{"id":595,"date":"2018-09-03T18:16:42","date_gmt":"2018-09-03T13:46:42","guid":{"rendered":"http:\/\/www.enhisecure.com\/isecureblog\/?p=595"},"modified":"2019-05-21T12:34:46","modified_gmt":"2019-05-21T08:04:46","slug":"active-directory-exchange-provisioning-errors-in-sailpoint-identity-iq","status":"publish","type":"post","link":"https:\/\/www.enhisecure.com\/isecureblog\/2018\/09\/03\/active-directory-exchange-provisioning-errors-in-sailpoint-identity-iq\/","title":{"rendered":"Active Directory &#8211; Exchange Provisioning errors in Sailpoint Identity IQ"},"content":{"rendered":"<h1>Issue Description:<\/h1>\n<p><a href=\"https:\/\/docs.microsoft.com\/en-us\/windows-server\/identity\/ad-ds\/get-started\/virtual-dc\/active-directory-domain-services-overview\">Active Directory<\/a> Provisioning along with <a href=\"https:\/\/en.wikipedia.org\/wiki\/Microsoft_Exchange_Server\">Exchange<\/a> attributes failing with below error message.<\/p>\n<p><strong>Errors returned from IQService. Connecting to remote server win-g303o4860qk.enhcorp.com failed with the following error message: The username or password is incorrect. For more information, see the about_Remote_Troubleshooting Help topic.<\/strong><\/p>\n<p>&nbsp;<\/p>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-608 aligncenter\" src=\"http:\/\/www.enhisecure.com\/isecureblog\/wp-content\/uploads\/2018\/09\/Capture-1-300x122.png\" alt=\"\" width=\"521\" height=\"212\" srcset=\"https:\/\/www.enhisecure.com\/isecureblog\/wp-content\/uploads\/2018\/09\/Capture-1-300x122.png 300w, https:\/\/www.enhisecure.com\/isecureblog\/wp-content\/uploads\/2018\/09\/Capture-1-1024x417.png 1024w, https:\/\/www.enhisecure.com\/isecureblog\/wp-content\/uploads\/2018\/09\/Capture-1.png 1291w\" sizes=\"auto, (max-width: 521px) 100vw, 521px\" \/><\/p>\n<p>&nbsp;<\/p>\n<h1>Troubleshooting steps:<\/h1>\n<ul>\n<li>Verified the User\/Password details by logging in to the Domain controller as Domain Admin (the user which was used in Active Directory Application Configuration)<\/li>\n<li>Verified and restarted Exchange services which were failed to start by default.<\/li>\n<\/ul>\n<p><img loading=\"lazy\" decoding=\"async\" class=\"wp-image-600 aligncenter\" src=\"http:\/\/www.enhisecure.com\/isecureblog\/wp-content\/uploads\/2018\/09\/eXCH-SERVCIES-300x144.png\" alt=\"\" width=\"537\" height=\"258\" srcset=\"https:\/\/www.enhisecure.com\/isecureblog\/wp-content\/uploads\/2018\/09\/eXCH-SERVCIES-300x144.png 300w, https:\/\/www.enhisecure.com\/isecureblog\/wp-content\/uploads\/2018\/09\/eXCH-SERVCIES.png 619w\" sizes=\"auto, (max-width: 537px) 100vw, 537px\" \/><\/p>\n<ul>\n<li>Enabled logging for AD Connector and observed the below messages.\n<ul>\n<li>2018-08-31 02:07:09,515 DEBUG Workflow Event Thread 1 sailpoint.connector.ADLDAPConnector:3503 &#8211; 1239254649 Entering handleObjectRequest2018-08-31 02:07:10,796 ERROR Workflow Event Thread 1 sailpoint.connector.ADLDAPConnector:3380 &#8211; 1239254649 Exception occurred in handling Object Request.sailpoint.tools.GeneralException: Errors returned from IQService. Connecting to remote server win-g303o4860qk.enhcorp.com failed with the following error message: The username or password is incorrect. For more information, see the about_Remote_Troubleshooting Help topic.<\/li>\n<\/ul>\n<\/li>\n<li>Launched <a href=\"https:\/\/docs.microsoft.com\/en-us\/powershell\/exchange\/exchange-server\/open-the-exchange-management-shell?view=exchange-ps\">Exchange Management Shell<\/a> and observed below error messages\n<ul>\n<li>VERBOSE: Connecting to WIN-G303O4860QK.enhcorp.com.New-PSSession : [win-g303o4860qk.enhcorp.com] Connecting to remote server win-g303o4860qk.enhcorp.com failed with the following error message: WinRM cannot complete the operation. Verify that the specified computer name is valid, that the computer is accessible over the network, and that a firewall exception for the WinRM service is enabled and allows access<strong> from this computer. By default, the WinRM firewall exception for public profiles limits accesses to remote\u00a0<\/strong><strong>computers within the same local subnet. For more information, see the about_Remote_Troubleshooting Help topic<\/strong>.At line:1 char:1\n<p>+ New-PSSession -ConnectionURI &#8220;$connectionUri&#8221; -ConfigurationName Microsoft.Excha &#8230;<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<h1>Resolution:<\/h1>\n<p>Active Directory-Direct connector reads Exchange Server attributes by connecting to the Active Directory.<\/p>\n<p>But, for provisioning any Exchange attributes, connector needs access to remote Powershell via\u00a0IQService.<\/p>\n<p><a href=\"https:\/\/searchwindowsserver.techtarget.com\/definition\/Windows-Remote-Management\">Windows Remote Management<\/a> (WinRM) is a feature of Windows that allows<\/p>\n<p>administrators to remotely run management scripts. WinRM Service should be running and that<\/p>\n<p>should also be set up for Remote Management using the <strong>Enable-PSRemoting -force<\/strong>.<\/p>\n<p>&nbsp;<\/p>\n<p>Enable PowerShell remoting in the domain using below cmdlet in Exchange Management Shell.<\/p>\n<p><strong>&gt;Enable-PSRemoting -Force<\/strong><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Issue Description: Active Directory Provisioning along with Exchange attributes failing with below error message. Errors returned from IQService. Connecting to remote server win-g303o4860qk.enhcorp.com failed with the following error message: The username or password is incorrect. For more information, see the about_Remote_Troubleshooting Help topic. &nbsp; &nbsp; Troubleshooting steps: Verified the User\/Password details by logging in to [&hellip;]<\/p>\n","protected":false},"author":11,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[8,15,14,16],"tags":[40,10,11],"class_list":["post-595","post","type-post","status-publish","format-standard","hentry","category-identity-governance","category-implementation-problems","category-sailpoint","category-technology","tag-active-directory","tag-identity-iq","tag-sailpoint"],"_links":{"self":[{"href":"https:\/\/www.enhisecure.com\/isecureblog\/wp-json\/wp\/v2\/posts\/595","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.enhisecure.com\/isecureblog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.enhisecure.com\/isecureblog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.enhisecure.com\/isecureblog\/wp-json\/wp\/v2\/users\/11"}],"replies":[{"embeddable":true,"href":"https:\/\/www.enhisecure.com\/isecureblog\/wp-json\/wp\/v2\/comments?post=595"}],"version-history":[{"count":21,"href":"https:\/\/www.enhisecure.com\/isecureblog\/wp-json\/wp\/v2\/posts\/595\/revisions"}],"predecessor-version":[{"id":620,"href":"https:\/\/www.enhisecure.com\/isecureblog\/wp-json\/wp\/v2\/posts\/595\/revisions\/620"}],"wp:attachment":[{"href":"https:\/\/www.enhisecure.com\/isecureblog\/wp-json\/wp\/v2\/media?parent=595"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.enhisecure.com\/isecureblog\/wp-json\/wp\/v2\/categories?post=595"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.enhisecure.com\/isecureblog\/wp-json\/wp\/v2\/tags?post=595"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}