PrevPrev Go to previous topic
NextNext Go to next topic
Last Post 07/12/2017 10:55 AM by  JimY
IPA-Adding OS (Environment) Identity
 8 Replies
Sort:
You are not authorized to post a reply.
Page 1 of 212 > >>
Author Messages
Roger French
Private
Private
Veteran Member
(1266 points)
Veteran Member
Posts:522


Send Message:

--
07/10/2017 11:24 AM

    So, attempting to add the OS Identity using the Resource Update node. This is Landmark on Windows 10.1.1.51

    LSF 10.x

    So in the IPA is working and the Basic LSF Security record using the Resource Update node. The SSOP and the EMSS identities are also added correctly.

    The OS Environment identity is not. Here is a snippet from the error log of the work unit. The SID is not an attribute to populate in the build in the Resource Node, and thus it can't be manually added. I've already confirmed that the user does have a SID by using the wmic command.

     

     

    Error while executing ResourceUpdate activity 
    java.lang.Exception: Invalid Argument (SID=null for service [LSF10] with svcIdenAttrs [[SID]] and identProps {SID=null, LOGIN=DDomain\john.doe, UID=, PASSWORD=password}).Service 'TEST_EMPLOYEE' added Succesfully.Service 'SSOP' added Succesfully.
    at com.lawson.bpm.processflow.workFlow.flowGraph.FgaUsers.addServiceRemote(FgaUsers.java:935)
    at com.lawson.bpm.processflow.workFlow.flowGraph.FgaUsers.startActivity(FgaUsers.java:1153)
    at com.lawson.bpm.processflow.workFlow.flowGraph.FgActivity.execute(FgActivity.java:947)

     

    Has anyone been able to add the OS Environment identity using the Resource Update node? If so how did you make it work?

    Thank you


    JimY
    Private
    Private
    Veteran Member
    (1055 points)
    Veteran Member
    Posts:377


    Send Message:

    --
    07/11/2017 5:56 AM
    Yes, we have been able to add the OS Identity.  Are you including the domain?  Below is a screen shot of what we do.



    Roger French
    Private
    Private
    Veteran Member
    (1266 points)
    Veteran Member
    Posts:522


    Send Message:

    --
    07/11/2017 7:39 AM

    Yes, I've included the domain. Tried both hard coding it like you have in your example, and also in the variable for the DOMAIN_USER with and without the Domain\. For the PASSWORD value I used password. Still the error occurs. 

    JimY
    Private
    Private
    Veteran Member
    (1055 points)
    Veteran Member
    Posts:377


    Send Message:

    --
    07/11/2017 9:48 AM
    Is john.doe a valid user id set up in Active Directory(Not sure if you use AD)? It sounds like it is not able to get the SID. Have you tried adding it using ISS and does it work?
    Roger French
    Private
    Private
    Veteran Member
    (1266 points)
    Veteran Member
    Posts:522


    Send Message:

    --
    07/11/2017 9:50 AM

    Yes AD is used, and Yes I can add it in ISS.

    You are not authorized to post a reply.
    Page 1 of 212 > >>