CA Identity ManagerCA Identity GovernanceCA Identity Portal
Trying to edit ACF2 account properties from IM Provisioning Manager or from the IM user console, fails with LDAP error code 80 : LDP0500E Error issuing LIST xxxx with R_Admin, return code=17305604 failed to lookup acf2UserOMVS=xxxx,acf2lid=xxxx,acf2admingrp=lids,host=yyyy,o=zzzz,c=no
IM 12.6.x. CA ACF2 v2 endpoint. CA LDAP r15 (slapd 15.2014.1120). CA ACF2 REL 16 /MVS SP7.2.1.
The slapd.log on USS also shows this LDP0500E error for the following couple of commands: SET PROF(USER) DIV(OMVS) LIST xxxx
We fail to retrieve the OMVS segment information of this user profile.
Out of IM product the following LDAP request also fails with LDP0500E error. ldapsearch -LLL -h TARGET -p PORT -D "cn=PROXY_ID" -w PROXY_ID_PWD -b "acf2UserOMVS=xxxx,acf2lid=xxxx,acf2admingrp=lids,host=yyyy,o=zzzz,c=no" -s base
The PROXY_ID did not have enough rights to edit OMVS segment information of user profiles. The mainframe team provided the Client with a stronger PROXY_ID allowing to edit OMVS data for any ACF2 IDs. Once they changed their proxy admin ID (with the appropriate rights) and related password into the endpoint (ACF2_BV_v2) definition from IM Provisioning Manager UI, the issue was fixed.