If Provisioning Manager works I would expect etautil to work.
Please review this through the Provisioning Manager. Please review the etatranslog and check how your etautil should look. The etatrans will show the modify request to update an attribute value and configure your etautil off of that. Thank you!
------------------------------
Best regards,
Scott Owens
Sr Support Engineer
------------------------------
And, as always Perhaps there are others in the communities who have experience in doing this and we invite them to comment here also.
Another option may be to reach out to our partner HCL Technologies to see in what way they can assist further. The Enterprise Studio team of HCL can be reached at
enterprisestudio@hcl.com.
https://www.hcltech.com/enterprise-studio------------------------------
------------------------------
Original Message:
Sent: 11-27-2019 10:53 PM
From: CHIA MIN Lim
Subject: Failure in removing Active Directory Domain group from user AD Account
Hi Everyone,
I have 4 AD domain running in the production environment. These 4 AD domain are child domain pointing to the same root domain. I'm attempting to remove a user's Active Directory account (The account is in Domain 1) group membership ( The group reside in Domain 2) using etautil command:
update 'eTADSOrgUnitName=XXX,eTADSDirectoryName=Domain1 AD endpoint Name' eTADSGroup eTADSGroupName='GroupName' to -eTADSmember='CN=XXX.. DC= Domain 2 '
and the etautil throw back the error Active Dir. Group 'GroupName' modification failed: Connector Server Modify failed: code 32 (NO_SUCH_OBJECT) ..... JCS@ServerName: no information available for connector: eTADSDirectoryName=Domain2....
But when I remove manually using Provisioning Manager by searching the Group from the Endpoint and remove the account from the group, it work successfully.
Has anyone hit this issue before? My IDM Suite is running on version 14.3.0
Thank You