• State Verified Answer
  • Locked Locked
  • Replies 4 replies
  • Answers 2 answers
  • Subscribers 94 subscribers
  • Views 4507 views
  • Users 0 members are here
Options
Related
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Administrative Policy returned an error when adding user to ou group via Active Roles

daniell kilian
over 5 years ago

I received the following error when we try and provision a user to a specific group in AD. We use ARS in our implementation. Is this a fix we need to make on our side or does it relate to a permission on the AD side?

Method ( (Update)) could not be executed successfully.
[VI.Projector.ActiveRoles.Connector.Utils.SingleStepCommitExecutionException] Error during modification of object: CN=USB Write Access,OU=USB Access,OU=Groups,OU=Administration,DC=global,DC=xxx,DC=xxx
Modification 'Add' of property 'vrtMemberFPOResolved' value 'S-1-5-21-2000478354-838170752-1801674531-603522' failed with error:
[System.Runtime.InteropServices.COMException] Administrative Policy returned an error.
Attempted to perform an unauthorized operation.

Parents Reply Children
  • +1 over 5 years ago in reply to daniell kilian

    My apologies for the error in the KB I provided is for a different error that was fixed in 7.1.4. Your error is leading me to believe that the administration policy on the OU where this object exists may be the issue. I would suggest checking which Active Roles Administration policies that you have enabled on that OU and disable one at a time and restart the frozen job to see if the job now completes. This should help to narrow down which policy is causing the issue.

  • 0 over 5 years ago in reply to Troy Grandy

    Thank you, i had a look and the issue was on the ARS side. It has been resolved now