Dear TechNet Users,
i have a problem with my "Create New User" Runbook. I´ve installed the Active Directory integration Pack. And configured the AD. But i´m not sure how to configure the "Configuration Default Parent Container" ...
i use the following parameters: CN=Users,DC=mydomain,DC=local
are these parameters incorrect?
Logifle Error: unknown exception cought
the format for the DN seems to be correct. Has the account configured in the Connection access to create Users in the Container Users in this Domain? The Container Name is "Users" or something like "Benutzer" ?
Which is the Common Error message of the Activity in tab "LogHistory", "unknown exception caught" ?
Yes, i checked the container "users" and the attributes are correct. At first initialized data succeed and then the error message of Create User in the loghistory is "uknown exception caught".
my domain admin user has full access in the security settings
could it be because of a false integration pack for the active directory?
- Edited by SystemCenterTestLab Tuesday, October 08, 2013 2:55 PM
do you use the SP1 Version from System_Center_2012_SP1_Integration_Packs.EXE avaliable here http://www.microsoft.com/en-us/download/details.aspx?id=34611?
yes i use the SP1 Version
and in this case (OU=Users) i´ll get the following error:The parent path 'OU=Users,DC=adessolab,DC=
local' was not found.
Target site: LdapUser.CreateNew
ActiveDirectoryCore.LdapUser. CreateNew( ISafeDirectoryFactory factory, DistinguishedName distinguishedName, String samAccountName)
ActiveDirectoryCore. LdapDirectory.CreateNewUser( DistinguishedName distinguishedName, String samAccountName)
ActiveDirectoryCore. LdapDirectory.CreateNewUser( DistinguishedName distinguishedName)
IntegrationPack. ActiveDirectory.Execution. CreateUserExecutor. CreateExecutionObject( ILdapDirectory ldapDirectory)
IntegrationPack. ActiveDirectory.Execution. AExecutor.Execute()
IntegrationPack. ActiveDirectory.Execution. ActiveDirectoryProgram. ExecuteProxy(ExecutionProxy proxy)
IntegrationPack. ActiveDirectory. AActiveDirectoryActivity. Execute(IActivityRequest request, IActivityResponse response)
- Edited by SystemCenterTestLab Wednesday, October 09, 2013 8:25 AM
Hi, May be you have missing some parameter for Create user activity:
they only required properties the Common Name, and rest of properties are optional but must entered in correct format
Regards, Ibrahim Hamdy
this is my Runbook:
Initialize Data: i create 5 string parameters
activity ID (4 service manager)
Create User: i create 4 properties
Common name --> subscribe published data --> UserAlias
First name --> subscribe published data --> UserFN
Last name --> subscribe published data --> UserLN
Password --> subscribe published data --> UserPassword
Enable User: i create 1 properties
Distinguished Name subscribe published data --> Create User
Update Object (service manager)
Can you check "Create User" with constant values?
If you run "Get User" which is the Value for Distinguished Name if you append that Published Data to a text file for example?
I can't reproduce the error "unknown exception caught" with missing or misconfigured parameters. Perhaps a redeployment of the AD IP helps.
i´ve done this configuration completely new. I oriented myself in this video and I get back the error "unknown exception caught"
when i test the runbook, the user is created but disabled...
- Edited by SystemCenterTestLab Friday, October 11, 2013 9:03 AM
I had the same error in Orchestrator Reset User Password activity, "Unknown exception caught".
I was resetting the password from an Orchestrator that was located in another domain, with no trust relationships. Funny thing was, that several other activities (Add User to Group, Unlock User etc) were working just fine, but very slowly.
The problem was that port 464 was closed. That is needed for password resets. When our firewall guy checked the traffic, everything else was working because ldap was allowed.
Now the ports are opened from the Orch servers to the other domain's DC Controllers according to http://technet.microsoft.com/en-us/library/dd772723(v=ws.10).aspx and as a bonus, everything speeded up radically. Why, you ask? Well, the connection does work with ldap most of the time, but when native Kerberos and RPC ports were opened, no fallback protocols were needed anymore ;-)