• State Not Answered
  • Replies 7 replies
  • Subscribers 62 subscribers
  • Views 1806 views
  • Users 0 members are here
Options
Related

Workflow throwing error after approval operation is successful on Active Roles version 7.5

soumya malipatel_66638
over 1 year ago

Active Roles approval workflow to add group to the user account is failing to add the group to the user and throwing an error after a approval request has be successfully approved from the approval queue on the user interface. Upon approval a message appears on screen saying the 'The operation is successful' but the group is not added to the user account. 

The event viewer log shows the error details as below

Execution of workflow instance failed.
Workflow name: BESSAdmin Approval

'Details: serviceExecutionActivity1 activity has terminated this workflow instance.
Administration Service encountered an error when making changes to the object 'CN=LIL_Sec_BESSAdmin,OU=Security Groups,OU=Lily,OU=xxx,DC=xxx,DC=xxxx,DC=xxx'.
An internal error occurred. (Exception from HRESULT: 0x8007054F)" 

Any help to resolve this issue is appreciated. Thank you.

Parents Reply Children
  • 0 over 1 year ago in reply to JohnnyQuest

    The group did not get added to user, after Workflow 'Run as' option is setup to run as 'The service account of active Roles'. The approval showed the operation as successful on user interface when request is approved. But the group did not get added to the user.

  • 0 over 1 year ago in reply to soumya malipatel_66638

    What I am trying to get you to do is test the native rights of your Active Roles Service Account or Override account.  My suspicion is that it's possible that the account executing the operation doesn't have rights to add users to this group for some reason.

    Another alternative would be to attempt the operation using Powershell but again, you would need to run the script as your Active Roles service account.

  • 0 over 1 year ago in reply to JohnnyQuest

    The service account has permissions to add user to the group. The powershell script has added the user to the group when the script is run with service account credentials. It appears the workflow is breaking the operation. Is there a way to debug the workflow. Below is the error from the event viewer.

    Initiator: PLANT\AccountAdmin
    Details: serviceExecutionActivity1 activity has terminated this workflow instance.
    Administration Service encountered an error when making changes to the object 'CN=7CB_Sec_SuperMaster,OU=Security Groups,OU=7Cowboy,OU=South2,OU=Wind,DC=xxxxx,DC=xxxxx,DC=com'.
    An internal error occurred. (Exception from HRESULT: 0x8007054F)

  • 0 over 1 year ago in reply to soumya malipatel_66638

    Are you using a Workflow Activity to add the user to the group or are you just relying on the "native" operation being allowed to finish when the Approval occurs?