Unable to Update Password on Active Directory
Hi,
We have configured OIM 11.1.1 to connect with MS Active Directory for user provisioning tasks. While the operations are being performed smoothly, for a small number of users we are having problem updating their password on Active Directory. Whenever the users update their password on OIM, their password update on Active Directory fails with the following exception on the Active Directory Connector Server. What could be the possible reasons?
5/6/2013 10:48:23 AM <INFORMATION>: Class-> ActiveDirectoryUtils, Method -> GetDirectoryEntry, Message -> Creating Directory Entry with path: LDAP://***********/CN=***********,OU=Users,OU=Tax Investigation,DC=***********,DC=***********,DC=***********, DirectoryAdminName = ***********\***********, DirectoryAdminPassword = ***********, authtype = Secure
5/6/2013 10:48:23 AM <VERBOSE>: Class-> ActiveDirectoryUtils, Method -> GetDirectoryEntry, Message -> Setting the Referral Chasing Option as ALL for the path: LDAP://***********/CN=Deodatus Kato,OU=Users,OU=Tax Investigation,DC=***********,DC=***********,DC=***********
5/6/2013 10:48:23 AM <INFORMATION>: Class-> ActiveDirectoryUtils, Method -> GetDirectoryEntry, Message -> Exiting the method. Returning the created directory entry for the path = LDAP://***********/CN=Deodatus Kato,OU=Users,OU=Tax Investigation,DC=***********,DC=***********,DC=***********
5/6/2013 10:48:23 AM <VERBOSE>: Class-> ActiveDirectoryUtils, Method -> GetDirectoryEntryFromUid, Message -> Exiting the method. Return value is directory entry with path: LDAP://***********/CN=Deodatus Kato,OU=Users,OU=Tax Investigation,DC=***********,DC=***********,DC=***********
5/6/2013 10:48:23 AM <INFORMATION>: Class-> ActiveDirectoryConnector, Method -> Update, Message -> Got Directory Entry for the host: *********** with UID: Org.IdentityConnectors.Common.ReadOnlyList`1[System.Object]
5/6/2013 10:48:23 AM <VERBOSE>: Class-> ActiveDirectoryUtils, Method -> UpdateADObject, Message -> Method Entered. Parameter: oclass = MESSAGE_OBJECT_CLASS___ACCOUNT__, DirectoryEntry, attributes,, type = REPLACE, ActiveDirectoryConfiguration
5/6/2013 10:48:23 AM <VERBOSE>: Class-> ActiveDirectoryUtils, Method -> UpdateADObject, Message -> Handling Auxiliary Classes
5/6/2013 10:48:23 AM <VERBOSE>: Class-> ActiveDirectoryUtils, Method -> AddAndRemoveAuxClasses, Message -> Method Entered. Parameters: updateType = REPLACE, Attributes, DirectoryEntry
5/6/2013 10:48:23 AM <VERBOSE>: Class-> ActiveDirectoryUtils, Method -> AddAndRemoveAuxClasses, Message -> Exiting the method.
5/6/2013 10:48:23 AM <VERBOSE>: Class-> ActiveDirectoryUtils, Method -> UpdateADObject, Message -> Handling update for the object class : __ACCOUNT__
5/6/2013 10:48:23 AM <VERBOSE>: Class-> ActiveDirectoryUtils, Method -> UpdateADObject, Message -> Setting the user password
5/6/2013 10:48:23 AM <VERBOSE>: Class-> ActiveDirectoryUtils, Method -> UpdateADObject, Message -> Current Password is null. Setting the password using Password Handler
ConnectorServer.exe Error: 0 : System.Runtime.InteropServices.COMException (0x80072035): The server is unwilling to process the request. (Exception from HRESULT: 0x80072035)
at ActiveDs.IADsUser.SetPassword(String NewPassword)
at Org.IdentityConnectors.ActiveDirectory.PasswordChangeHandler.changePassword(DirectoryEntry directoryEntry, GuardedString gsNewPassword) in c:\ADE\aime_oimcp\idc\bundles\dotnet\ActiveDirectory\ActiveDirectoryConnector\PasswordChangeHandler.cs:line 398
at Org.IdentityConnectors.ActiveDirectory.ActiveDirectoryUtils.UpdateADObject(ObjectClass oclass, DirectoryEntry directoryEntry, ICollection`1 attributes, UpdateType type, ActiveDirectoryConfiguration config) in c:\ADE\aime_oimcp\idc\bundles\dotnet\ActiveDirectory\ActiveDirectoryConnector\ActiveDirectoryUtils.cs:line 342
at Org.IdentityConnectors.ActiveDirectory.ActiveDirectoryConnector.Update(UpdateType type, ObjectClass oclass, ICollection`1 attributes, OperationOptions options) in c:\ADE\aime_oimcp\idc\bundles\dotnet\ActiveDirectory\ActiveDirectoryConnector\ActiveDirectoryConnector.cs:line 1639
at Org.IdentityConnectors.Framework.Impl.Api.Local.Operations.UpdateImpl.Update(ObjectClass objclass, Uid uid, ICollection`1 replaceAttributes, OperationOptions options) in c:\ADE\aime_icf\icf\framework\dotnet\FrameworkInternal\ApiLocalOperations.cs:line 1377
at Org.IdentityConnectors.Framework.Impl.Api.Local.Operations.ConnectorAPIOperationRunnerProxy.Invoke(Object proxy, MethodInfo method, Object[] args) in c:\ADE\aime_icf\icf\framework\dotnet\FrameworkInternal\ApiLocalOperations.cs:line 244
at ___proxy1.Update(ObjectClass , Uid , ICollection`1 , OperationOptions )
at Org.IdentityConnectors.Framework.Impl.Server.ConnectionProcessor.ProcessOperationRequest(OperationRequest request) in c:\ADE\aime_icf\icf\framework\dotnet\FrameworkInternal\Server.cs:line 609
DateTime=2013-05-06T07:48:23.6474785Z
--
UZ