0 votes

Hi all,

We are facing an issue when on user creation through Adaxes web service.

The problem is, we have special characters (ampersand) in some company name : e.g M&L

I'm escaping ampersand character in spml request as following :

<attr name="company" xmlns="urn:oasis:names:tc:DSML:2:0:core">
          <value>M&L</value>
        </attr>

And get following erros in :

  • xml response :
<?xml version="1.0" encoding="utf-8"?>
<Envelope xmlns="http://schemas.xmlsoap.org/soap/envelope/">
  <Body>
    <addResponse status="failure" error="customError" xmlns="urn:oasis:names:tc:SPML:2:0">
      <errorMessage>The name reference is invalid. (Server: eu.loi.net)</errorMessage>
    </addResponse>
  </Body>
  • Adaxes server event log :
Command Processor 'Business Rules' has set an incorrect state 'OPERATION_STATE_PROCESSING' to the following command: Create 'SAWYER Tom (eu.loi.net\EU90-Other Objects\Users)'. Full Name: 'X', First Name: 'Tom', Last Name: 'SAWYER', Description: 'User created via Adaxes SPML provider.', User Logon Name (pre-Windows 2000): 'tsawyer', User Logon Name: 'Tom.SAWYER@loccitane.com', Password Last Set: '-1', Company: 'M&L', Department: 'IT/IT INFRA-SYSTEMS-NETWORK', Office: 'FR Factory Manosque Grandes Terres', Manager: 'john.smith2@loccitane.com', Employee ID: 'YYYY', Employee Type: 'Permanent', Mobility Policy: 'False', Category: 'Office User', Name: 'SAWYER Tom', Display Name: 'SAWYER Tom', Password: '******', Extension Attribute 9: 'O.k6qC[T', Country: 'FR', City: 'Manosque'. The state has been changed to 'OPERATION_STATE_FAILED_NO_CONTINUE'.
Softerra.Spml2Library.Utils.Spml2Exception: SPML library reported an error. ---> Softerra.Adaxes.Adsi.DirectoryComException (0x8007202F): The name reference is invalid. (Server: eu.loi.net)

Server stack trace: 
   at Softerra.Adaxes.CommandPipeline.PipelineProcessor.ProcessCommand(ICommand command, Boolean throwExceptionIfFailed)
   at Softerra.Adaxes.Adsi.PipelinedObjectOperation.Execute(Boolean resolveValueRefs)
   at Softerra.Adaxes.Adsi.AdmObjectPipelined.ExecuteOperation(PipelinedObjectOperation operation, Boolean resolveValueRefs)
   at Softerra.Adaxes.Adsi.AdmObjectPipelined.SetInfo()
   at System.Runtime.Remoting.Messaging.StackBuilderSink._PrivateProcessMessage(IntPtr md, Object[] args, Object server, Int32 methodPtr, Boolean fExecuteInContext, Object[]& outArgs)
   at System.Runtime.Remoting.Messaging.StackBuilderSink.SyncProcessMessage(IMessage msg, Int32 methodPtr, Boolean fExecuteInContext)

Exception rethrown at [0]: 
   at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)
   at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
   at Softerra.Adaxes.Interop.Adsi.IADs.SetInfo()
   at Softerra.Adaxes.SpmlWebService.Executors.AddRequestExecutor.CreateObject(AddRequest addRequest, IDictionary`2 attributes, String psoObjectClass, ObjectClassDefinition psoObjectClassDefinition)
   at Softerra.Adaxes.SpmlWebService.Executors.AddRequestExecutor.ExecuteImpl(Request request)
   at Softerra.Adaxes.SpmlWebService.Executors.BaseExecutor.Execute(Request request)

We use this company string for years with no problem through Adaxes form.

Is there another way to pass this special character in my request ?

Thank you in advance

Regards

by (740 points)

1 Answer

0 votes
by (270k points)
selected by
Best answer

Hello,

The error is caused by an invalid value of a property. According to the record in Adaxes Event Log, you passed a username into the Manager property (Manager: 'john.smith2@loccitane.com'). You need to replace the username with a valid Distinguished Name of the user that should be a manager of the new user account. For example: CN=John Smith,OU=IT,OU=Departments,DC= loccitane,DC=com.
To copy the distinguished name of the user:

  1. Launch Adaxes Administration Console.
  2. Navigate to and right-click the user.
  3. Click the arrow next to Copy option.
  4. Click Copy DN.
0

Oh my bad..Sorry!
You're right. It worked well with the fqdn instead of upn..

Is it possible to use another value for manager attribute (GUID,...) ?

Many thanks for your help

0

No, only DN is supported by the Active Directory schema.

Related questions

0 votes
1 answer

Hello, We have an exchange server in a separate forest. When we create the mailbox using a business rule after user creation, the mailbox creates ok. After the user ... multi-forest environment and it made no difference. Thanks for any help you can provide.

asked Nov 2, 2018 by Jasonmh (540 points)
0 votes
0 answers

Hi, I recently set up a business role per a post in this thread that creates an on-prem shared mailbox and then moves that mailbox to O365. The issue is that ... ("Mailbox move request created successfully. Check Exchange logs for details." , "Information") }

asked Sep 14, 2016 by ajrechk (480 points)
0 votes
1 answer

Is there a way to autogenerate passphrases instead of generating random character passwords? Passphrase examples: repetition temper calculator powder northern busy

asked Jul 12, 2022 by Tfarmer (160 points)
0 votes
1 answer

Hello, I hope someone can help me with a specific script. I have tried to put 2 or 3 together that I have found on here but not having much luck. I am looking to have a ... -upn, but it doesn't seesm to be quite what I'm after. Any help would be appreciated.

asked May 20, 2020 by adantona (40 points)
0 votes
1 answer

Due to some of the systems we have, we must limit our logon names to 8 characters. When I set the Value Length to Maximum 8, the result when creating a new account ... get a popup "Invalid Value Length". Is there a way to autopopulate with only 8 characters?

asked Mar 18, 2013 by Kikaida (1.1k points)
3,326 questions
3,026 answers
7,727 comments
544,678 users