0 votes

Hi all,

We are facing an issue when on user creation through Adaxes web service.

The problem is, we have special characters (ampersand) in some company name : e.g M&L

I'm escaping ampersand character in spml request as following :

<attr name="company" xmlns="urn:oasis:names:tc:DSML:2:0:core">

And get following erros in :

  • xml response :
<?xml version="1.0" encoding="utf-8"?>
<Envelope xmlns="http://schemas.xmlsoap.org/soap/envelope/">
    <addResponse status="failure" error="customError" xmlns="urn:oasis:names:tc:SPML:2:0">
      <errorMessage>The name reference is invalid. (Server: eu.loi.net)</errorMessage>
  • Adaxes server event log :
Command Processor 'Business Rules' has set an incorrect state 'OPERATION_STATE_PROCESSING' to the following command: Create 'SAWYER Tom (eu.loi.net\EU90-Other Objects\Users)'. Full Name: 'X', First Name: 'Tom', Last Name: 'SAWYER', Description: 'User created via Adaxes SPML provider.', User Logon Name (pre-Windows 2000): 'tsawyer', User Logon Name: 'Tom.SAWYER@loccitane.com', Password Last Set: '-1', Company: 'M&L', Department: 'IT/IT INFRA-SYSTEMS-NETWORK', Office: 'FR Factory Manosque Grandes Terres', Manager: 'john.smith2@loccitane.com', Employee ID: 'YYYY', Employee Type: 'Permanent', Mobility Policy: 'False', Category: 'Office User', Name: 'SAWYER Tom', Display Name: 'SAWYER Tom', Password: '******', Extension Attribute 9: 'O.k6qC[T', Country: 'FR', City: 'Manosque'. The state has been changed to 'OPERATION_STATE_FAILED_NO_CONTINUE'.
Softerra.Spml2Library.Utils.Spml2Exception: SPML library reported an error. ---> Softerra.Adaxes.Adsi.DirectoryComException (0x8007202F): The name reference is invalid. (Server: eu.loi.net)

Server stack trace: 
   at Softerra.Adaxes.CommandPipeline.PipelineProcessor.ProcessCommand(ICommand command, Boolean throwExceptionIfFailed)
   at Softerra.Adaxes.Adsi.PipelinedObjectOperation.Execute(Boolean resolveValueRefs)
   at Softerra.Adaxes.Adsi.AdmObjectPipelined.ExecuteOperation(PipelinedObjectOperation operation, Boolean resolveValueRefs)
   at Softerra.Adaxes.Adsi.AdmObjectPipelined.SetInfo()
   at System.Runtime.Remoting.Messaging.StackBuilderSink._PrivateProcessMessage(IntPtr md, Object[] args, Object server, Int32 methodPtr, Boolean fExecuteInContext, Object[]& outArgs)
   at System.Runtime.Remoting.Messaging.StackBuilderSink.SyncProcessMessage(IMessage msg, Int32 methodPtr, Boolean fExecuteInContext)

Exception rethrown at [0]: 
   at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)
   at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
   at Softerra.Adaxes.Interop.Adsi.IADs.SetInfo()
   at Softerra.Adaxes.SpmlWebService.Executors.AddRequestExecutor.CreateObject(AddRequest addRequest, IDictionary`2 attributes, String psoObjectClass, ObjectClassDefinition psoObjectClassDefinition)
   at Softerra.Adaxes.SpmlWebService.Executors.AddRequestExecutor.ExecuteImpl(Request request)
   at Softerra.Adaxes.SpmlWebService.Executors.BaseExecutor.Execute(Request request)

We use this company string for years with no problem through Adaxes form.

Is there another way to pass this special character in my request ?

Thank you in advance


by (730 points)

1 Answer

0 votes
by (244k points)
selected by
Best answer


The error is caused by an invalid value of a property. According to the record in Adaxes Event Log, you passed a username into the Manager property (Manager: 'john.smith2@loccitane.com'). You need to replace the username with a valid Distinguished Name of the user that should be a manager of the new user account. For example: CN=John Smith,OU=IT,OU=Departments,DC= loccitane,DC=com.
To copy the distinguished name of the user:

  1. Launch Adaxes Administration Console.
  2. Navigate to and right-click the user.
  3. Click the arrow next to Copy option.
  4. Click Copy DN.

Oh my bad..Sorry!
You're right. It worked well with the fqdn instead of upn..

Is it possible to use another value for manager attribute (GUID,...) ?

Many thanks for your help


No, only DN is supported by the Active Directory schema.

Related questions

0 votes
1 answer

Hello, We have an exchange server in a separate forest. When we create the mailbox using a business rule after user creation, the mailbox creates ok. After the user ... multi-forest environment and it made no difference. Thanks for any help you can provide.

asked Nov 2, 2018 by Jasonmh (540 points)
0 votes
0 answers

Hi, I recently set up a business role per a post in this thread that creates an on-prem shared mailbox and then moves that mailbox to O365. The issue is that ... ("Mailbox move request created successfully. Check Exchange logs for details." , "Information") }

asked Sep 14, 2016 by ajrechk (480 points)
0 votes
1 answer

Is there a way to autogenerate passphrases instead of generating random character passwords? Passphrase examples: repetition temper calculator powder northern busy

asked Jul 12, 2022 by Tfarmer (160 points)
0 votes
1 answer

Hello, I hope someone can help me with a specific script. I have tried to put 2 or 3 together that I have found on here but not having much luck. I am looking to have a ... -upn, but it doesn't seesm to be quite what I'm after. Any help would be appreciated.

asked May 20, 2020 by adantona (40 points)
0 votes
1 answer

Due to some of the systems we have, we must limit our logon names to 8 characters. When I set the Value Length to Maximum 8, the result when creating a new account ... get a popup "Invalid Value Length". Is there a way to autopopulate with only 8 characters?

asked Mar 18, 2013 by Kikaida (1.1k points)
2,991 questions
2,710 answers
200,400 users