Fulfillment payload

Hi,

we are trying to setup a fulfillment to AD but is getting a couple of error (related to how we change in the script)

We have seen  "ReferenceError: "accountName" is not defined" and also "Reason: Missing mandatory userProfile attribute: targetContainer"

Is it possible to capture what in the payload sent do fulfillment?

IGA version 4.2

/Lennart

  • 0  

    Hello,

       
    1) Are the Identities coming from AD or some other source?

    2) In your AD Application source:Do you have an Account and Permission collector?

    3) If yes, have you confirmed that in the Permission Collector you are mapping the holder correctly to the Account and not going directly to the Identity

    4) What action is (Access Request Grant/Remove, Business Role Auto Grant/Revoke, SoD remove permission, Review remove permission) is causing this?

    Sincerely,
    Steven Williams
    Principal Enterprise Architect
    OpenText Cybersecurity


  • 0 in reply to   

    Hi Steven

    thanks for your reply.

    I should have done a better explenation.

    It is working when we don't change the default schema_map_profile script (except placement in AD), but we don't want the user name to be inherited from first name and last name. We want to take the users id from source (E-dir DN) and remove cn= and everything after first ,. So if user ID form source is cn=lenjoh,ou=users,o=Org, we want the user name/samaccountname to be lenjoh. We also got the cn in our catalog so that could be used to.

    But to your questions

    1, Identities is coming from E-dir

    2, yes, we got a Account and Permission collector that is working

    3, I'm not sure how to check that, we got unmapped accounts from AD in the catalog. On the other hand we do have have a mapping attribute setup in the collector

    4, It's a Access Request Grant/Remove we are trying to do

    I'm fairly new to work with IG so bear with me if I miss any vital information.

    /Lennart