Receiving LDAP Error Code 17 in logs

book

Article ID: 38951

calendar_today

Updated On:

Products

CA Identity Manager CA Identity Governance CA Identity Portal CA Risk Analytics CA Secure Cloud SaaS - Arcot A-OK (WebFort) CLOUDMINDER ADVANCED AUTHENTICATION CA Secure Cloud SaaS - Advanced Authentication CA Secure Cloud SaaS - Identity Management CA Secure Cloud SaaS - Single Sign On

Issue/Introduction

Question:

 An "LDAP Error 17" appears after adding attributes to our directory.xml. How to correctly add custom user attribute to our directories?

Answer:

This is an issue with attributes not being added correctly in the schema. Even though it is being correctly added in the directory.xml. An additional change needs to be made. This is done from this folder location: <CA Directory Home>/dxserver/config/schema. In there, locate the schema file you are using and add your attribute in there using the "Example Format". Default out of the box file is "x500". Recommended action is to not edit the "x500" and add your own file. You can set the attribute in the DXHOME/config/servers/<dsaname>.dxi. This would only only to this DSA while editting it in x500 will apply to all DSAs. Once this change is made, please restart your DSA to apply changes.

 

Example Format:

 

set attribute attributeType:0 = {

        name = commonName

ldap-names = cn

        syntax = caseIgnoreString

};

Environment

Release: CAIDMB99000-12.6.7-Identity Manager-B to B
Component: