i'm trying to relocate the AD account via the command that was provided in the connector guide to relocate the Active Directory account(im_connectors_enu.pdf). Below is the code:
etautil -d <eTADomain> -u <eTAUser> p <password> update 'eTADSContainerName=Users,eTADSDirectoryName
<directoryName>,eTNamespaceName=ActiveDirectory' eTADSAccount eTADSAccountName=<accountName> to eTRelocateAccounts=1
eTSyncPolicyDN='eTADSPolicyName=<policyName>,eTADSPolicyContainerName=Active Directory Policies,eTNamespaceName=CommonObjects,dc=<eTADomain>'
however, when i try to run the code, i obtained the error below:
d:\CA\Identity Manager\Provisioning Manager\bin>etautil.exe -d im -u admin -p
password update 'eTADSContainerName=GRPIT,eTADSDirectoryName=APLIFEISGREATUAT,eT
NamespaceName=ActiveDirectory' eTADSAccount eTADSAccountName=Nur Shila Hisham to
:ETA_E_1210, 'Hisham' is not a valid operator for keyword 'Shila' Tue Dec 09 08
And then when i changed the code by putting in the ' ' characters to the eTADSAccountName, i obtained another error:
NamespaceName=ActiveDirectory' eTADSAccount eTADSAccountName='Nur Shila Hisham'
to eTRelocateAccounts=1 eTSyncPolicyDN='eTADSPolicyName=AD_GELS,eTADSPolicyConta
:ETA_E_0425<SAC>, Active Dir. Account 'Nur Shila Hisham' on 'APLIFEISGREATUAT' r
elocation from account template failed: Entry 'Nur Shila Hisham' does not exist
in the provisioning directory
:ETA_E_1337, ETAUTIL command failed Tue Dec 09 08:22:08 2014
i would like to know, what triggered the errors above, and how can solve this?
Anyone able to assist Chia?
For this error:
ETA_E_1210, 'Hisham' is not a valid operator for keyword 'Shila
the spaces around the name are causing the issue. Etautil being a command line utility needs proper formatting.
It read this eTADSAccountName=Nur and expected the next word to be the keyword "to" bu the next word was Shila and Shila is not a keyword for etautil so it gave the error.
For the next error:
Entry 'Nur Shila Hisham' does not exist in the provisioning directory
Simply put you are using the full name of a user, and not the account name. Account names cannot have spaces in them.
We are having the same error with a similar etautil command and I would like to clarify your point:
We also have spaces in what we believe is the "eTADSAccountName" of the user we are trying to update.
If we use the JXplorer to locate an account (mine for example) it shows:
We also have spaces in one of the Org Unit Names and the Directory Name, underlined below, which cause similar errors:
etautil -u admin -p password update 'eTADSOrgUnitName=Standard,eTADSOrgUnitName=Company Users,eTADSOrgUnitName=Users,eTADSOrgUnitName=Managed,eTADSDirectoryName=Active Directory,eTNamespaceName=ActiveDirectory,'eTADSAccount eTADSAccountName=Brett Mobsby to eTADSmail=brett.mobsby(a)company.com.au
Any help dealing with these spaces would be most appreciated.
Well, I am not sure how you could end up with an account name with spaces unless the endpoint itself was set that way in the beginning.
If that is the case than you have a long road ahead with formatting issues, but that is a conversation for another time.
My first question about your formatting is this part:
there should be a space:
Not sure if this is the result of copy and paste or not.
However with my experience with this command line utility, if this simple fix does not help, you will have to open a support case.
When you do provide a link to this post but please do fill out all information in the case description. When the support case is resolved we will come back here and post the results.
Thanks for your help William,
We did contact support and eventually got it working.
We added that missing space you mentioned and also took out the comma:
As for the account name, we ended up using single quotes:
The full command was:
etautil -u admin -p password update 'eTADSOrgUnitName=Standard,eTADSOrgUnitName=Company Users,eTADSOrgUnitName=Users,eTADSOrgUnitName=Managed,eTADSDirectoryName=Active Directory,eTNamespaceName=ActiveDirectory' eTADSAccount eTADSAccountName='Brett Mobsby' to eTADSmail=brett.mobsby(a)company.com.au
Apart from spaces in the account names, some users also had an ampersand (&) which came from appending their department to handle duplicates. This had to be escaped:
'Brett Mobsby - IM&T' became 'Brett Mobsby - IM^&T'