Synchronization fails if User Group/User is located in more than one level within the current Organization Unit
book
Article ID: 87996
calendar_today
Updated On:
Products
CA Automic Workload Automation - Automation EngineAUTOMIC WORKLOAD AUTOMATION
Issue/Introduction
Error Message : ERROR Could not able to get data from ldap server, this ldap connection may not have authorization on target BaseDn
Synchronization fails if the User Groups or Users are located more than one level down inside the current Organization Unit (OU) of the base DN (Distinguished Name).
If the OU parent contains OU children but does not contain any Common names (CN), you will see error messages similar to those below.
2016-10-10 10:44:47.631 [main] c.a.s.l.l.LDAPService DEBUG Error when searching BaseDN org.apache.directory.api.ldap.model.exception.LdapInvalidDnException: ERR_04195 Unexpected character '*' at position 0. Excpected start of attributeType. at org.apache.directory.api.ldap.model.name.FastDnParser.matchAttributeType(FastDnParser.java:286) ~[ldap-sync-1.0.4.jar:1.0.4] at org.apache.directory.api.ldap.model.name.FastDnParser.parseRdnInternal(FastDnParser.java:149) ~[ldap-sync-1.0.4.jar:1.0.4] at org.apache.directory.api.ldap.model.name.FastDnParser.parseDn(FastDnParser.java:90) ~[ldap-sync-1.0.4.jar:1.0.4] at org.apache.directory.api.ldap.model.name.Dn.parseInternal(Dn.java:1369) ~[ldap-sync-1.0.4.jar:1.0.4] at org.apache.directory.api.ldap.model.name.Dn.<init>(Dn.java:285) ~[ldap-sync-1.0.4.jar:1.0.4] at org.apache.directory.api.ldap.model.name.Dn.<init>(Dn.java:211) ~[ldap-sync-1.0.4.jar:1.0.4] at com.automic.sara.ldapsync.ldap.LDAPService.verifyConnection(LDAPService.java:118) ~[ldap-sync-1.0.4.jar:1.0.4] at com.automic.sara.ldapsync.steps.AESynchronizationStep.init(AESynchronizationStep.java:66) [ldap-sync-1.0.4.jar:1.0.4] at com.automic.sara.ldapsync.steps.BaseSynchronizationStep.execute(BaseSynchronizationStep.java:99) [ldap-sync-1.0.4.jar:1.0.4] at com.automic.sara.ldapsync.SynchronizationStepChain.execute(SynchronizationStepChain.java:33) [ldap-sync-1.0.4.jar:1.0.4] at com.automic.sara.ldapsync.LDAPSynchronizer.run(LDAPSynchronizer.java:59) [ldap-sync-1.0.4.jar:1.0.4] at com.automic.sara.ldapsync.LDAPSynchronizer.main(LDAPSynchronizer.java:28) [ldap-sync-1.0.4.jar:1.0.4] 2016-10-10 10:44:47.632 [main] c.a.s.l.LDAPSynchronizer ERROR Could not able to get data from ldap server, this ldap connection may not have authorization on target BaseDn com.automic.sara.ldapsync.exceptions.SynchronizationException: Could not able to get data from ldap server, this ldap connection may not have authorization on target BaseDn at com.automic.sara.ldapsync.steps.AESynchronizationStep.init(AESynchronizationStep.java:67) ~[ldap-sync-1.0.4.jar:1.0.4] at com.automic.sara.ldapsync.steps.BaseSynchronizationStep.execute(BaseSynchronizationStep.java:99) ~[ldap-sync-1.0.4.jar:1.0.4] at com.automic.sara.ldapsync.SynchronizationStepChain.execute(SynchronizationStepChain.java:33) ~[ldap-sync-1.0.4.jar:1.0.4] at com.automic.sara.ldapsync.LDAPSynchronizer.run(LDAPSynchronizer.java:59) [ldap-sync-1.0.4.jar:1.0.4] at com.automic.sara.ldapsync.LDAPSynchronizer.main(LDAPSynchronizer.java:28) [ldap-sync-1.0.4.jar:1.0.4]
Cause
Cause type: Defect Root Cause: Search scope limitation
Environment
OS Version: N/A
Resolution
Update to a fix version listed below or a newer version if available.
Fix Status: Released
Fix Version(s): LDAPSync 2.1.0 - Available LDAPSync 2.0.1 - Available LDAPSync 1.0.6 - Available