Attempting to view/modify objects on a JNDI DYN endpoint fails with LDAP: error code 32 - No Such Object

All Identity Manager

When acquiring a JNDI DYN Endpoint the URL specified should not point to a load-balancer. Doing so can cause problems if the backend LDAP servers become out of sync or if there are replication delays. There can also be unexpected results if the IM application sends multiple requests that get routed to different backend LDAP servers faster than the replication between those servers.

The acquired JNDI DYN endpoint should point to a hostname which can support failover mode only between backend LDAP servers. This could be controlled via DNS record updates or local host file updates on the Java Connector Server machine or by some external hardware/software (i.e. Router DSA, Load-Balancer, etc) as long as that external hardware/software can be configured for failover mode only and not for load-balancing.