Event ID: 12808 SCIM response error.
- 1.Creation of a user with a domain name that is not registered with IIJ ID was attempted
- 2.When the "Subject (subject)" or "External user name (externalUserName)" attribute is set to an IIJ ID User, "Upstream ID provider to which authentication is delegated (issuer)" needs to be configured
- 3.The external ID (externalId) you have attempted to set to the IIJ ID User is already used by another user
- 4.The ID (userName) you have attempted to set to the IIJ ID User is already used by another user
- 5.The notification email address (email) of the IIJ ID User does not have an email address format
- 6.Users having the same ID or external ID have not been deleted yet
- 7.Access token cannot be used
- 8.Phone numbers (phoneNumbers) of IIJ ID Users are not in RFC3966 Global Numbers format
1.Creation of a user with a domain name that is not registered with IIJ ID was attempted
Phenomenon
The following event is output to Event Viewer.
| Log Level | Message |
|---|---|
| warn | [Overview] |
Description
Creation of a user with a domain name that is not registered with IIJ ID was attempted.
Support
Change the domain of the ID (userName) of the IIJ ID User or register the domain with the IIJ ID.
Related pages
2.When the "Subject (subject)" or "External user name (externalUserName)" attribute is set to an IIJ ID User, "Upstream ID provider to which authentication is delegated (issuer)" needs to be configured
Phenomenon
The following event is output to Event Viewer.
| Log Level | Message |
|---|---|
| warn | [Overview] |
Description
When the "Subject (subject)" or "External user name (externalUserName)" attribute is set to an IIJ ID User, "Upstream ID provider to which authentication is delegated (issuer)" needs to be configured.
Support
Take any of the following actions.
- Configure iid.scim.attribute.user.default.idTokenClaims in the configuration file (config.yml)
- Empty the "Subject (subject)" and "External user name (externalUserName)" attributes of the IIJ ID User
3.The external ID (externalId) you have attempted to set to the IIJ ID User is already used by another user
Phenomenon
The following event is output to Event Viewer.
| Log Level | Message |
|---|---|
| warn | [Overview] |
Description
The external ID (externalId) you have attempted to set to the IIJ ID User is already used by another user.
Support
Prevent duplication of the external ID or delete the user who is using the relevant external ID.
If the relevant user has already been deleted, there is a possibility that deprovisioning the user from linked services has not been completed.
In such a case, wait for at least one day before performing the deprovisioning process.
Related pages
- 削除したIIJ IDユーザと同じIDでユーザを再作成できない (Japanese Only)
4.The ID (userName) you have attempted to set to the IIJ ID User is already used by another user
Phenomenon
The following event is output to Event Viewer.
| Log Level | Message |
|---|---|
| warn | [Overview] |
Description
The ID (userName) you have attempted to set to the IIJ ID User is already used by another user.
Support
Prevent duplication of the ID or delete the user who is using the relevant ID.
If the relevant user has already been deleted, there is a possibility that deprovisioning the user from linked services has not been completed.
In such a case, wait for at least one day before performing the deprovisioning process.
Related pages
- 削除したIIJ IDユーザと同じIDでユーザを再作成できない (Japanese Only)
5.The notification email address (email) of the IIJ ID User does not have an email address format
Phenomenon
The following event is output to Event Viewer.
| Log Level | Message |
|---|---|
| warn | [Overview] |
Description
The notification email address (email) of the IIJ ID User does not have an email address format.
Support
Check the AD attribute set to iid.scim.attribute.user.ad_bind.emails.value in the config.yml configuration file and modify the format of the AD attribute value of the relevant user to an email address format.
6.Users having the same ID or external ID have not been deleted yet
Phenomenon
The following event is output to Event Viewer.
| Log Level | Message |
|---|---|
| warn | [Overview] |
Description
Users having the same ID or external ID have not been deleted yet.
[ Note ]Users with ID Provisioning and Users Registered to Use SmartKey Authentication
Once a user has been deleted, the deprovisioning process is performed for the linked services.
You cannot create a user that has the same ID or external ID until the deprovisioning process is complete. (It takes at least one day for deprovisioning for SmartKey authentication to be complete.)
Support
Perform synchronization on Directory Sync one more time after the user has been completely deleted.
7.Access token cannot be used
Phenomenon
The following event is output to Event Viewer.
| Log Level | Message |
|---|---|
| warn | [Overview] |
Description
Access token cannot be used.
Support
Check the following points about iid.scim.token in the secret.yml configuration file.
- Check whether a correct access token is described
- Check whether the access token has expired
- Whether a token has been revoked or not can be checked in Job History on IIJ ID Console.
8.Phone numbers (phoneNumbers) of IIJ ID Users are not in RFC3966 Global Numbers format
Phenomenon
The following event is output to Event Viewer.
| Log Level | Message |
|---|---|
| warn | [Overview] |
Description
Phone numbers (phoneNumbers) of IIJ ID Users are not in RFC3966 Global Numbers format.
Support
Check the AD attribute set to iid.scim.attribute.user.ad_bind.phoneNumbers.value in the config.yml configuration file and modify the format of the AD attribute value of the relevant user to a Global Numbers format for RFC3966.