1 Reply Latest reply on Jun 16, 2010 5:17 PM by Subbu-Oracle

    LDAP_MODIFY hanging when updating multiple AD accounts

      Hi, I'm working with the LDAP_MODIFY business interlink to write a process that will disable user accounts in our Active Directory when employees are terminated in PeopleSoft HCM. I'm able to disable single user accounts, but when the process is run on more than one terminated employee it hangs and eventually throws me out of PeopleSoft. It appears that attempting more than one execute against the same interlink instance causes this, but I've been unable to figure out a way of updating the attributes of two different AD accounts with only a single execution.

      Has anyone done something similar and encountered or resolved this issue?

      Here's an example based on the caode I've written so far:

      /* Function that returns an LDAP_MODIFY BI object instance */
      &LDAPDir = GetLDAPInterlink("MODIFY");

      &inDoc = &LDAPDir.GetInputDocs("");
      &ret = &inDoc.AddValue("Distinguished_Name", "CN=Test Acct1,CN=Users,DC=peoplesoft,DC=com");
      &LDAPModsDoc = &inDoc.AddDoc("LDAPMods");
      &ret = &LDAPModsDoc.AddValue("Action", "replace");
      &AttributeDoc = &LDAPModsDoc.AddDoc("Attribute");
      &ret = &AttributeDoc.AddValue("Attribute_Name", "userAccountControl");
      &ret = &AttributeDoc.AddValue("Value", "514");

      &EXECRSLT = &LDAPDir.Execute();

      If (&EXECRSLT <> 1) Then
      WinMessage("Execute Failed", 0);
      &outDoc = &LDAPDir.GetOutputDocs("");
      &ret = &outDoc.GetValue("return_status", &ret_status);
      &ret = &outDoc.GetValue("return_status_msg", &ret_msg);

      &LDAPDir1 = GetLDAPInterlink("MODIFY");

      &inDoc1 = &LDAPDir1.GetInputDocs("");
      &ret = &inDoc1.AddValue("Distinguished_Name", "CN=Test Acct2,CN=Users,DC=peeoplesoft,DC=com");
      &LDAPModsDoc1 = &inDoc1.AddDoc("LDAPMods");
      &ret = &LDAPModsDoc1.AddValue("Action", "replace");
      &AttributeDoc1 = &LDAPModsDoc1.AddDoc("Attribute");
      &ret = &AttributeDoc1.AddValue("Attribute_Name", "userAccountControl");
      &ret = &AttributeDoc1.AddValue("Value", "514");

      &EXECRSLT = &LDAPDir1.Execute();

      If (&EXECRSLT <> 1) Then
      WinMessage("Execute Failed", 0);
      &outDoc = &LDAPDir.GetOutputDocs("");
      &ret = &outDoc.GetValue("return_status", &ret_status);
      &ret = &outDoc.GetValue("return_status_msg", &ret_msg);

      &LDAPDir = Null;

      &LDAPDir1 = Null;
        • 1. Re: LDAP_MODIFY hanging when updating multiple AD accounts
          Can you please specifiy the following:

          1) PeopleTools version with patch (example: PT849.24 or PT850.09)
          2) Application Server platform (output from the command 'uname -a' on UNIX or if it is windows, please specify what it is)
          3) Are you using AD 2003 or AD 2008?

          Can you do the same thing using the command-line tool (ldapmodify) with the use of LDIF file (for multiple modifications to the LDAP Dir Server)

          Can you make sure that your LDAP Dir server is not timing out (ie if it takes more time to respond then the PSFT App-Server would time out and the user will be kicked out of PIA).

          I know, it sounds like a lot of work for you and many questions from my side(sorry!).