ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

LDAP Connections manager error to our active directory user store

book

Article ID: 41444

calendar_today

Updated On:

Products

CA Single Sign On Secure Proxy Server (SiteMinder) CA Single Sign On SOA Security Manager (SiteMinder) CA Single Sign-On

Issue/Introduction

Issue:

Error logged in smps.log

[1640/4136][Tue Apr 12 2016 14:26:53][SmDsLdapConnMgr.cpp:720][WARNING][sm-Ldap-02900] Function prldap_set_session_option is not supported. <server_name>:port

Environment:

  • Policy server running on Windows OS
  • User Store configure in AdminUI with AD Provider (NOT LDAP)

 

Cause:

Policy server implemented two LDAP providers:

Mozilla LDAP SDK for keystore and session store LDAP connectivity.

UserStore connectivity the namespace can be one of two LDAP SDK’s:

  • ADSI LDAP Provider(Windows PS ONLY) - AD Name space is selected
  • Mozilla LDAP SDK - LDAP namespace is selected

The error message occurs when the AD Name space is selected.  Policy server during user store initialization will check all support LDAP server control options.  The error shown indicates that the specific option is not support by AD provider that is being used. More specifically the prldap_set_session_option() function sets a session option specific to the prldap layer – used only for Mozilla LDAP SDK (name space)

Resolution:

The error occurs only during user store initialization it is benign it can be ignored

 

 

 

Environment

Release: ESPSTM99000-12.51-Single Sign On-Extended Support Plus
Component: