Error 'method (got_dap_domset): Unknown error' with LDAP auto creation and ldap_sync when using Service Desk LDAP integration with Novell eDirectory 8.7.3.
search cancel

Error 'method (got_dap_domset): Unknown error' with LDAP auto creation and ldap_sync when using Service Desk LDAP integration with Novell eDirectory 8.7.3.

book

Article ID: 4056

calendar_today

Updated On:

Products

CA IT Asset Manager CA Software Asset Manager (CA SAM) ASSET PORTFOLIO MGMT- SERVER SUPPORT AUTOMATION- SERVER CA Service Desk Manager - Unified Self Service CA Service Desk Manager CA Service Management - Asset Portfolio Management CA Service Management - Service Desk Manager

Issue/Introduction

Having configured Service Desk to integrate with Novell eDirectory 8.7.3 and confirmed that ldap_test returns user information successfully, ldap_sync fails with the following error message:

 

Method 'got_ldap_domset' in Contact_Object failed (Unknown error)

 

 

The first attempt to log in to Service Desk by a valid eDirectory user, which should cause a new Contact record to be created, may fail with the following message:

 

 

AHD04013: Internal error in method (got_dap_domset): Unknown error

Environment

This document may apply to earlier releases of Novell eDirectory.

Cause

An ldap.mod file needs to be created to allow Service Desk to map Contact table attributes to specific eDirectory attributes.

The mapping is required for the following fields:

first_name
last_name
userid

By default the ldap.maj file has multiple attributes mapped possible LDAP server attributes as follows:

OBJECT ldap LDAP {

ATTRIBUTES LDAP_Entry{

   id              distinguishedName            STRING 512;

        last_name       sn,pzLastName                STRING ;

        first_name      givenName,pzFirstName        STRING ;

        middle_name     initials,pzMiddleName        STRING ;

        userid          uid,sAMAccountName,pzUserName STRING ;

        phone_number    telephoneNumber,pzWorkPhoneNumber STRING ;

        alt_phone       mobile,pzMobilePhoneNumber   STRING ;

        dept            department,pzDepartment      STRING ;

        fax_phone       facsimileTelephoneNumber,pzFaxPhoneNumber STRING ;

        beeper_phone    pager                        STRING ;

        email_address   mail,pzEmailAddress          STRING ;

        address1        streetAddress,pzAddress      STRING ;

        city            l,pzCity                     STRING ;

        ldap_state      st,pzState                   STRING ;

        zip             postalCode,pzPostalCode      STRING ;

        country         c,pzCountry                  STRING ;

      ldap_org        o                            STRING ;

        memberOf        memberOf                     STRING ;

        ldap_dn         ldap_dn                      STRING ;

        access_type     LOCAL INTEGER {ATTR_INIT get_ldap_access_type @"@|BOP-LOGIN|validate_user"(id) 50;};

    } ;

    FACTORY {

        STANDARD_LISTS {

            SORT_BY  userid;

            MLIST OFF ;

            RLIST OFF ;

        };

        REL_ATTR  id;

        COMMON_NAME userid ;

        FUNCTION_GROUP "inventory" ;

    } ;

    METHODS {

        make_from_ldap( object, object|nil, uuid );

 get_val_srel( ... );

    } ;
} ;

Resolution

In order to have the correct mappings between Service Desk and eDirectory an ldap.mod file is required. The file is created as follows:

  1. Navigate to $NX_ROOT/site/mods/majic
  2. Create a file called ldap.mod in this directory
  3. Enter the following lines into the file and save it:
    MODIFY ldap last_name sn ;
    MODIFY ldap first_name givenName ;
    MODIFY ldap userid uid ;
    Note : Make sure that you enter a carriage return after the last line
  4. Recycle Service Desk to make the above affective

Ldap_sync and the auto creation of eDirectory users will then be successful.

Powered by Wolken Software