Synchronization fails if User Group/User is located in more than one level within the current Organization Unit

book

Article ID: 87996

calendar_today

Updated On:

Products

CA Automic Workload Automation - Automation Engine AUTOMIC WORKLOAD AUTOMATION

Issue/Introduction

Error Message :
ERROR Could not able to get data from ldap server, this ldap connection may not have authorization on target BaseDn

Synchronization fails if the User Groups or Users are located more than one level down inside the current Organization Unit (OU) of the base DN (Distinguished Name).
 
If the OU parent contains OU children but does not contain any Common names (CN), you will see error messages similar to those below.


2016-10-10 10:44:47.631 [main] c.a.s.l.l.LDAPService                    DEBUG  Error when searching BaseDN
org.apache.directory.api.ldap.model.exception.LdapInvalidDnException: ERR_04195 Unexpected character '*' at position 0. Excpected start of attributeType.
        at org.apache.directory.api.ldap.model.name.FastDnParser.matchAttributeType(FastDnParser.java:286) ~[ldap-sync-1.0.4.jar:1.0.4]
        at org.apache.directory.api.ldap.model.name.FastDnParser.parseRdnInternal(FastDnParser.java:149) ~[ldap-sync-1.0.4.jar:1.0.4]
        at org.apache.directory.api.ldap.model.name.FastDnParser.parseDn(FastDnParser.java:90) ~[ldap-sync-1.0.4.jar:1.0.4]
        at org.apache.directory.api.ldap.model.name.Dn.parseInternal(Dn.java:1369) ~[ldap-sync-1.0.4.jar:1.0.4]
        at org.apache.directory.api.ldap.model.name.Dn.<init>(Dn.java:285) ~[ldap-sync-1.0.4.jar:1.0.4]
        at org.apache.directory.api.ldap.model.name.Dn.<init>(Dn.java:211) ~[ldap-sync-1.0.4.jar:1.0.4]
        at com.automic.sara.ldapsync.ldap.LDAPService.verifyConnection(LDAPService.java:118) ~[ldap-sync-1.0.4.jar:1.0.4]
        at com.automic.sara.ldapsync.steps.AESynchronizationStep.init(AESynchronizationStep.java:66) [ldap-sync-1.0.4.jar:1.0.4]
        at com.automic.sara.ldapsync.steps.BaseSynchronizationStep.execute(BaseSynchronizationStep.java:99) [ldap-sync-1.0.4.jar:1.0.4]
        at com.automic.sara.ldapsync.SynchronizationStepChain.execute(SynchronizationStepChain.java:33) [ldap-sync-1.0.4.jar:1.0.4]
        at com.automic.sara.ldapsync.LDAPSynchronizer.run(LDAPSynchronizer.java:59) [ldap-sync-1.0.4.jar:1.0.4]
        at com.automic.sara.ldapsync.LDAPSynchronizer.main(LDAPSynchronizer.java:28) [ldap-sync-1.0.4.jar:1.0.4]
2016-10-10 10:44:47.632 [main] c.a.s.l.LDAPSynchronizer                 ERROR  Could not able to get data from ldap server, this ldap connection may not have authorization on target BaseDn
com.automic.sara.ldapsync.exceptions.SynchronizationException: Could not able to get data from ldap server, this ldap connection may not have authorization on target BaseDn
        at com.automic.sara.ldapsync.steps.AESynchronizationStep.init(AESynchronizationStep.java:67) ~[ldap-sync-1.0.4.jar:1.0.4]
        at com.automic.sara.ldapsync.steps.BaseSynchronizationStep.execute(BaseSynchronizationStep.java:99) ~[ldap-sync-1.0.4.jar:1.0.4]
        at com.automic.sara.ldapsync.SynchronizationStepChain.execute(SynchronizationStepChain.java:33) ~[ldap-sync-1.0.4.jar:1.0.4]
        at com.automic.sara.ldapsync.LDAPSynchronizer.run(LDAPSynchronizer.java:59) [ldap-sync-1.0.4.jar:1.0.4]
        at com.automic.sara.ldapsync.LDAPSynchronizer.main(LDAPSynchronizer.java:28) [ldap-sync-1.0.4.jar:1.0.4]




 

Cause

Cause type:
Defect
Root Cause: Search scope limitation

Environment

OS Version: N/A

Resolution

Update to a fix version listed below or a newer version if available.

Fix Status: Released

Fix Version(s):
LDAPSync 2.1.0 - Available
LDAPSync 2.0.1 - Available
LDAPSync 1.0.6 - Available

Additional Information

Workaround :
N/A

Attachments

1558536134798LDAP_SYNC.png get_app