Warning messages appear in CA Directory DSA logs when the Policy Server starts

book

Article ID: 16444

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) AXIOMATICS POLICY SERVER CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On

Issue/Introduction



I have configured a new DSA in CA Directory for Policy Store, and when I start the Policy Server I see the following warning messages:

[34] 20171108.125132.438 WARN : LDAP: invalid oid: dominoOrganization
[76] 20171108.125132.438 WARN : LDAP: invalid oid: ndsLoginProperties
[104] 20171108.125132.438 WARN : LDAP: Unknown attribute type: version
[84] 20171108.125132.438 WARN : LDAP: Unknown attribute type: supportedCapabilities
[16] 20171108.125132.438 WARN : LDAP: invalid oid: domainDNS
[92] 20171108.125132.438 WARN : LDAP: invalid oid: eTNamespace
[104] 20171108.125133.155 WARN : LDAP: invalid oid: group
[104] 20171108.125216.271 WARN : LDAP: invalid oid: group 
 

What is the cause of these warnings? There is something misconfigured?

 

 

 

Environment

Release: ESPSTM99000-12.51-Single Sign On-Extended Support Plus
Component:

Resolution

These warning messages are logged when CA Directory cannot find any attributes/objects in the DSA. The invalid OID message appears because the DSA does not have the schema definitions for the objects listed, and the Unknown attribute type messages appear as the attributes are missing as well. This is a common warning message in CA Directory.

This happens as the Policy Server does an anonymous bind to the DSA searching for these SunONE related attributes when contacting the directory, and they can be safely ignored.