Hello Community,
I am encountering an issue while running a synchronization project in One Identity Manager for LDAP provisioning. The error message is as follows:
-----------------------------
JobName : LDP_Account_Insert
(2025-03-05 11:51:18.943) [1777018] Error running synchronization project (LDAP domain 'dc=Davi,dc=at( 10.1.1.6 )' (Generic))'s workflow (Provisioning).
[1777124] Error running synchronization step (InetOrgPerson) of synchronization configuration (Provisioning (Provisioning)).
[1777376] Unable to run method (Insert) for object (LDAP Mail) because not all mandatory properties are defined.
Missing: sn
[1777124] Error running synchronization step (InetOrgPerson) of synchronization configuration (Provisioning (Provisioning)).
[1777376] Unable to run method (Insert) for object (LDAP Mail) because not all mandatory properties are defined.
Missing: sn
--------------------------------
Troubleshooting Done:
-
Mapping is Correct:
- The 'sn' (surname) attribute is correctly mapped in One Identity Manager to 'Last name'.
- The property mapping is configured between One Identity Manager → "Last name" and LDAP → "sn".
-
Verified Data in One Identity Manager:
- The 'Last name' field is populated correctly in One Identity Manager.
-
Checked Synchronization Logs:
- The logs still indicate that 'sn' is missing in the provisioning step.
-
Mapping Settings:
- The mapping direction is "Use Mapping".
- The "Do not overwrite" option was initially enabled but was later unchecked.
- The merge mode support is currently disabled.
Questions:
- Even though 'sn' is mapped to 'Last name', why is it still missing in provisioning?
- Are there any additional configurations required to ensure that 'sn' is sent correctly?
- Could there be any merge mode restrictions or schema validation rules in LDAP that prevent 'sn' from being written?
Any insights or troubleshooting suggestions would be greatly appreciated.
Thanks in advance!
Regards,
Badhri
