0 votes

When copying a group, the message appears even though the group does not yet exist. "The specified group already exists, (Server: adc.de:636)"

by (170 points)

1 Answer

0 votes
by (294k points)

Hello Johann,

The error occurs because the group to be created has some properties matching the source one. For example, if you are creating a group in the same OU where the source group is located, their names must be different. Also, the groups must have different sAMAccountNames. The requirements come from Active Directory itself and are not related to Adaxes.

0

Hi Support,

Thanks for the quick answer!

OK, I use the copy function, pick a group from a template OU, give the group name an extension and the target is another OU. Then comes the error message. Aren't all requirements fulfilled with this... or is it still dependent on other properties?

0

Hello Johann,

The error is returned by Active Directory (you can see it from the error containing the server name) which means that some requirements are not met. It looks like you are not changing the sAMAccountName which must be unique. To be sure about the root cause of the issue, you can do the following:

  1. Launch Adaxes Administration console.
  2. In the Console Tree, expand your service node.
  3. Select Logging.
  4. In the Result Pane on the right, right-click the log record for the failed group creation.
  5. In the context menu, click Properties. image.png
  6. Select the entire operation description, copy and then paste it to a text editor. image.png
  7. You will see all the properties being set for the group creation.
0

Thanks, I will check it tomorrow...

0

Hi Support,

Thanks for the tip, this allowed me to locate the problem. After I have expanded the form (yellow), the group can be copied. image.png

However, the user does not need to see this.

We have property patterns for groups: image.png

Is it possible to hide the second line? image.png

Best regards Johann

0

Hello Johann,

Unfortunately, if you just remove the Group Name (pre-Windows 2000) property from the form the property pattern will not work. The property value will be copied from the source group and you will keep getting the error message.

As a workaround, you can remove the property from the form and create a business rule triggering Before creating a group. The rule will check whether the Group Name (pre-Windows 2000) property value equals that of the Group Name property and if not, execute the below script to update it accordingly.

# Get group name
$groupName = $Context.GetModifiedPropertyValue("cn")

# Remove spaces
$groupName = $groupName.Replace(" ", "")

# Update group samAccountName
$Context.SetModifiedPropertyValue("sAMAccountName", $groupName)

Finally, the rule will look like the following: image.png

0

Thanks for the information and the workaround. This helps me a lot.

Johann

Related questions

0 votes
1 answer

Hallo everyone I have made a property with adm-CustomAttributeTextMultiValue3 and named it "School". Then I have added the values Arkades, BSLA, BSLG, BSLH, LCA, LCB, LCG, LCH ... can see an screenshot of the warning: Can anyone help me to fixs this problem?

asked Aug 15, 2019 by hilmiemrebayat (120 points)
0 votes
1 answer

"Connecting to remote server <<FQDN Servername>> failed with the following error message : The server certificate on the destination computer (<<FQDN servername: ... ? This may help to diagnose the issue with schannel on the skype server.

asked Mar 5, 2020 by mark.it.admin (2.3k points)
0 votes
0 answers

Over the last day or so we have been seeing this pop up under the exchange header in adaxes portal. cmdlet Get-CASMailbox is not present in the role definition of the current user

asked Jul 3, 2023 by Jeff.Briand (80 points)
0 votes
1 answer

Our adaxes service account is able to create the mailbox when running our create user business rule, but cannot change any settings like disable OWA. What level of security will it need?

asked Apr 6, 2021 by bstone (50 points)
0 votes
1 answer

I am working with Adaxes for the first time. Looking to set up the service account so it can actually make changes to AD not just to register the Adaxes Service. I would rather ... the Adaxes service. What I am unable to do is have adaxes make changes to AD.

asked Sep 21, 2022 by mightycabal (1.0k points)
3,588 questions
3,277 answers
8,303 comments
548,090 users