Synchronization fails if User Group/User is located in more than one level within the current Organization Unit

Article Id: 87996
Status: Published
Updated On: 15-04-2018 07:01
Legacy Id: 000009307
Products:
CA Automic Workload Automation - Automation Engine AUTOMIC WORKLOAD AUTOMATION
Issue/Introduction:

Error Message :
ERROR Could not able to get data from ldap server, this ldap connection may not have authorization on target BaseDn

Synchronization fails if the User Groups or Users are located more than one level down inside the current Organization Unit (OU) of the base DN (Distinguished Name).
 
If the OU parent contains OU children but does not contain any Common names (CN), you will see error messages similar to those below.

2016-10-10 10:44:47.631 [main] c.a.s.l.l.LDAPService                    DEBUG  Error when searching BaseDN
org.apache.directory.api.ldap.model.exception.LdapInvalidDnException: ERR_04195 Unexpected character '*' at position 0. Excpected start of attributeType.
        at org.apache.directory.api.ldap.model.name.FastDnParser.matchAttributeType(FastDnParser.java:286) ~[ldap-sync-1.0.4.jar:1.0.4]
        at org.apache.directory.api.ldap.model.name.FastDnParser.parseRdnInternal(FastDnParser.java:149) ~[ldap-sync-1.0.4.jar:1.0.4]
        at org.apache.directory.api.ldap.model.name.FastDnParser.parseDn(FastDnParser.java:90) ~[ldap-sync-1.0.4.jar:1.0.4]
        at org.apache.directory.api.ldap.model.name.Dn.parseInternal(Dn.java:1369) ~[ldap-sync-1.0.4.jar:1.0.4]
        at org.apache.directory.api.ldap.model.name.Dn.<init>(Dn.java:285) ~[ldap-sync-1.0.4.jar:1.0.4]
        at org.apache.directory.api.ldap.model.name.Dn.<init>(Dn.java:211) ~[ldap-sync-1.0.4.jar:1.0.4]
        at com.automic.sara.ldapsync.ldap.LDAPService.verifyConnection(LDAPService.java:118) ~[ldap-sync-1.0.4.jar:1.0.4]
        at com.automic.sara.ldapsync.steps.AESynchronizationStep.init(AESynchronizationStep.java:66) [ldap-sync-1.0.4.jar:1.0.4]
        at com.automic.sara.ldapsync.steps.BaseSynchronizationStep.execute(BaseSynchronizationStep.java:99) [ldap-sync-1.0.4.jar:1.0.4]
        at com.automic.sara.ldapsync.SynchronizationStepChain.execute(SynchronizationStepChain.java:33) [ldap-sync-1.0.4.jar:1.0.4]
        at com.automic.sara.ldapsync.LDAPSynchronizer.run(LDAPSynchronizer.java:59) [ldap-sync-1.0.4.jar:1.0.4]
        at com.automic.sara.ldapsync.LDAPSynchronizer.main(LDAPSynchronizer.java:28) [ldap-sync-1.0.4.jar:1.0.4]
2016-10-10 10:44:47.632 [main] c.a.s.l.LDAPSynchronizer                 ERROR  Could not able to get data from ldap server, this ldap connection may not have authorization on target BaseDn
com.automic.sara.ldapsync.exceptions.SynchronizationException: Could not able to get data from ldap server, this ldap connection may not have authorization on target BaseDn
        at com.automic.sara.ldapsync.steps.AESynchronizationStep.init(AESynchronizationStep.java:67) ~[ldap-sync-1.0.4.jar:1.0.4]
        at com.automic.sara.ldapsync.steps.BaseSynchronizationStep.execute(BaseSynchronizationStep.java:99) ~[ldap-sync-1.0.4.jar:1.0.4]
        at com.automic.sara.ldapsync.SynchronizationStepChain.execute(SynchronizationStepChain.java:33) ~[ldap-sync-1.0.4.jar:1.0.4]
        at com.automic.sara.ldapsync.LDAPSynchronizer.run(LDAPSynchronizer.java:59) [ldap-sync-1.0.4.jar:1.0.4]
        at com.automic.sara.ldapsync.LDAPSynchronizer.main(LDAPSynchronizer.java:28) [ldap-sync-1.0.4.jar:1.0.4]



 

Cause:

Cause type:
Defect
Root Cause: Search scope limitation

Environment:

OS Version: N/A

Resolution:

Update to a fix version listed below or a newer version if available.

Fix Status: Released

Fix Version(s):
LDAPSync 2.1.0 - Available
LDAPSync 2.0.1 - Available
LDAPSync 1.0.6 - Available

Additional Information:

Workaround :
N/A

insert_drive_file 1558536134798LDAP_SYNC.png
arrow_downward Download