Can't deploy Connector configuration using Connector Xpress 2.0
Article ID: 259292
Updated On:
Products
Issue/Introduction
When we try to deploy a custom connector using Connector Xpress 2.0, we are getting the following error:
In WEB Interface:
Failed to deploy test20585 metadata configuration.
In Tomcat:
2023-02-02 12:33:16.053 ERROR 19208 --- [oi-20421-exec-3] b.a.j.b.p.b.ldap.LDAPConnection : Failed to create eTNamespaceName=test20585,dc=im,dc=eta. Error=[LDAP: error code 17 - :ETA_E_0003<ANS>, Endpoint type 'test20585' creation failed: DB Add failed: eTRESTConfig (ldaps://testim144:20391) ]
2023-02-02 12:33:16.055 ERROR 19208 --- [oi-20421-exec-3] .j.b.p.a.ProvisioningServerConfigService : Failed to deploy connector test20585 on server testim144. error=[LDAP: error code 17 - :ETA_E_0003<ANS>, Endpoint type 'test20585' creation failed: DB Add failed: eTRESTConfig (ldaps://testim144:20391) ]
Environment
Release : 14.4
Component : CA Identity Manager
Cause
We found the following error from the logs,
20230202:123316:TID=002df0:Add :D602:E597:F: FAILURE: DB Add (eTNamespaceName=test20585)
20230202:123316:TID=002df0:Add :D602:E597:F: rc: 0x0011 (Undefined attribute type)
20230202:123316:TID=002df0:Add :D602:E597:F: msg: DB Add failed: eTRESTConfig (ldaps://testim144:20391)
The customer confirmed the connector server has below exact definition for eTRESTConfig.
...\Connector Server\jcs\conf\eta_dyn_openldap.schema
attributetype ( 1.3.6.1.4.1.791.2.3.5.3.5000.1.822 NAME 'eTRESTConfig'
EQUALITY caseIgnoreMatch
SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15)
It seems eTRESTConfig is missing in Provisioning Directory and CA Directory schema.
Resolution
Please follow these steps to add the missing eTRESTConfig to Provisioning Directory and CA Directory schema:
1. Backup ..\Directory\dxserver\config\schema\etrust_admin.dxc
2. Backup ..\Provisioning Directory\multitenancy\schema\etrust_admin.dxc
3. Add the following entry as the last attribute definition (in both files)
schema set attribute etrust-admin-COS-attr:822 = {
name = eTRESTConfig
ldap-names = eTRESTConfig
equality = caseIgnoreMatch
syntax = directoryString
single-valued
};
4. Add the newly defined attribute to the allowed attribute to
schema set object-class etrust-admin-COS-oc:2 = {
name = eTNamespace
subclass-of Top
must-contain
eTNamespaceName,
objectclass
may-contain
eTCreateDate,
eTCreateTime,
eTCreateNode,
eTCreateUserName,
eTCreateUserid,
eTUpdateDate,
eTUpdateTime,
eTUpdateNode,
eTUpdateUserName,
eTUpdateUserid,
eTDescription,
eTComments,
eTExploreUpdateEtrust,
eTExploreCorrelateUsers,
eTExploreCreateUsers,
eTExploreReportAdditions,
eTExploreReportDeletions,
eTExploreUpdateUsers,
eTExploreIncremental,
eTIncrementalSearch,
eTIncrementalStartTime,
eTCheckPermission,
eTCheckDelete,
eTUseOperationID,
eTID,
eTDBOnly,
eTAgentOnly,
eTAllowPartialResult,
eTModAttr,
eTModDescendents,
eTDeleteEntry,
eTNamespaceType,
eTNamespaceSubType,
eTAgentPluginDLL,
eTAgentNamespaceClass,
eTCustomUserUpdate,
eTUserUpdateMap,
eTDefaultUserUpdateMap,
eTPolicyCtnrClass,
eTLDAPMk3Profile,
eTLDAPMk3ProfileObjectclass,
eTLDAPMk3ProfileNamingAttribute,
eTLDAPMk3ProfileSheetLayout,
eTLDAPMk3ProfilePageLayout,
eTLDAPMk3ProfileAttribute,
eTValidateCredentials,
eTDirRelativeFormat,
eTNamespaceFamily,
eTMetaData,
eTAdminMetaData,
eTBLSMetaData,
eTConnMetaData,
eTCoreMetaData,
eTGUIMetaData,
eTOpBindingsMetaData,
eTRESTConfig
};
(ensure to add a comma after eTOpBindingsMetaData)
5. Restart Provisioning Server and All Provisioning CA Directory instances
6. Attempt to redeploy.
Feedback
