on 05-16-2012 8:25 PM
I seem to be getting the following error when trying to set an Active Directory Password:
Failed to set password on user . Error no:424. Description:Object required
Our version of AD is 2008 and we are using 7.2 SP4. Any tips would be appreciated.
Thanks!
I know this is somewhat old, but I found you will receive this error if the ACCOUNT<repository> attribute isn't set correctly on the identity. For Active Directory, this should be the DN of the user. I was receiving this error for a user that was moved improperly and the DN was set correctly in this attribute.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Well it all seems to be working now. Not sure why, but I won't complain!
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
I had similar error too. Not sure, but it looks like the VB run-time catches the actual error and throws that generic Microsoft OLE/COM-error or the error handler in the VB run-time fails itself to the "object required" error.
Anyway, I copied that VB script to file system as VBS-file, hardcoded the parameters I was supposed to pass within IdM, ran the file in operating system and was able to figure out exact line that fails. Modified the script until it worked, removed the hardcoded parameters and copied the logic to my pass in IdM.
In my case it was matter of figuring out the correct flags with "adsNamespaceLDAP.OpenDSObject" and "adsMyObject.SetOption ADS_OPTION_PASSWORD_METHOD" statements to use with my customer's AD.
And create a custom pass from scratch with your working VB Script and link that to the plugin so that your next sp/patch install won't overwrite your changes.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Matt - just in case make sure that the IDM system is in the same domain or else install a dispatcher on a server in the same domain if this is not possible.
Thanks,
Chris
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
It's been a while, but I would look at the rights of the account running the dispatcher to see if it has the necessary security to reset passwords, connect to the domain, access the account, etc.
I believe "Object Required" = "Couldn't reach the account", but I'm not 100% sure on that one.
Jared
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
82 | |
10 | |
10 | |
9 | |
6 | |
6 | |
5 | |
5 | |
4 | |
3 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.