Register Sign in Need help? FAQ SailPoint directory
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Error message: "The server is unwilling to process the request"

Error message: "The server is unwilling to process the request"

 

Product

All IdentityIQ product versions can show this error since the error comes from Active Directory.

 

Environment

Active Directory

 

Error

You may find one or more of the below in the logs:

 

"Error occurred while setting password for the account. Exception has been thrown by the target of an invocation.The server is unwilling to process the request. (Exception from HRESULT: 0x80072035)"

 

Failed to update attributes. The server is unwilling to process the request.

 

ERROR : "Caught exception in Modify. The server is unwilling to process the request."

 

Root Cause

The error is not caused by IIQ, but comes directly from Active Directory.   This error may be returned by Active Directory by any one of these problems:

  • An attempt to violate a password policy, such as history, password length, blank password, etc.
  • An attempt to set a value for an attribute that does not exist
  • An attempt to set an incorrect value for an attribute (the value does not adhere to the attribute's syntax).
  • Any other operation that the Active Directory server will not allow.

 

Workaround/Fix

Ensure that the operation is allowed by Active Directory: passwords should comply with password policy; attributes must exist; attribute values must adhere to the attribute's syntax.  Also check network metrics for anomalies and check network security appliances for closed connections.

Labels (2)
Comments
vijay_sharma
‎Aug 17, 2015 09:55 AM
‎Aug 17, 2015 09:55 AM

Thanks Roy ,Chris,

I am getting same error returned from AD while we set one  group for user. Also I don't see this error always but for some user. I checked the attribute value and same is present in AD and for some user. Any idea why it is successful for one user while not for other user if value is same.

Error from IQ service log:

08/07/2015 10:21:36 : ADConnectorServices [] ERROR : ""Error occured while setting group membership. CN=Abc,CN=Users,DC=Example,DC=com. The server is unwilling to process the request.

thanks in advance.

Vijay Sharma

francois_legare
‎Apr 11, 2016 12:15 PM
‎Apr 11, 2016 12:15 PM

Hi Vijay,

Were you able to get this issue resolved?

We have the exact same issue (6.4P4) where this error pops up when updating group membership for some users, but it works for other users.  No major difference in users' profiles exist.

Thanks,

Francois

ko6v5t7
‎Sep 26, 2016 06:16 PM
‎Sep 26, 2016 06:16 PM

We have the exact same issue (6.4P4) when updating group membership for users from different domain.

For example: we have AD forest abc.com which contains two domains Inc.abc.com and americas.abc.com.

Group located in Inc.abc.com. When we trying to execute provisioning plan to update member in group for user located in same domain (Inc) then everything works fine but when we trying to execute same provisioning plan for user located in different domain (americas) then we getting "The server is unwilling to process the request" error.

Konstantin

sagar_madaan
‎Apr 17, 2017 08:06 AM
‎Apr 17, 2017 08:06 AM

Hey Vijay,

Were you able to resolve the issue ? We have been getting similar errors. Any help on this will be much appreciated.

Regards

-Sagar.

patelr3
‎Jul 23, 2020 03:16 PM
‎Jul 23, 2020 03:16 PM

Was anyone able to resolve this issue.

spreddem839
‎Jul 06, 2022 04:38 PM
‎Jul 06, 2022 04:38 PM

please check permissions of service account if allowed to do group operations for this group

Version history
Revision #:
2 of 2
Last update:
‎Jul 27, 2023 10:11 PM
Updated by:
Community Administrator
 
View Article History
Contributors