ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

I am using ACF2 and CA-LDAP, when trying to connect to CA-LDAP from LDAP JXplorer browser, I am getting the message "unable to connect Invalid DN syntax (34)". What is causing this?


Article ID: 53754


Updated On:


ACF2 ACF2 - DB2 Option ACF2 for zVM ACF2 - z/OS ACF2 - MISC 24X7 High-Availability Manager for DB2 for z/OS Batch Processor Compile QQF Data Compressor for DB2 for z/OS CA Unicenter NSM RC/Update for DB2 for z/OS DB2 TOOLS- DATABASE MISC PanApt PanAudit



The Invalid DN syntax (34) means the LDAP server did not receive a full DN or that you did not specify a correct prefix, such as CN instead of UID, which results in the LDAP server not receiving a correct DN.


The CA-LDAP Server determines the user id to use by looking for cn= as the very first RDN in the DN. The Invalid DN syntax (34) message can occur if just the userid is entered in the "User DN" rather than cn=userid.

To address the problem be sure to specify cn=userid in the 'User DN' text box in JXPLORER screen.

Note: in place of "userid" substitute the desired userid.

<Please see attached file for image>

Figure 1

Details on the the "USER DN" specification for the JXplorer browser can be found at the JXplorer website.

Details on CA-LDAP can be found in the CA LDAP Server for z/OS Administrator Guide


Component: ACFLDP


1558711354785000053754_sktwi1f5rjvs16s7p.gif get_app