NameAlreadyBoundException when attempting to sync in IDM (All versions)
The purpose of this article is to provide assistance if you receive a NameAlreadyBoundException: [LDAP: error code 68 - The entry cannot be added because an entry with that name already exists] when attempting to sync in IDM.
Symptoms
An error similar to the following is shown in the IDM log when attempting to sync and the FOUND situation should be actioned but is not, even though both the target and source exists:
Caused by: org.identityconnectors.framework.common.exceptions.AlreadyExistsException: javax.naming.NameAlreadyBoundException: [LDAP: error code 68 - The entry uid=A123456,ou=people,dc=example,dc=com cannot be added because an entry with that name already exists]; remaining name 'uid=A123456,ou=people,dc=example,dc=com' at org.identityconnectors.ldap.modify.LdapCreate.doCreate(LdapCreate.jav a:185) at org.identityconnectors.ldap.modify.LdapCreate.executeImpl(LdapCreate. java:136) at org.identityconnectors.ldap.modify.LdapCreate.execute(LdapCreate.java :80) at org.identityconnectors.ldap.LdapConnector.create(LdapConnector.java:2 09) at org.identityconnectors.framework.impl.api.local.operations.CreateImpl .create(CreateImpl.java:88) ...Recent Changes
N/A
Causes
A correlation query is missing from your mappings in the sync.json file (located in the /path/to/idm/conf directory). A correlation query is needed to query the target system for a user who matches the source account; if this is missing, IDM will identify the situation as MISSING and perform the associated action (CREATE by default).
Solution
This issue can be resolved by adding a correlation query to your mappings in the sync.json file.
Correlation queries are described in more detail in Correlating Source Objects With Existing Target Objects.
See Also
Correlating Source Objects With Existing Target Objects
Related Training
N/A
Related Issue Tracker IDs
N/A