Symantec Directory : Warning messages appear in DSA logs when the Policy Server starts
search cancel

Symantec Directory : Warning messages appear in DSA logs when the Policy Server starts

book

Article ID: 275804

calendar_today

Updated On:

Products

CA Directory

Issue/Introduction

You have configured a new DSA in Symantec Directory as your SiteMinder Policy Store and you see following warning messages in the WARN log of this Policy Store:

[34] 20171108.125132.438 WARN : LDAP: invalid oid: dominoOrganization
[76] 20171108.125132.438 WARN : LDAP: invalid oid: ndsLoginProperties
[104] 20171108.125132.438 WARN : LDAP: Unknown attribute type: version
[84] 20171108.125132.438 WARN : LDAP: Unknown attribute type: supportedCapabilities
[16] 20171108.125132.438 WARN : LDAP: invalid oid: domainDNS
[92] 20171108.125132.438 WARN : LDAP: invalid oid: eTNamespace
[104] 20171108.125133.155 WARN : LDAP: invalid oid: group
[104] 20171108.125216.271 WARN : LDAP: invalid oid: group 
 

What is the cause of these warnings? There is something misconfigured?

Resolution

These warning messages are logged when CA Directory cannot find any attributes/objects in the DSA. The invalid OID message appears because the DSA does not have the schema definitions for the objects listed, and the Unknown attribute type messages appear as the attributes are missing as well. This is a common warning message in CA Directory.

This happens as the Policy Server does an anonymous bind to the DSA searching for these SunONE related attributes when contacting the directory, and they can be safely ignored.