This was working fine for a while and stopped without any change in the environment.
Active Directory Endpoint can't be opened, we can't provision having this errors:
In Provisioning Manager having the error: 'Active Directory read failed: ADS Directory Add: Can't get object category attribute" when trying see properties of any Active Directory account.
Release : 14.3 CP2 Vaap
Component : IdentityMinder(Identity Manager)
The " eTErrorMsg: :ETA_E_0020<RAC>, Active Dir. Account '<AccountName>' on 'Active Directory read failed: ADS Directory Add: Can't get object category attribute" is because of lack of eTADSObjectCategory value. Can see that that value is missing in child search result set. somehow that value is gone from the IMPD.
Besides, it's missing another mandatory attribute "eTADS-DefaultContext" as well
For some reason the data was corrupted for attributes eTADSObjectCategory and eTADS-DefaultContext the ActiveDirectory .
3 AD endpoints acquired for Active Directory endpoint type. There were two attributes in one of their Active Directory endpoint that were missing in IMPD port 20394.
For some reason the data was corrupted and after put again data inside of eTADSObjectCategory and eTADS-DefaultContext the ActiveDirectory endpoint started to work fine for all other endpoints.
Check all AD Endpoints if have multiple AD endpoints. This caused problems to all ADS endpoints even the data was corrupted in only one of the Endpoints.