the user information...");
ex.printStackTrace();
return new GblStatus();
Any help would be much appreciated.

Hi .,
me too got up with same problem., can anyone help me.??
Someone help me to create attributes in AD using LDAP
package LDAPpack;
import javax.naming.*;
import javax.naming.directory.*;
import javax.naming.ldap.InitialLdapContext;
import javax.naming.ldap.LdapContext;
import java.util.Hashtable;
class CreateAttrs {
public static void main(String[] args) {
     Hashtable env = new Hashtable();
          env.put(Context.INITIAL_CONTEXT_FACTORY,"com.sun.jndi.ldap.LdapCtxFactory");
          env.put(Context.PROVIDER_URL, "ldap://10.242.6.166:389/");
          env.put(Context.SECURITY_AUTHENTICATION,"simple");
          env.put(Context.SECURITY_PRINCIPAL, "CN=cname,OU=Users,OU=Dealer,OU=Community,DC=test2,DC=org");
                    env.put(Context.SECURITY_CREDENTIALS, "password-1");
          LdapContext ctx =null;
          try {
               //ctx = new InitialLdapContext(env,null);
               try {
ctx = new InitialLdapContext(env,null);
               catch(NamingException e) {
System.out.println("Login failed");
System.exit(0);
if(ctx!=null){
System.out.println("Login Successful");
byte[] buf = new byte[] {0, 1, 2, 3, 4, 5, 6, 7}; // same data
     // Create a multivalued attribute with 4 String values
     BasicAttribute oc = new BasicAttribute("objectClassNew", "topNew");
     oc.add("personNew");
     oc.add("organizationalPersonNew");
     // Create an attribute with a byte array
     BasicAttribute photo = new BasicAttribute("jpegPhotoNew", buf);
     // Create attribute set
     BasicAttributes attrs = new BasicAttributes(true);
     attrs.put(oc);
     attrs.put(photo);
     Attributes attrs1 = ctx.getAttributes("CN=cname,OU=Users,OU=Dealer,OU=Community,DC=test2,DC=org");
System.out.println(attrs1);
Context result = ctx.createSubcontext("CN=cname,OU=Users,OU=Dealer,OU=Community,DC=test2,DC=org", attrs);
//i got error here; i attach the error below.
     ctx.close();
System.out.println("close");
     catch(NamingException e){
          e.printStackTrace();
ERROR:
Login Successful
javax.naming.directory.NoSuchAttributeException: [LDAP: error code 16 - 00000057: LdapErr: DSID-0C090B38, comment: Error in attribute conversion operation, data 0, vece
ANYONE HELP ME PLS.
Edited by: vencer on Jun 19, 2008 12:38 AM

How to create user in Active directory

Hello,
I'm trying to create a user in active directory via the following example:
String userName = "cn=Jef Klak,ou=Ps Users,ou=Users,ou=Managed,dc=xxx,dc=local";
     Attributes attrs = new BasicAttributes(false);
     Attribute oc = new BasicAttribute("objectClass");
     oc.add("top");
     oc.add("person");
     oc.add("organizationalPerson");
     oc.add("user");
     attrs.put(oc);
          attrs.put("cn","Jef Klak");
          attrs.put("giveName","Jef");
          attrs.put("sn","Klak");
          attrs.put("displayName","Klak, Jef");
          attrs.put("description","IR");
          attrs.put("userPrincipalName","[email protected]");
          attrs.put("mail","[email protected]");
          attrs.put("company", "XXX");
          attrs.put("sAMAccountName","jk666");
attrs.put("userAccountControl",Integer.toString(UF_NORMAL_ACCOUNT + UF_DONT_EXPIRE_PASSWD+ UF_ACCOUNTDISABLE));
          Context result = fctx.createSubcontext(userName, attrs);
As a result I'm getting the following error:
javax.naming.directory.NoSuchAttributeException: [LDAP: error code 16 - 00000057: LdapErr: DSID-0C090B38, comment: Error in attribute conversion operation, data 0, vece
remaining name 'cn=Jef Klak,ou=Ps Users,ou=Users,ou=Managed,dc=xxx,dc=local'
Anybody any tips or advice on this one? Or maybe a working examples how to add users in AD?
Listing entries in the AD is no problem, so it's only adding them.
Many thanks,
Filip

          attrs.put("giveName","Jef");
javax.naming.directory.NoSuchAttributeExceptionSpelling error.

Setting the cell width in a Tabular Form (SQL Query (updateable report) )

version 3.2.1
I have a Tabular Form (SQL Query (updateable report) ) and I have a column that is a VARCHAR2(4000) that when displayed extends the cell to the full length (which of course makes sense).
How can I set the width of this cell to something like 30 or 50 and wrap the contents?
Thanks,
Joe

Scott,
Thank you for replying.
Your suggestion kinda worked. I say kinda because when the report is first displayed the cell is the full width and appears to ignore the width setting. There is a Select List on the report to restrict some of the data that is displayed. When a selection is made from this Select List, it appears that the cell width is then adjusted to what was set, but not for every selection from this Select List.
I made the width entry in Tabular Form Element - Element Width
Any idea why the width setting is ignored?
Thanks,
Joe

Is there a way to authenticate an iPad to our WLAN using a digital certificate and then authorize the user in Active Directory?

We want to authenticate both a device (iPad) to our corporate WLAN, but after authenticating the device we would also like to authentiate the user in Active Directory if possible. Has anyone had any experience with this?

You need to make sure that the server sends the "GeoTrust DV SSL CA" intermediate certificate.
See:
* http://www.networking4all.com/en/support/tools/site+check/ (www.ucfs.net)
* https://knowledge.geotrust.com/support/knowledge-base/index?page=content&id=SO9557
* https://knowledge.geotrust.com/support/knowledge-base/index?page=content&id=AR1422

Error while creating a user in Active Directory.

Hi Guys,
I am creating a custom connector for AD and Exchnage , I am able to create user in AD using my Java Code... but i am also getting below error, I want to finish the operation smoothly.... Please find below error logs.
13:51:15,635 ERROR [STDERR] Data AccessException:
13:51:15,636 ERROR [STDERR] com.thortech.xl.orb.dataaccess.tcDataAccessException: DB_READ_FAILEDDetail: SQL: select UD_AD_CHILD_GRP_NAME from UD_AD_CHILD where UD_AD_CHILD_KEY = Description: ORA-00936: missing expression
SQL State: 42000Vendor Code: 936Additional Debug Info:com.thortech.xl.orb.dataaccess.tcDataAccessException
at com.thortech.xl.dataaccess.tcDataAccessExceptionUtil.createException(Unknown Source)
at com.thortech.xl.dataaccess.tcDataBase.createException(Unknown Source)
at com.thortech.xl.dataaccess.tcDataBase.readPartialStatement(Unknown Source)
at com.thortech.xl.dataobj.tcDataBase.readPartialStatement(Unknown Source)
at com.thortech.xl.dataaccess.tcDataSet.executeQuery(Unknown Source)
at com.thortech.xl.dataobj.tcDataSet.executeQuery(Unknown Source)
at com.thortech.xl.dataaccess.tcDataSet.executeQuery(Unknown Source)
at com.thortech.xl.dataobj.tcDataSet.executeQuery(Unknown Source)
at com.thortech.xl.adapterfactory.events.tcAdpEvent.getChildTableFieldValue(Unknown Source)
at com.thortech.xl.adapterfactory.events.tcAdpEvent.getRunTimeValue(Unknown Source)
at com.thortech.xl.adapterfactory.events.tcAdpEvent.getRunTimeValue(Unknown Source)
at com.thortech.xl.adapterGlue.ScheduleItemEvents.adpADDUSERTOADGROUP.implementation(adpADDUSERTOADGROUP.java:49)
at com.thortech.xl.client.events.tcBaseEvent.run(Unknown Source)
at com.thortech.xl.dataobj.tcDataObj.runEvent(Unknown Source)
at com.thortech.xl.dataobj.tcScheduleItem.runMilestoneEvent(Unknown Source)
at com.thortech.xl.dataobj.tcScheduleItem.eventPostInsert(Unknown Source)
at com.thortech.xl.dataobj.tcDataObj.insert(Unknown Source)
at com.thortech.xl.dataobj.tcDataObj.save(Unknown Source)
at com.thortech.xl.dataobj.tcScheduleItem.insertResponseMilestones(Unknown Source)
at com.thortech.xl.dataobj.tcScheduleItem.eventPostUpdate(Unknown Source)
at com.thortech.xl.dataobj.tcDataObj.update(Unknown Source)
at com.thortech.xl.dataobj.tcDataObj.save(Unknown Source)
at com.thortech.xl.adapterfactory.events.tcAdpEvent.updateSchItem(Unknown Source)
at com.thortech.xl.adapterfactory.events.tcAdpEvent.finalizeProcessAdapter(Unknown Source)
at com.thortech.xl.adapterfactory.events.tcAdpEvent.finalizeAdapter(Unknown Source)
at com.thortech.xl.adapterGlue.ScheduleItemEvents.adpCREATEADUSER.implementation(adpCREATEADUSER.java:85)
at com.thortech.xl.client.events.tcBaseEvent.run(Unknown Source)
at com.thortech.xl.dataobj.tcDataObj.runEvent(Unknown Source)
at com.thortech.xl.dataobj.tcScheduleItem.runMilestoneEvent(Unknown Source)
at com.thortech.xl.dataobj.tcScheduleItem.eventPostInsert(Unknown Source)
at com.thortech.xl.dataobj.tcDataObj.insert(Unknown Source)
at com.thortech.xl.dataobj.tcDataObj.save(Unknown Source)
at com.thortech.xl.dataobj.tcORC.insertNonConditionalMilestones(Unknown Source)
at com.thortech.xl.dataobj.tcORC.completeSystemValidationMilestone(Unknown Source)
at com.thortech.xl.dataobj.tcOrderItemInfo.completeCarrierBaseMilestone(Unknown Source)
at com.thortech.xl.dataobj.tcOrderItemInfo.eventPostInsert(Unknown Source)
at com.thortech.xl.dataobj.tcUDProcess.eventPostInsert(Unknown Source)
at com.thortech.xl.dataobj.tcDataObj.insert(Unknown Source)
at com.thortech.xl.dataobj.tcDataObj.save(Unknown Source)
at com.thortech.xl.dataobj.tcTableDataObj.save(Unknown Source)
at com.thortech.xl.ejb.beansimpl.tcFormInstanceOperationsBean.setProcessFormData(Unknown Source)
at com.thortech.xl.ejb.beansimpl.tcFormInstanceOperationsBean.setProcessFormData(Unknown Source)
at com.thortech.xl.ejb.beans.tcFormInstanceOperationsSession.setProcessFormData(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.jboss.invocation.Invocation.performCall(Invocation.java:359)
at org.jboss.ejb.StatelessSessionContainer$ContainerInterceptor.invoke(StatelessSessionContainer.java:237)
at org.jboss.resource.connectionmanager.CachedConnectionInterceptor.invoke(CachedConnectionInterceptor.java:158)
at org.jboss.ejb.plugins.StatelessSessionInstanceInterceptor.invoke(StatelessSessionInstanceInterceptor.java:169)
at org.jboss.ejb.plugins.CallValidationInterceptor.invoke(CallValidationInterceptor.java:63)
at org.jboss.ejb.plugins.AbstractTxInterceptor.invokeNext(AbstractTxInterceptor.java:121)
at org.jboss.ejb.plugins.TxInterceptorCMT.runWithTransactions(TxInterceptorCMT.java:350)
at org.jboss.ejb.plugins.TxInterceptorCMT.invoke(TxInterceptorCMT.java:181)
at org.jboss.ejb.plugins.SecurityInterceptor.invoke(SecurityInterceptor.java:168)
at org.jboss.ejb.plugins.LogInterceptor.invoke(LogInterceptor.java:205)
at org.jboss.ejb.plugins.ProxyFactoryFinderInterceptor.invoke(ProxyFactoryFinderInterceptor.java:138)
at org.jboss.ejb.SessionContainer.internalInvoke(SessionContainer.java:648)
at org.jboss.ejb.Container.invoke(Container.java:960)
at sun.reflect.GeneratedMethodAccessor135.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatcher.java:155)
at org.jboss.mx.server.Invocation.dispatch(Invocation.java:94)
at org.jboss.mx.server.Invocation.invoke(Invocation.java:86)
at org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:264)
at org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:659)
at org.jboss.invocation.local.LocalInvoker$MBeanServerAction.invoke(LocalInvoker.java:169)
at org.jboss.invocation.local.LocalInvoker.invoke(LocalInvoker.java:118)
at org.jboss.invocation.InvokerInterceptor.invokeLocal(InvokerInterceptor.java:209)
at org.jboss.invocation.InvokerInterceptor.invoke(InvokerInterceptor.java:195)
at org.jboss.proxy.TransactionInterceptor.invoke(TransactionInterceptor.java:61)
at org.jboss.proxy.SecurityInterceptor.invoke(SecurityInterceptor.java:70)
at org.jboss.proxy.ejb.StatelessSessionInterceptor.invoke(StatelessSessionInterceptor.java:112)
at org.jboss.proxy.ClientContainer.invoke(ClientContainer.java:100)
at $Proxy758.setProcessFormData(Unknown Source)
at Thor.API.Operations.tcFormInstanceOperationsClient.setProcessFormData(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at Thor.API.Base.SecurityInvocationHandler$1.run(Unknown Source)
at Thor.API.Security.LoginHandler.jbossLoginSession.runAs(Unknown Source)
at Thor.API.Base.SecurityInvocationHandler.invoke(Unknown Source)
at $Proxy803.setProcessFormData(Unknown Source)
at com.thortech.xl.webclient.actions.DirectProvisionUserAction.handleVerifyProcessData(Unknown Source)
at com.thortech.xl.webclient.actions.DirectProvisionUserAction.goNext(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.apache.struts.actions.DispatchAction.dispatchMethod(DispatchAction.java:280)
at com.thortech.xl.webclient.actions.tcLookupDispatchAction.execute(Unknown Source)
at com.thortech.xl.webclient.actions.tcActionBase.execute(Unknown Source)
at com.thortech.xl.webclient.actions.tcAction.execute(Unknown Source)
at org.apache.struts.action.RequestProcessor.processActionPerform(RequestProcessor.java:484)
at org.apache.struts.action.RequestProcessor.process(RequestProcessor.java:274)
at org.apache.struts.action.ActionServlet.process(ActionServlet.java:1482)
at org.apache.struts.action.ActionServlet.doPost(ActionServlet.java:525)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:710)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at com.thortech.xl.webclient.security.SecurityFilter.doFilter(Unknown Source)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:230)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:182)
at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:157)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:262)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:446)
at java.lang.Thread.run(Thread.java:619)
Thanks,
Hemant

at com.thortech.xl.adapterGlue.ScheduleItemEvents.adpADDUSERTOADGROUP.implementation(adpADDUSERTOADGROUP.java:49)
This is definitely a Custom Adapter because OOTB Adapter name is adpADCSADDUSERTOGROUP and NOT adpADDUSERTOADGROUP
So, it is your custom code and in the code you are passing incorrect value of the Active Directory Child process form...
The correct name is UD_ADUSRC and the Group Name column name is UD_ADUSRC_GROUPNAME.
While you are passing UD_AD_CHILD as the child process form and UD_AD_CHILD_GRP_NAME as Group Name column name..
Use OOTB Adapter... Correct these discrepancies... Your addition of group will work
And since you are creating custom adapter, you need to be more careful and remain consistent throughout..
Then if you want to use UD_AD_CHILD_GRP_NAME, use it everywhere consistently... Pass only this value in the adapter...
And even in lookups, if any... Search everywhere... Keep things consistent... They will work... Because good news is that you are able to create user in AD via Java Code...
And if any post is even slightly helpful, it is a good habit to mark it with helpful or correct ... And also mark the entire question as answered so that other people also are benefited.

IDM / Active Directory : Attributes not geting updated

I am trying to update attributes in my Active Directory Resource, via IDM. But, they are not getting updated.
Before we installed the IDM system in our organization, the Active Directory's "*Department*" field contained previous (old) information.
Now, we want to use IDM to update this information for ALL our employees.
I used the "*Default*" syntax in the IDM User Form, as follows :
*<Field name = 'global.department'>*
*<Display class='Text'>*
*<Property name='Title' value='Department'/>*
*</Display>*
*<Default>*
*<s>Sales Department</s>*
*</Default>*
*</Field>*
Next, I mapped this attribute to the Active Directory "*Department*" field.
However, the new value "*Sales Department*" is not being sent to Active Directory. The old values still remain.
When I tried to do the update directly in AD...........I simply DELETED the old value. And then, I went to IDM to update the employee's account (thereby, I tried to PUSH the new value into AD). But, it did not work. Instead, IDM displayed the following info :
Old value : "empty space"
New value : "old data"
The new data........"*Sales Department*"..........was not being sent to AD.
Next, I simply repeated the update process in AD. But this time, I erased the old data, and wrote "*Sales Department*". Then it worked. AD accepted the new data, and also sent it BACK to idm.
I found this very strange
*(a) why does AD not get updated with the new value from IDM?*
*(b) why does AD reject the new value if the field itself (in AD) is left blank?*
*(c) how can I UPDATE all the employees in Active directory with the new DEFAULT data : "Sales Department"*

MichaelSt wrote:
I want IDM to update AD (meaning, the data-flow is from IDM to AD), not the other way round.
Using "*accounts[AD].department*" means that IDM will take its data FROM active directory. I want AD to take info FROM idmSorry but that's incorrect. The global namespace simply maps an attribute to the equivalent accounts[...].attribute name. So global.department would translate to accounts[AD].department and accounts[LDAP].department and accounts[Some Resource].department. (Incidentally, global.department would get set by the first resource IDM reads with a department attribute so it is very possible to read the attribute from AD. AD may simply not be the first one that IDM comes across.)
Setting the individual resource value, as redindian suggested, is a perfectly valid way of pushing attributes to the resource. (Assuming of course you have the attribute marked as writable in the resource configuration.) So technically if you so desired, you could set different values for accounts[LDAP].department and accounts[AD].department and accounts[Some Resource].department which you cannot do if you use the global namespace.
I do this all the time for some of my attributes. For example, some of my resources (usually the really old legacy ones) require an upper case email address while others require lower case addresses. I set different values for accounts[Legacy Resource].email and accounts[Newer Resource].email when I want to push the attribute down to the resource. I also avoid the global namespace like the plague. I've had so many problems with it mapping data incorrectly that it's just easier to set the individual attributes directly.
The attributes set in the accounts[Resource] namespace is a perfectly valid way to both reference attributes on a resource as well as set them.
As has been suggested, don't use a default but rather use an expansion.

Search a user in Active Directory by his name

Hi all,
Is there a way to search a user in an Active Directory with some attributes ? For example, I would like to find all the users whose firstName is "Guillaume".
I use a Provider connected to an Active Directory to authenticate and it works fine. I have also implemented an UUP to get the profile of a user in this AD.
But for the moment, the only way I can find a user by his name is to
* get all the users from the AD (userProviderControl.getUserNames("*", SIZE_MAX))
* Then for each username :
- get his profile with PropertyControl and ProfileWrapper (each user has a ldap propertyset filled by the UUP) ==> propertyControl.getProperty(profileWrapper, PROPERTYSET_LDAP, PROPERTY_LDAP_FIRSTNAME) )
* Browse all the user profiles retrieved and find the good one.
Is there an API to do what I want ?
I'm using Oracle WebLogic Portal 10.
Thanks for your help
Guillaume
Edited by: user10185882 on 3 nov. 2008 06:07

A DistinguishedName is of the form e.g. "cn=username, ou=Users,dc=hostname,dc=com". In other words it contains attribute names and values for each name component. Evidently your DN doesn't do that.

Update users in Active Directory form SQL query update

Similar Messages

Maybe you are looking for