I am trying to update the UserAccountControl AD field using a specific value (66048) when I create a managed user on OpenIDM but I am facing an issue. The related stacktrace :
Caused by: org.identityconnectors.framework.common.exceptions.ConnectorException: javax.naming.OperationNotSupportedException: [LDAP: error code 53 - 0000052D: SvcErr: DSID-03 1A12D2, problem 5003 (WILL_NOT_PERFORM), data 0 ^@]; remaining name 'CN=93ba7d80-b0d3-4af7-b199-66f1b1bd217a,CN=Users,DC=xxx,DC=com' at org.identityconnectors.ldap.modify.LdapCreate.doCreate(LdapCreate.java:187) at org.identityconnectors.ldap.modify.LdapCreate.executeImpl(LdapCreate.java:136) at org.identityconnectors.ldap.modify.LdapCreate.execute(LdapCreate.java:80) at org.identityconnectors.ldap.LdapConnector.create(LdapConnector.java:209) at org.identityconnectors.framework.impl.api.local.operations.CreateImpl.create(CreateImpl.java:88) at sun.reflect.GeneratedMethodAccessor133.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:606) at org.identityconnectors.framework.impl.api.local.operations.ConnectorAPIOperationRunnerProxy.invoke(ConnectorAPIOperationRunnerProxy.java:97) at com.sun.proxy.$Proxy27.create(Unknown Source) at sun.reflect.GeneratedMethodAccessor133.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:606) at org.identityconnectors.framework.impl.api.local.operations.ThreadClassLoaderManagerProxy.invoke(ThreadClassLoaderManagerProxy.java:96) at com.sun.proxy.$Proxy27.create(Unknown Source) at sun.reflect.GeneratedMethodAccessor133.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) at java.lang.reflect.Method.invoke(Method.java:606) at org.identityconnectors.framework.impl.api.DelegatingTimeoutProxy.invoke(DelegatingTimeoutProxy.java:98) at com.sun.proxy.$Proxy27.create(Unknown Source) at org.identityconnectors.framework.impl.api.AbstractConnectorFacade.create(AbstractConnectorFacade.java:149) at org.forgerock.openidm.provisioner.openicf.impl.OpenICFProvisionerService$ObjectClassResourceProvider.createInstance(OpenICFProvisionerService.java:1332) ... 151 more
I am using the default LDAP Connector (1.4.0.0). If found on Forgerock (https://bugster.forgerock.org/jira/browse/OPENICF-102) that the UAC Field is read only using this connector.
How can I simply update it?
If you know exactly what you're doing you can use the userAccountControl attribute with OpenIDM.
In your case, it looks like you did not provide the password (UTF 16 encoded unicodePwd)