LDAP: error code 53 - Function Not Implemented
Hi All,
While doing search on Oracle internet directory server(oracle ldap server),
we are getting following exception.
Exception
in thread "main" javax.naming.OperationNotSupportedException: [LDAP:
error code 53 - Function Not Implemented]; remaining name
'ou=people,dc=test,dc=com'
at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3058)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2931)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2737)
at com.sun.jndi.ldap.LdapCtx.searchAux(LdapCtx.java:1808)
at com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1731)
at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(ComponentDirContext.java:368)
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:338)
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:321)
at javax.naming.directory.InitialDirContext.search(InitialDirContext.java:248)
at DifferentSearches.doFilterSearch(DifferentSearches.java:99)
at DifferentSearches.main(DifferentSearches.java:23)
Following is the code -
code:
DirContext ctx= getDirContext();
SearchControls ctls = new SearchControls();
ctls. setReturningObjFlag (true);
ctls.setSearchScope(SearchControls.SUBTREE_SCOPE);
String filter = "(displayname=chandra)";
NamingEnumeration answer = ctx.search("ou=people,dc=test,dc=com", filter, ctls);
formatResults(answer);
ctx.close();
When we search on the added attributes (like currentsession count) it works
fine. For this we had to enable index in OID on this field. But this is
not possible for the default attributes. OID does not provide a way to
enable indexing on these attributes. Could someone please let us know
how we can search on default attributes ?
Regards
Rahul
Edited by: Rahul_Sonawale on Oct 17, 2008 4:26 AM
Thanks Rajiv for reply.
I had read that thread before posting this. However, this is lightly different.
From other sites I can see that if it's caused by indexing, the error msg would say so and also tell you which attribute it is.
Some one suggested it's OID dropping the database connections intermittantly and should check both CRS ORACLE_HOME and RDBMS ORACLE_HOME have SQLNET.EXPIRE_TIME set and check the TNS and alert logs on the DB side for any other possible connection failure.
From some OID log we do see it has lost database connection:
OID logs in /u01/oid/oid_inst/diagnostics/logs/OID/oid1 :
ConnID:76 mesgID:2 OpID:1 OpName:search ConnIP:10.244.87.239 ConnDN:cn=policyrwuser,cn=users,dc=us,dc=oracle,dc=com
[gsldecfsFetchEntries] ORA error 3135: ORA-03135: connection lost contact
Process ID: 29973
Session ID: 164 Serial number: 3
I should post another thread for oid lost db connection.
Similar Messages
-
Dhcpcd eth0 error flock : Function not implemented
Dear Arch users-
I have been using Arch for a few weeks now, and just compiled my own custom kernel, now when I use dhcpcd eth0/wlan0 - I get the error
eth0: flock '/var/run/dhcpcd-eth0.pid' : function not implemented
I have searched the web haven't really found an answer yet.
Please I dont need any info on why I compiled my own kernel.
Regards,enable this in your custom kernel
CONFIG_FILE_LOCKING=y
i just hit this today, i know is probably late and you moved on.
Last edited by Kaso_Da_Zmok (2010-04-02 13:30:00) -
Error 78 - Function not implemented.
im trying to unzip a folder, i was told i didnt need an unzipping programme (winrar) and that all i needed to do was double click it to extract the files
when i double click it a STOP message appears which reads:
'Unable to unarchive "file name.zip" into "Desktop".
is there something wrong with my standard mac unzipping programme?
is there something wrong with the file?
do i need to get a unzipping application on my mac to do this?
any help appreciatedThe most likely issue is that there is something wrong with the file. As long as the file is not corrupted somehow there is no reason that it can't be unzipped. At least I have never had a problem unzipping a file on my Mac.
-
Shared memory segment: function not implemented
Hi!
I tried to install Oracle8 on a dual pentium II / 233 system
running Suse 6.0 (kernel 2.2.1, glibc6)
Everything went fine, until I got the message
"Database creation failed, see logfile"
The logfile /u01/app/oracle/products/8.0.5/orainst/install.log
tells me the following:
- Entering database actions section.
- Creating initORCL.ora file
- Creating crdb2ORCL.sql database catalog and file creation
script
- ERROR: The 'CREATE DATABASE' statement for the ORCL
database failed.
egrep failed to find 'ORA-' error in the file:
/u01/app/oracle/admin/ORCL/create/crdbORCL.lst
/u01/app/oracle/admin/ORCL/create/crdORCL.lst tells me:
Connected.
ORA-27125: unable to create shared memory segment
Linux Error: 38: Function not implemented
create database "ORCL"
ORA-01034: ORACLE not available
Disconnected.
So, I guess it3s something wrong with the kernel. I did the
following:
changed in /usr/src/linux/include/asm/shmparam.h:
#define SHMIDX_BITS 16 (was 15)
#define SHMMNI 100 (was (1<<_SHM_ID_BITS)) #define SHMSEG
10 (was SHMSEG SHMMNI)
checked /usr/src/linux/include/linux/sem.h:
#define SEMMNI 128
#define SEMMSL 32
#define SEMMNS (SEMMNI*SEMMSL)
Compiled new kernel, rebooted, verified that the right kernel
was loaded, installed oracle new, but it still doesn3t work.
Have I missed anything ?
thanks
Frank
nullHey, I ran into this problem too. Look and see if any db
processes failed to die last time you stopped oracle. I found a
ps_mon daemon still going when the database was down. I killed
it, restarted the database and everything was fine.
StE (guest) wrote:
: Frank Schmitt (guest) wrote:
: : ORA-27125: unable to create shared memory segment
: : Linux Error: 38: Function not implemented
: : create database "ORCL"
: : Compiled new kernel, rebooted, verified that the right kernel
: : was loaded, installed oracle new, but it still doesn3t work.
: Silly question, but did you check you had enabled SysV IPC
when
: you configured the kernel?
: -michael
null -
FUNCTION NOT IMPLEMENTED error when calling C# method from SAP, why?
Hi,
I've build a server stub in order to get SAP calling my own methods that exist in the C# world, for that I developed several methods in a class that extends SAPServer and then implemented them...
I added the special custom properties needed (Abap Name, length, etc) to the function and to its parameters, I've made the ABAP code required to call it...
I've checked, every parameters that I place in ABAP (importing, exporting and tables) are also defined in C# (its 53 parameters) with the same name (in C# they are in capital letters and in a diferent order but I tried this before and it didn't matter)...
The name of the function is the same...
How can I get the 'FUNCTION NOT IMPLEMENT' error in SAP?
What's going wrong when I get this error?
Can anyone tell me?
Is there any place in this site that has a error description and possible reasons?
When I get a parameter wrong I get a different error (I tried to make smaller functions and they work fine).
Thanks for the help,
Nuno Felino
Message was edited by: Nuno FelinoHi,
I'll explain what I'm doing:
- we have a set of services made in a C and VB that are available using an API in C#, these services must be available to SAP. So I have a program that will see what parameters the API service requires and makes a proxy so that SAP can call these services.
To do this I must map SAP types with C#, build the function signature and then implement it. So I cannot use the wizard to do this
Now, back to the question, what kind of customer attributes I got wrong to get that exception? The most logic is the AbapName of the function but they are equal (the one called in SAP and the one in the customer attributes of the function)...
Thanks for the answer, can you give me any more hint? -
Hi,
I am testing a single sign-on with spnego configuration. When I run diagtool spnego.conf, I always get this error.
Error connecting to the LDAP server
[EXCEPTION]
javax.naming.AuthenticationException: [LDAP: error code 49 - 80090308: LdapErr: DSID-0C090334, comment: AcceptSecurityContext error, data 52e, vece�]
at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:2988)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2934)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2735)
at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2649)
at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:290)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:175)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:193)
at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:136)
at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:66)
at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:662)
at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:243)
at javax.naming.InitialContext.init(InitialContext.java:219)
at javax.naming.InitialContext.<init>(InitialContext.java:195)
at javax.naming.directory.InitialDirContext.<init>(InitialDirContext.java:80)
at com.sap.engine.config.diagtool.lib.ldap.LDAPServer.connect(LDAPServer.java:99)
at com.sap.engine.config.diagtool.tests.authentication.krb.MSActiveDirectoryKrbTest.checkServiceUser(MSActiveDirectoryKrbTest.java:153)
at com.sap.engine.config.diagtool.tests.authentication.krb.MSActiveDirectoryKrbTest.execute(MSActiveDirectoryKrbTest.java:127)
at com.sap.engine.config.diagtool.Task.execute(Task.java:55)
at com.sap.engine.config.diagtool.Launcher.run(Launcher.java:343)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:324)
at com.sap.engine.config.diagtool.Launcher.main(Launcher.java:394)
Please help me to figure out what's wrong, and I would greatly appreciate that.
Regards,
-NapadolHello,
You have implemented a trusted domain tree configured with a cross-referrals in order to forward the DNs to another LDAP within the domain. Most probably you login onto an LDAP server that forwards the search request (aka the logon request). As the LDAP connection is not configured against referrals, the authentication to LDAP fails.
for more details, see http://support.microsoft.com/kb/241737
This is a known issue on the DiagTool that the SAP NW Security Developers currently investigate.
Please use the WebDiagtool for root cause analysis. It provides the same functionality. If you'd like to collect the user data from the LDAP server (as the DiagTool does it automatically), please use ldifde command directly on the MS host.
Cheers,
Tsvetomir -
Error : LDAP Error code 32 - in shared services export operation
Hi everyone !
I m using MS Active Directory in my Shared services for external authentication.
while exporting provisioning for all users against project:applications , it is not working
Trace error is :
2010-05-26 16:43:58,988 Export : Root cause : [LDAP: error code 32 - 0000208D: NameErr: DSID-031001CD, problem 2001 (NO_OBJECT), data 0, best match of:
'OU=NJ - Users,OU=CLI - NJ,DC=cli,DC=ad'
suggestions are highly appreciated
Thank you
Edited by: user11966901 on May 27, 2010 2:43 AMBelow is the solution we got when we had kind of same issue:
Steps To Reproduce:
Install the OIM AD base connector version 9.1.0
Upgrade the Connector to OIM 9.1.0.1 version using Patch 7553764
Provision a user from OIM to AD.
Cause
The OIM 9.1.0.1 patch contains a fix that can handle special characters in the process form. But there is special character like hyphen (-) in Root Context value (for example: 'OU=X-Test OU,DC=mydomain,DC=com' ) inthe IT Resource it causes provisioning to fail.
Solution
In this case the user is being provisioned to a Organization called 'X-Test OU' under the mydomain.com domain in the AD. There is Lookup called 'Lookup.ADReconciliation.Organization' which is populated using the Schedule task called "AD Organization Lookup Recon". This lookup is also used in the AD User
Process Form for populating the Organization Field.
-- To implement the solution, please execute the following steps::
Edit the Root Context value in the IT Resource to point above the OU=X-Test OU organization. So it looks like dc=mydomain,dc=com.
Run the Schedule task called "AD Organization Lookup Recon" by providing dc=mydomain,dc=com value to Search Base parameter in the schedule task. This recon would populate the 'Lookup.ADReconciliation.Organization'.
Now provision a user to AD resource and in the process form selected the OU=X-Test OU as the Organization.
This way the user gets successfully provisioned and gets created under the 'OU=X-Test OU,DC=mydomain,DC=com'
Cheers....!!! -
i am trying to connect to the LDAP using the JNDI
and i am getting the following error i was unable to solve it
here i am posting my sample slapd.cof file as well as my source program and the error
import java.util.Properties;
import javax.naming.Context;
import javax.naming.NameAlreadyBoundException;
import javax.naming.directory.DirContext;
import javax.naming.directory.InitialDirContext;
public class MakeRoot {
final static String ldapServerName = "localhost";
final static String rootdn = "cn=Manager, o=jndiTest";
final static String rootpass = "secret";
final static String subContext = "o=jndiTest";
public static void main( String[] args ) {
// set up environment to access the server
Properties env = new Properties();
env.put( Context.INITIAL_CONTEXT_FACTORY,
"com.sun.jndi.ldap.LdapCtxFactory" );
env.put( Context.PROVIDER_URL, "ldap://" + ldapServerName + "/" );
env.put( Context.SECURITY_PRINCIPAL, rootdn );
env.put( Context.SECURITY_CREDENTIALS, rootpass );
try {
// obtain initial directory context using the environment
DirContext ctx = new InitialDirContext( env );
// now, create the root context, which is just a subcontext
// of this initial directory context.
ctx.createSubcontext( subContext );
} catch ( NameAlreadyBoundException nabe ) {
System.err.println( subContext + " has already been bound!" );
} catch ( Exception e ) {
System.err.println( e );
slapd.cof
# See slapd.conf(5) for details on configuration options.
# This file should NOT be world readable.
ucdata-path ./ucdata
include ./schema/core.schema
include ./schema/cosine.schema
include ./schema/inetorgperson.schema
include ./schema/java.schema
# Define global ACLs to disable default read access.
# Do not enable referrals until AFTER you have a working directory
# service AND an understanding of referrals.
#referral ldap:/root.openldap.org
pidfile ./run/slapd.pid
argsfile ./run/slapd.args
# Load dynamic backend modules:
# modulepath ./libexec/openldap
# moduleload back_bdb.la
# moduleload back_ldap.la
# moduleload back_ldbm.la
# moduleload back_passwd.la
# moduleload back_shell.la
# Sample security restrictions
# Require integrity protection (prevent hijacking)
# Require 112-bit (3DES or better) encryption for updates
# Require 63-bit encryption for simple bind
# security ssf=1 update_ssf=112 simple_bind=64
# Sample access control policy:
# Root DSE: allow anyone to read it
# Subschema (sub)entry DSE: allow anyone to read it
# Other DSEs:
# Allow self write access
# Allow authenticated users read access
# Allow anonymous users to authenticate
# Directives needed to implement policy:
# access to dn.base="" by * read
# access to dn.base="cn=Subschema" by * read
# access to *
# by self write
# by users read
# by anonymous auth
# if no access controls are present, the default policy
# allows anyone and everyone to read anything but restricts
# updates to rootdn. (e.g., "access to * by * read")
# rootdn can always read and write EVERYTHING!
# BDB database definitions
#database bdb
#suffix "o=jndiTest"
#rootdn "cn=Manager,o=jndiTest"
# Cleartext passwords, especially for the rootdn, should
# be avoid. See slappasswd(8) and slapd.conf(5) for details.
# Use of strong authentication encouraged.
#rootpw secret
# The database directory MUST exist prior to running slapd AND
# should only be accessible by the slapd and slap tools.
# Mode 700 recommended.
#directory ./data
# Indices to maintain
#index objectClass eq
database bdb
#suffix "dc=stooges,dc=org"
suffix "o=jndiTest"
rootdn "cn=Manager,o=jndiTest"
rootpw secret
directory ./data
defaultaccess read
schemacheck off
lastmod on
error:
javax.naming.directory.SchemaViolationException: [LDAP: error code 65 - object class 'javaContainer' requires attribute 'cn']; remaining name 'o=jndiTest'I have updated the ldap java.schema with below entries, it is working fine
objectclass ( 1.3.6.1.4.1.42.2.27.4.2.1
NAME 'javaContainer'
DESC 'Container for a Java object'
SUP top
STRUCTURAL
MAY ( o $ cn)) -
LDAP: error code 1 - Invalid query reference]; remaining name '
I have the following function for a paged search operation.
Data retrieved by this function is used somewhere else to modify the Ldap Directory context.
Despite my setting for ctx and search control as "no timeout", i've been keeping thrown the exception for operations lasting more than 5 minutes(consistently) and for some short operations(sporadically):
Paged Search failed : javax.naming.NamingException: [LDAP: error code 1 - Invalid query reference]; remaining name '<directory>'
I am using DirX as LDAP directory.
Is this a time-out related exception which can be fixed in the code?
How can it be fixed?
There's no clue all over the web about this.
Thanks.
* Returns the next page of the search results.
* The returned result from this method can not exceed page size
* set in the constructor.
* @return
public NamingEnumeration nextPage(){
//1.step Set PagedResultsControl
NamingEnumeration results = null;
Control[] controls=null;
try {
if( isSearchStarted==false ){
isSearchStarted=true;
if(sortingAttributes==null)
controls=new Control[]{ new PagedResultsControl(pageSize) };
else
controls=new Control[]{new SortControl(sortingAttributes, Control.NONCRITICAL), new PagedResultsControl(pageSize) };
}else {// examine the response controls
cookie = parseControls(ctx.getResponseControls());
if( cookie!=null && cookie.length!=0 ){
// pass the cookie back to the server for the next page
if(sortingAttributes==null)
controls=new Control[] { new PagedResultsControl(pageSize, cookie, Control.CRITICAL) };
else
controls=new Control[] {new SortControl(sortingAttributes, Control.NONCRITICAL), new PagedResultsControl(pageSize, cookie, Control.CRITICAL) };
}else{
//search is finished
return null;
ctx.setRequestControls(controls);
//ctx.getEnvironment().values();
//ctx.getEnvironment().put("com.sun.jndi.ldap.connect.timeout", "5000", 300000);
ctx.addToEnvironment("com.sun.jndi.ldap.connect.timeout", "0");
//ctx.getEnvironment().values();
} catch (NamingException e) {
Tracer.getInstance().error("Paged Search failed while setting response controls: " + e);
return null;
} catch (Exception e) {
Tracer.getInstance().error("Paged Search failed while setting response controls: " + e);
return null;
//2.step: DO SEARCH
for(int i=0;i<10;i++){
boolean reconnect=false;
try{
results = ctx.search(searchBase, searchFilter, searchCtls);
Thread.sleep(300000);
//ctx.get
//Thread.sleep(300000);
break;
} catch (NamingException e) {
Tracer.getInstance().error("Paged Search failed : " + e);
reconnect=true;
} catch (Exception e) {
reconnect=true;
Tracer.getInstance().error("Paged Search failed : " + e);
if(reconnect){
try {
this.ctx = LDAPServer.getInstance().getDirContext();
ctx=ctx.newInstance(controls);
//ctx.getEnvironment().values();
} catch (NamingException e1) {
Tracer.getInstance().error("Could not reconnect the ldapcontext");
return results;
}It turned out to be a DirX "root DSE" entry "PAGP" that is disposing my paged results if a timeout occurs(300 seconds by default).
So i have to modify this entry during runtime, which is unfortunately only can be accesed by dirxadm.exe.
Is it possible to modify this attribute by a ldap context method? -
Synchronization errors with AD: LDAP error code 65 : orclObjectSid
I'm trying to get synchronization working - importing data from Microsoft AD.
The bootstrap seemed to go ok, and the synchronization is up and running - but I still get errors in the profile's trace file as follows at the end of this post.
The error always seem to complain about the orclObjectSid attribute
Do I need to do anything to the OID schema?
Or is this a mapping problem?
Either way, how would I correct this error?
Thanks!!
Howard Dickins
Here's an example of the errors I'm getting:
DN : dc=connectutilities,dc=co,dc=uk
Normalized DN : dc=connectutilities,dc=co,dc=uk
Processing modifyRadd Operation ..
Proceeding with checkNReplace..
Performing checkNReplace..
Naming attribute: dc
Naming attribute value: dc
Naming attribute value: orclObjectSID
Adding Attribute in OID : orclObjectSID
Naming attribute value: orclobjectguid
Adding Attribute in OID : orclobjectguid
Total # of Mod Items : 2
Exception Modifying Entry : javax.naming.directory.SchemaViolationException: [LDAP: error code 65 - Failed to find orclobjectsid in mandatory or optional attribute list.]; remaining name 'dc=connectutilities,dc=co,dc=uk'
javax.naming.directory.SchemaViolationException: [LDAP: error code 65 - Failed to find orclobjectsid in mandatory or optional attribute list.]; remaining name 'dc=connectutilities,dc=co,dc=uk'
at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3019)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2934)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2740)
at com.sun.jndi.ldap.LdapCtx.c_modifyAttributes(LdapCtx.java:1440)
at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_modifyAttributes(ComponentDirContext.java:255)
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.modifyAttributes(PartialCompositeDirContext.java:172)
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.modifyAttributes(PartialCompositeDirContext.java:161)
at javax.naming.directory.InitialDirContext.modifyAttributes(InitialDirContext.java:146)
at oracle.ldap.odip.gsi.LDAPWriter.checkNReplace(LDAPWriter.java:839)
at oracle.ldap.odip.gsi.LDAPWriter.modifyRadd(LDAPWriter.java:717)
at oracle.ldap.odip.gsi.LDAPWriter.writeChanges(LDAPWriter.java:310)
at oracle.ldap.odip.engine.AgentThread.mapExecute(AgentThread.java:581)
at oracle.ldap.odip.engine.AgentThread.execMapping(AgentThread.java:306)
at oracle.ldap.odip.engine.AgentThread.run(AgentThread.java:186)
[LDAP: error code 65 - Failed to find orclobjectsid in mandatory or optional attribute list.]
Entry Not Found. Converting to an ADD op..
Processing Insert Operation ..
Performing createEntry..
Exception creating Entry : javax.naming.directory.SchemaViolationException: [LDAP: error code 65 - Failed to find orclobjectsid in mandatory or optional attribute list.]; remaining name 'dc=connectutilities,dc=co,dc=uk'
[LDAP: error code 65 - Failed to find orclobjectsid in mandatory or optional attribute list.]
javax.naming.directory.SchemaViolationException: [LDAP: error code 65 - Failed to find orclobjectsid in mandatory or optional attribute list.]; remaining name 'dc=connectutilities,dc=co,dc=uk'
at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3019)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2934)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2740)
at com.sun.jndi.ldap.LdapCtx.c_createSubcontext(LdapCtx.java:777)
at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_createSubcontext(ComponentDirContext.java:319)
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.createSubcontext(PartialCompositeDirContext.java:248)
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.createSubcontext(PartialCompositeDirContext.java:236)
at javax.naming.directory.InitialDirContext.createSubcontext(InitialDirContext.java:176)
at oracle.ldap.odip.gsi.LDAPWriter.createEntry(LDAPWriter.java:1031)
at oracle.ldap.odip.gsi.LDAPWriter.insert(LDAPWriter.java:386)
at oracle.ldap.odip.gsi.LDAPWriter.modifyRadd(LDAPWriter.java:725)
at oracle.ldap.odip.gsi.LDAPWriter.writeChanges(LDAPWriter.java:310)
at oracle.ldap.odip.engine.AgentThread.mapExecute(AgentThread.java:581)
at oracle.ldap.odip.engine.AgentThread.execMapping(AgentThread.java:306)
at oracle.ldap.odip.engine.AgentThread.run(AgentThread.java:186)
DIP_LDAPWRITER_ERROR_CREATE
Error in executing mapping DIP_LDAPWRITER_ERROR_CREATE
DIP_LDAPWRITER_ERROR_CREATE
at oracle.ldap.odip.engine.AgentThread.mapExecute(AgentThread.java:722)
at oracle.ldap.odip.engine.AgentThread.execMapping(AgentThread.java:306)
at oracle.ldap.odip.engine.AgentThread.run(AgentThread.java:186)
DIP_LDAPWRITER_ERROR_CREATE
AD_OID_Import:Error in Mapping EngineDIP_LDAPWRITER_ERROR_CREATE
DIP_LDAPWRITER_ERROR_CREATE
at oracle.ldap.odip.engine.AgentThread.mapExecute(AgentThread.java:741)
at oracle.ldap.odip.engine.AgentThread.execMapping(AgentThread.java:306)
at oracle.ldap.odip.engine.AgentThread.run(AgentThread.java:186)
AD_OID_Import:about to Update exec status
Updated Attributes
orclodipLastExecutionTime: 20090617062658
orclodipConDirLastAppliedChgNum: 12242192
orclOdipSynchronizationStatus: Mapping Failure, Agent Execution Not Attempted
orclOdipSynchronizationErrors:
Sleeping for 1secs
LDAP URL : (inexus-srv01:389 oracleextract
Specifying binary attributes: mpegvideo objectguid objectsid guid usercertificate orclodipcondirlastappliedchgnum
LDAP Connection success
Applied ChangeNum : 12242192Available chg num = 12245972
Reader Initialised !!
LDAP URL : (inexus-srv34:389 cn=odisrv+orclhostname=inexus-srv34,cn=registered instances,cn=directory integration platform,cn=products,cn=oraclecontext
Specifying binary attributes: mpegvideo objectguid objectsid guid usercertificate orclodipcondirlastappliedchgnum
LDAP Connection success
Writer Initialised!!
Writer proxy connection initialised!!
MapEngine Initialised!!
Filter Initialised!!
searchF :
CHGLOGFILTER : (&(USNChanged>=12242193)(USNChanged<=12242692))
Search Time 0
Search Successful till # 12242692
Search Changes Done
Changenumber uSNChanged: 12242193
targetdn distinguishedName: DC=connectutilities,DC=co,DC=uk
ChangeRecord : ----------
Changetype: ADDRMODIFY
ChangeKey: dc=connectutilities,dc=co,dc=uk
Attributes:
Class: null Name: objectGUID Type: null ChgType: REPLACE Value: [[B@1c999c4]
Class: null Name: objectSid Type: null ChgType: REPLACE Value: [[B@8e5360]
Class: null Name: dc Type: null ChgType: REPLACE Value: [connectutilities]
Class: null Name: objectClass Type: nonbinary ChgType: REPLACE Value: [top, domain, domainDNS]
-----------I found a solution - I added the offending attribute orclObjectSid to the domain objectClass as an optional attribute.
It was a bit of a "clutching at straws" solution - but it does seem to have worked.
I'm not sure why the data being imported had such a value, but the synchronization hasn't thrown up any further errors since then.
Thanks for your help everyone.
Howard -
Install OCS 10.1.2 Infra DB failed with LDAP: error code 16 on Workspaces
during install OCS Infrastructure DB OCS have error:
... processed key-value: logfile=/oracle/product/dbocs/workspaces/logs/cw_config_backend.log
... processed key-value: action=setup_backend
... processed key-value: oh=/oracle/product/dbocs
... processed key-value: oid=oid.domain
... processed key-value: oid_port=389
... processed key-value: oid_user_dn=cn=orcladmin
... processed key-value: oid_passwd=xxxxxx
... processed key-value: db_sn=ocs.domain
... processed key-value: dba_user=sys
... processed key-value: dba_passwd=xxxxxx
... processed key-value: cw_db_passwd=xxxxxx
Attempting to set logfile to: /oracle/product/dbocs/workspaces/logs/cw_config_backend.log
Processed oh=/oracle/product/dbocs
BACKEND installation ...
... Trying to lookup database dn
... Obtain OID connection
...... Can not obtain OID ssl port.
...... OID port = "389"
...... Trying to establish a non-ssl connection. OID host "oid.domain", OID port "389", OID user dn "cn=orcladmin".
... OID connection created.
...... You must specify either db_dn or db_sn.
...... ldap search filter "(&(objectclass=orcldbserver)(orcldbglobalname=ocs.domain))"
...... Succesfully located database dn "cn=ocs,cn=OracleContext".
...... Database dn = "cn=ocs,cn=OracleContext"
... Validating existence and version of CW schema: "CWSYS" in database: "cn=ocs,cn=OracleContext".
... Obtain JDBC connect string
... JDBC connect string = "(DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=ocsoas.domain)(PORT=1521))(CONNECT_DATA=(SERVICE_NAME=ocs.domain)))"
...derived: "jdbc_str=(DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=ocsoas.domain)(PORT=1521))(CONNECT_DATA=(SERVICE_NAME=ocs.domain)))".
Opening JDBC connection: "jdbc:oracle:thin:sys/xxxxxx@(DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=ocsoas.domain)(PORT=1521))(CONNECT_DATA=(SERVICE_NAME=ocs.domain)))"
Opening JDBC connection: "jdbc:oracle:thin:sys/xxxxxx@(DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=ocsoas.domain)(PORT=1521))(CONNECT_DATA=(SERVICE_NAME=ocs.domain)))"
Unlocking schema and setting passwd: "CWSYS/xxxxxx".
Opening JDBC connection: "jdbc:oracle:thin:sys/xxxxxx@(DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=ocsoas.domain)(PORT=1521))(CONNECT_DATA=(SERVICE_NAME=ocs.domain)))"
... Checking Workspaces container.
... Container "cn=CollaborativeWorkspaces,cn=Products,cn=OracleContext" already exist.
... Finish checking Workspaces container.
... Trying to create backend application entity in OID
...... Database dn = "cn=ocs,cn=OracleContext"
...... Backend entity name = "ocs"
...... Backend entity dn = "orclApplicationCommonName=ocs,cn=Database Instances,cn=CollaborativeWorkspaces,cn=Products,cn=OracleContext"
... Backend entries already exist. Cleanup old entries.
deregisterProvisioningListener ...
app dn = orclApplicationCommonName=ocs,cn=Database Instances,cn=CollaborativeWorkspaces,cn=Products,cn=OracleContext
subscriber = dc=domain,dc=com
... Trying to remove entity "orclApplicationCommonName=ocs,cn=Database Instances,cn=CollaborativeWorkspaces,cn=Products,cn=OracleContext".
... Deleting "orclApplicationCommonName=ocs,cn=Database Instances,cn=CollaborativeWorkspaces,cn=Products,cn=OracleContext"
Adding Workspaces application entity to: cn=Service Registry Viewers,cn=Groups,cn=OracleContext
Adding Workspaces application entity to: cn=Service Registry Admins,cn=Groups,cn=OracleContext
... Insufficient privilege to create application entity "orclApplicationCommonName=ocs,cn=Database Instances,cn=CollaborativeWorkspaces,cn=Products,cn=OracleContext". Please check the user DN and password.
javax.naming.directory.NoSuchAttributeException: [LDAP: error code 16 - One or more values for attribute uniquemember does not exist]; remaining name 'cn=Service Registry Admins,cn=Groups,cn=OracleContext'
at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3009)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2934)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2740)
at com.sun.jndi.ldap.LdapCtx.c_modifyAttributes(LdapCtx.java:1373)
at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_modifyAttributes(ComponentDirContext.java:235)
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.modifyAttributes(PartialCompositeDirContext.java:147)
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.modifyAttributes(PartialCompositeDirContext.java:136)
at javax.naming.directory.InitialDirContext.modifyAttributes(InitialDirContext.java:136)
at oracle.workspaces.share.util.oid.OIDShareUtil.setEntryAttribute(OIDShareUtil.java:471)
at oracle.workspaces.share.util.oid.OIDShareUtil.addMemberToGroup(OIDShareUtil.java:420)
at oracle.workspaces.share.util.oid.OIDShareUtil.addMemberToGroupIgnoreDuplicateMember(OIDShareUtil.java:435)
at oracle.workspaces.install.CwConfigOID.createBackendEntity(CwConfigOID.java:1205)
at oracle.workspaces.install.CwConfigOID.registerBackend(CwConfigOID.java:449)
at oracle.workspaces.install.CwConfig.regBackend(CwConfig.java:320)
at oracle.workspaces.install.CwConfig.run(CwConfig.java:609)
at oracle.workspaces.install.CwConfig.main(CwConfig.java:790)
oracle.workspaces.install.CwCAException: Error while executing action: "setup_backend"
Caused by: javax.naming.directory.NoSuchAttributeException: [LDAP: error code 16 - One or more values for attribute uniquemember does not exist]
at oracle.workspaces.install.CwConfig.run(CwConfig.java:639)
at oracle.workspaces.install.CwConfig.main(CwConfig.java:790)
Caused by: javax.naming.directory.NoSuchAttributeException: [LDAP: error code 16 - One or more values for attribute uniquemember does not exist]; remaining name 'cn=Service Registry Admins,cn=Groups,cn=OracleContext'
at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3009)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2934)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2740)
at com.sun.jndi.ldap.LdapCtx.c_modifyAttributes(LdapCtx.java:1373)
at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_modifyAttributes(ComponentDirContext.java:235)
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.modifyAttributes(PartialCompositeDirContext.java:147)
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.modifyAttributes(PartialCompositeDirContext.java:136)
at javax.naming.directory.InitialDirContext.modifyAttributes(InitialDirContext.java:136)
at oracle.workspaces.share.util.oid.OIDShareUtil.setEntryAttribute(OIDShareUtil.java:471)
at oracle.workspaces.share.util.oid.OIDShareUtil.addMemberToGroup(OIDShareUtil.java:420)
at oracle.workspaces.share.util.oid.OIDShareUtil.addMemberToGroupIgnoreDuplicateMember(OIDShareUtil.java:435)
at oracle.workspaces.install.CwConfigOID.createBackendEntity(CwConfigOID.java:1205)
at oracle.workspaces.install.CwConfigOID.registerBackend(CwConfigOID.java:449)
at oracle.workspaces.install.CwConfig.regBackend(CwConfig.java:320)
at oracle.workspaces.install.CwConfig.run(CwConfig.java:609)
... 1 more
javax.naming.directory.NoSuchAttributeException: [LDAP: error code 16 - One or more values for attribute uniquemember does not exist]; remaining name 'cn=Service Registry Admins,cn=Groups,cn=OracleContext'
at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3009)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2934)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2740)
at com.sun.jndi.ldap.LdapCtx.c_modifyAttributes(LdapCtx.java:1373)
at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_modifyAttributes(ComponentDirContext.java:235)
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.modifyAttributes(PartialCompositeDirContext.java:147)
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.modifyAttributes(PartialCompositeDirContext.java:136)
at javax.naming.directory.InitialDirContext.modifyAttributes(InitialDirContext.java:136)
at oracle.workspaces.share.util.oid.OIDShareUtil.setEntryAttribute(OIDShareUtil.java:471)
at oracle.workspaces.share.util.oid.OIDShareUtil.addMemberToGroup(OIDShareUtil.java:420)
at oracle.workspaces.share.util.oid.OIDShareUtil.addMemberToGroupIgnoreDuplicateMember(OIDShareUtil.java:435)
at oracle.workspaces.install.CwConfigOID.createBackendEntity(CwConfigOID.java:1205)
at oracle.workspaces.install.CwConfigOID.registerBackend(CwConfigOID.java:449)
at oracle.workspaces.install.CwConfig.regBackend(CwConfig.java:320)
at oracle.workspaces.install.CwConfig.run(CwConfig.java:609)
at oracle.workspaces.install.CwConfig.main(CwConfig.java:790)
What should i do?
help.
Thanksclosed
Re: Install OCS 10.1.2 Infra DB failed with LDAP: error code 16 on Workspac -
OID - LDAP:error code 19 -Admin domain
Exception creating Entry : javax.naming.directory.InvalidAttributeValueException: [LDAP: error code 19 - Admin domain does not contain schema information for objectclass person.]; remaining name 'cn=oriondes,ou=servidoresmiembro,ou=internos,cn=users,dc=superfinanciera,dc=gov,dc=co'
[LDAP: error code 19 - Admin domain does not contain schema information for objectclass person.]
javax.naming.directory.InvalidAttributeValueException: [LDAP: error code 19 - Admin domain does not contain schema information for objectclass person.]; remaining name 'cn=oriondes,ou=servidoresmiembro,ou=internos,cn=users,dc=superfinanciera,dc=gov,dc=co'
at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3001)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2934)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2740)
at com.sun.jndi.ldap.LdapCtx.c_createSubcontext(LdapCtx.java:777)
at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_createSubcontext(ComponentDirContext.java:319)
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.createSubcontext(PartialCompositeDirContext.java:248)
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.createSubcontext(PartialCompositeDirContext.java:236)
at javax.naming.directory.InitialDirContext.createSubcontext(InitialDirContext.java:176)
at oracle.ldap.odip.gsi.LDAPWriter.createEntry(LDAPWriter.java:1056)
at oracle.ldap.odip.gsi.LDAPWriter.insert(LDAPWriter.java:409)
at oracle.ldap.odip.gsi.LDAPWriter.modifyRadd(LDAPWriter.java:748)
at oracle.ldap.odip.gsi.LDAPWriter.writeChanges(LDAPWriter.java:335)
at oracle.ldap.odip.engine.AgentThread.mapExecute(AgentThread.java:581)
at oracle.ldap.odip.engine.AgentThread.execMapping(AgentThread.java:306)
at oracle.ldap.odip.engine.AgentThread.run(AgentThread.java:186)
DIP_LDAPWRITER_ERROR_CREATE
DIP_LDAPWRITER_ERROR_CREATE
at oracle.ldap.odip.engine.AgentThread.mapExecute(AgentThread.java:722)
at oracle.ldap.odip.engine.AgentThread.execMapping(AgentThread.java:306)
at oracle.ldap.odip.engine.AgentThread.run(AgentThread.java:186)
DIP_LDAPWRITER_ERROR_CREATE
ActiveChgImp:Error in Mapping EngineDIP_LDAPWRITER_ERROR_CREATE
DIP_LDAPWRITER_ERROR_CREATE
at oracle.ldap.odip.engine.AgentThread.mapExecute(AgentThread.java:741)
at oracle.ldap.odip.engine.AgentThread.execMapping(AgentThread.java:306)
at oracle.ldap.odip.engine.AgentThread.run(AgentThread.java:186)
ActiveChgImp:about to Update exec status
Updated Attributes
orclodipLastExecutionTime: 20100906150632
orclodipConDirLastAppliedChgNum: 34086144
orclOdipSynchronizationStatus: Mapping Failure, Agent Execution Not AttemptedHi,
Please let me know if this has been resolved. Also, please post the solution if you find any.
-Mahendra. -
LDAP Error code 65 - givenName
I have tried dozens of things and reviewed many metalink documents, but none of them seem to zero in on my exact issue. Can someone please tell me why it is unable to map the givenName attribute. I have verified that inetOrgPerson is the correct objectclass to map this attribute, so I really don't understand.
My mapping is as follows:
givenName: : :person:givenName: :inetorgperson
Here is the details from my import.trc file.
Command exec succesful
LDAP URL : (server.mycompanyenergy.com:port : 389cn=AdminOID,cn=users,dc=mycompanyenergy,dc=com
LDAP Connection success
LDAP URL : (server.mycompanyenergy.com:389 cn=AdminOID,cn=users,dc=mycompanyenergy,dc=com
Specifying binary attributes: mpegvideo objectguid objectsid guid usercertificate orclodipcondirlastappliedchgnum
LDAP Connection success
Last Cookie:TVNEUwMAAAAZWAkygJLLAQAAAAAAAAAAGAEAAMxcJgAAAAAAAAAAAAAAAADMXCYAAAAAAIYe+wZstEBBmZS0D5tgsHIBAAAAAAAAAAsAAAAAAAAAhh77Bmy0QEGZlLQPm2CwctRcJgAAAAAAyXc5FZpI0EKT2vApaqLf0QbybAAAAAAAxQ7dMLsVXEORsgFd1HJd4/OvhAAAAAAAEX6EMgTxVk+GUsZbGZvEYEyIgwAAAAAAUt0eQY/5c0+YwrHTuSWj6oi+iwMAAAAA8fdCZEQBBUS7GM7m8LxW3eFvqwEAAAAADFg9fo0Mhk6gjY+SsJSaYh4NLgAAAAAArLDumHJ2NEyD4z8FAKGRU4p0AAAAAAAAC+CWoJbJsk2lkF9r8XwUKGZ+bwAAAAAA5ABDre7ZDU+vzdZhaHJCR8EsAQAAAAAAVUA8umstpEaHIpGN0a8S124iCAAAAAAA
Last IgnoreCnt:0
Reader Initialised !!
LDAP URL : (drsnt17.mycompanyenergy.com:389 cn=odisrv+orclhostname=DRSNT17,cn=registered instances,cn=directory comegration platform,cn=products,cn=oraclecontext
Specifying binary attributes: mpegvideo objectguid objectsid guid usercertificate orclodipcondirlastappliedchgnum
LDAP Connection success
Writer Initialised!!
Writer proxy connection initialised!!
MapEngine Initialised!!
Filter Initialised!!
searchF : (|(objectclass=organizationalunit)(&(objectclass=user)(userprincipalname=*)(!(objectclass=computer)))(isDeleted=TRUE))
searchF : (|(objectclass=organizationalunit)(&(objectclass=user)(userprincipalname=*)(!(objectclass=computer)))(isDeleted=TRUE))
Search Time 63
Search Changes Done
Value of mIgnoreCnt: 0
ChangeRecord : ----------
Changetype: ADDRMODIFY
ChangeKey: CN=AdminGEL,CN=Users,DC=mycompanyenergy,DC=com
Attributes:
Class: null Name: objectclass Type: null ChgType: REPLACE Value: [top, person, organizationalPerson, user]
Class: null Name: objectguid Type: null ChgType: REPLACE Value: [[B@39443f]
Source ChangeRecord Created
MAPPING : Source Change Record : ChangeRecord : ----------
Changetype: ADDRMODIFY
ChangeKey: CN=AdminGEL,CN=Users,DC=mycompanyenergy,DC=com
Attributes:
Class: null Name: CN Type: null ChgType: Value: [AdminGEL]
Class: null Name: objectclass Type: null ChgType: REPLACE Value: [top, person, organizationalPerson, user]
Class: null Name: objectguid Type: null ChgType: REPLACE Value: [[B@39443f]
MAPPING: Attributes - Start
MAPPING: Processing Map Rule : 7
MAPPING: Processing Map Rule : 7
Value is empty after evaluation of mapping rule
MAPPING: Processing Map Rule : 8
MAPPING: Processing Map Rule : 8
MAPPING: Processing Map Rule : 7
MAPPING: DstChangeRecord after Attribute Mapping : ChangeRecord : ----------
Changetype: ADDRMODIFY
ChangeKey: CN=AdminGEL,CN=Users,DC=mycompanyenergy,DC=com
Attributes:
Class: null Name: objectclass Type: null ChgType: REPLACE Value: [orcladuser, orcluserv2]
Class: null Name: orclSAMAccountName Type: null ChgType: NOCHANGE Value: [$ ]
Class: null Name: krbPrincipalName Type: null ChgType: NOCHANGE Value: [@ ]
Class: null Name: orclObjectGUID Type: null ChgType: REPLACE Value: [s+86AiXo4EW5VplAtIXjkQ==]
Not able to construct DN
MAPPING : Dst Change Record : ChangeRecord : ----------
Changetype: ADDRMODIFY
ChangeKey: *
Attributes:
Class: null Name: objectclass Type: null ChgType: REPLACE Value: [orcladuser, orcluserv2]
Class: null Name: orclSAMAccountName Type: null ChgType: NOCHANGE Value: [$ ]
Class: null Name: krbPrincipalName Type: null ChgType: NOCHANGE Value: [@ ]
Class: null Name: orclObjectGUID Type: null ChgType: REPLACE Value: [s+86AiXo4EW5VplAtIXjkQ==]
Output ChangeRecord ChangeRecord : ----------
Changetype: ADDRMODIFY
ChangeKey: *
Attributes:
Class: null Name: objectclass Type: null ChgType: REPLACE Value: [orcladuser, orcluserv2]
Class: null Name: orclSAMAccountName Type: null ChgType: NOCHANGE Value: [$ ]
Class: null Name: krbPrincipalName Type: null ChgType: NOCHANGE Value: [@ ]
Class: null Name: orclObjectGUID Type: null ChgType: REPLACE Value: [s+86AiXo4EW5VplAtIXjkQ==]
DN : *
Normalized DN : cn=admingel,ou=oidusers,cn=users,dc=mycompanyenergy,dc=com
Changetype is 5
Processing modifyRadd Operation ..
Proceeding with checkNReplace..
Performing checkNReplace..
Naming attribute: cn
Naming attribute value: orclObjectGUID
Naming attribute value: objectclass
Total # of Mod Items : 1
Exception Modifying Entry : javax.naming.directory.SchemaViolationException: [LDAP: error code 65 - Failed to find givenname in mandatory or optional attribute list.]; remaining name 'cn=admingel,ou=oidusers,cn=users,dc=mycompanyenergy,dc=com'
javax.naming.directory.SchemaViolationException: [LDAP: error code 65 - Failed to find givenname in mandatory or optional attribute list.]; remaining name 'cn=admingel,ou=oidusers,cn=users,dc=mycompanyenergy,dc=com'
at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3019)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2934)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2740)
at com.sun.jndi.ldap.LdapCtx.c_modifyAttributes(LdapCtx.java:1440)
at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_modifyAttributes(ComponentDirContext.java:255)
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.modifyAttributes(PartialCompositeDirContext.java:172)
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.modifyAttributes(PartialCompositeDirContext.java:161)
at javax.naming.directory.InitialDirContext.modifyAttributes(InitialDirContext.java:146)
at oracle.ldap.odip.gsi.LDAPWriter.checkNReplace(LDAPWriter.java:862)
at oracle.ldap.odip.gsi.LDAPWriter.modifyRadd(LDAPWriter.java:740)
at oracle.ldap.odip.gsi.LDAPWriter.writeChanges(LDAPWriter.java:335)
at oracle.ldap.odip.engine.AgentThread.mapExecute(AgentThread.java:581)
at oracle.ldap.odip.engine.AgentThread.execMapping(AgentThread.java:306)
at oracle.ldap.odip.engine.AgentThread.run(AgentThread.java:186)
[LDAP: error code 65 - Failed to find givenname in mandatory or optional attribute list.]
Entry Not Found. Converting to an ADD op..
Processing Insert Operation ..
Performing createEntry..
Exception creating Entry : javax.naming.directory.SchemaViolationException: [LDAP: error code 65 - Failed to find cn in mandatory or optional attribute list.]; remaining name 'cn=admingel,ou=oidusers,cn=users,dc=mycompanyenergy,dc=com'
[LDAP: error code 65 - Failed to find cn in mandatory or optional attribute list.]
javax.naming.directory.SchemaViolationException: [LDAP: error code 65 - Failed to find cn in mandatory or optional attribute list.]; remaining name 'cn=admingel,ou=oidusers,cn=users,dc=mycompanyenergy,dc=com'
at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3019)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2934)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2740)
at com.sun.jndi.ldap.LdapCtx.c_createSubcontext(LdapCtx.java:777)
at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_createSubcontext(ComponentDirContext.java:319)
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.createSubcontext(PartialCompositeDirContext.java:248)
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.createSubcontext(PartialCompositeDirContext.java:236)
at javax.naming.directory.InitialDirContext.createSubcontext(InitialDirContext.java:176)
at oracle.ldap.odip.gsi.LDAPWriter.createEntry(LDAPWriter.java:1054)
at oracle.ldap.odip.gsi.LDAPWriter.insert(LDAPWriter.java:409)
at oracle.ldap.odip.gsi.LDAPWriter.modifyRadd(LDAPWriter.java:748)
at oracle.ldap.odip.gsi.LDAPWriter.writeChanges(LDAPWriter.java:335)
at oracle.ldap.odip.engine.AgentThread.mapExecute(AgentThread.java:581)
at oracle.ldap.odip.engine.AgentThread.execMapping(AgentThread.java:306)
at oracle.ldap.odip.engine.AgentThread.run(AgentThread.java:186)
DIP_LDAPWRITER_ERROR_CREATE
Error in executing mapping DIP_LDAPWRITER_ERROR_CREATE
DIP_LDAPWRITER_ERROR_CREATE
at oracle.ldap.odip.engine.AgentThread.mapExecute(AgentThread.java:722)
at oracle.ldap.odip.engine.AgentThread.execMapping(AgentThread.java:306)
at oracle.ldap.odip.engine.AgentThread.run(AgentThread.java:186)
DIP_LDAPWRITER_ERROR_CREATE
Last chg key: TVNEUwMAAAAZWAkygJLLAQAAAAAAAAAAGAEAAMxcJgAAAAAAAAAAAAAAAADMXCYAAAAAAIYe+wZstEBBmZS0D5tgsHIBAAAAAAAAAAsAAAAAAAAAhh77Bmy0QEGZlLQPm2CwctRcJgAAAAAAyXc5FZpI0EKT2vApaqLf0QbybAAAAAAAxQ7dMLsVXEORsgFd1HJd4/OvhAAAAAAAEX6EMgTxVk+GUsZbGZvEYEyIgwAAAAAAUt0eQY/5c0+YwrHTuSWj6oi+iwMAAAAA8fdCZEQBBUS7GM7m8LxW3eFvqwEAAAAADFg9fo0Mhk6gjY+SsJSaYh4NLgAAAAAArLDumHJ2NEyD4z8FAKGRU4p0AAAAAAAAC+CWoJbJsk2lkF9r8XwUKGZ+bwAAAAAA5ABDre7ZDU+vzdZhaHJCR8EsAQAAAAAAVUA8umstpEaHIpGN0a8S124iCAAAAAAA
ActiveImport:Error in Mapping EngineDIP_LDAPWRITER_ERROR_CREATE
DIP_LDAPWRITER_ERROR_CREATE
at oracle.ldap.odip.engine.AgentThread.mapExecute(AgentThread.java:741)
at oracle.ldap.odip.engine.AgentThread.execMapping(AgentThread.java:306)
at oracle.ldap.odip.engine.AgentThread.run(AgentThread.java:186)
ActiveImport:about to Update exec status
Updated Attributes
orclodipLastExecutionTime: 20101208201740
orclodipConDirLastAppliedChgNum: TVNEUwMAAAAZWAkygJLLAQAAAAAAAAAAGAEAAMxcJgAAAAAAAAAAAAAAAADMXCYAAAAAAIYe+wZstEBBmZS0D5tgsHIBAAAAAAAAAAsAAAAAAAAAhh77Bmy0QEGZlLQPm2CwctRcJgAAAAAAyXc5FZpI0EKT2vApaqLf0QbybAAAAAAAxQ7dMLsVXEORsgFd1HJd4/OvhAAAAAAAEX6EMgTxVk+GUsZbGZvEYEyIgwAAAAAAUt0eQY/5c0+YwrHTuSWj6oi+iwMAAAAA8fdCZEQBBUS7GM7m8LxW3eFvqwEAAAAADFg9fo0Mhk6gjY+SsJSaYh4NLgAAAAAArLDumHJ2NEyD4z8FAKGRU4p0AAAAAAAAC+CWoJbJsk2lkF9r8XwUKGZ+bwAAAAAA5ABDre7ZDU+vzdZhaHJCR8EsAQAAAAAAVUA8umstpEaHIpGN0a8S124iCAAAAAAA
orclOdipSynchronizationStatus: Mapping Failure, Agent Execution Not Attempted
orclOdipSynchronizationErrors:
Sleeping for 1secsIs there anyone who can help? I am getting the error on krbprincipalname now. Here is the mapping of the change record, I can't determine where the problem is.
ChangeRecord : ----------
Changetype: ADDRMODIFY
ChangeKey: CN=AdminGEL,CN=Users,DC=mycompany,DC=com
Attributes:
Class: null Name: objectclass Type: null ChgType: REPLACE Value: [top, person, organizationalPerson, user]
Class: null Name: objectguid Type: null ChgType: REPLACE Value: [[B@edc3a2]
Source ChangeRecord Created
MAPPING : Source Change Record : ChangeRecord : ----------
Changetype: ADDRMODIFY
ChangeKey: CN=AdminGEL,CN=Users,DC=mycompany,DC=com
Attributes:
Class: null Name: CN Type: null ChgType: Value: [AdminGEL]
Class: null Name: objectclass Type: null ChgType: REPLACE Value: [top, person, organizationalPerson, user]
Class: null Name: objectguid Type: null ChgType: REPLACE Value: [[B@edc3a2]
MAPPING: Attributes - Start
MAPPING: Processing Map Rule : 7
MAPPING: Processing Map Rule : 7
Value is empty after evaluation of mapping rule
MAPPING: Processing Map Rule : 8
MAPPING: Processing Map Rule : 7
MAPPING: DstChangeRecord after Attribute Mapping : ChangeRecord : ----------
Changetype: ADDRMODIFY
ChangeKey: CN=AdminGEL,CN=Users,DC=mycompany,DC=com
Attributes:
Class: null Name: objectclass Type: null ChgType: REPLACE Value: [orcladuser]
Class: null Name: orclSAMAccountName Type: null ChgType: NOCHANGE Value: [$ ]
Class: null Name: orclObjectGUID Type: null ChgType: REPLACE Value: [s+86AiXo4EW5VplAtIXjkQ==]
Not able to construct DN
MAPPING : Dst Change Record : ChangeRecord : ----------
Changetype: ADDRMODIFY
ChangeKey: *
Attributes:
Class: null Name: objectclass Type: null ChgType: REPLACE Value: [orcladuser]
Class: null Name: orclSAMAccountName Type: null ChgType: NOCHANGE Value: [$ ]
Class: null Name: orclObjectGUID Type: null ChgType: REPLACE Value: [s+86AiXo4EW5VplAtIXjkQ==]
Output ChangeRecord ChangeRecord : ----------
Changetype: ADDRMODIFY
ChangeKey: *
Attributes:
Class: null Name: objectclass Type: null ChgType: REPLACE Value: [orcladuser]
Class: null Name: orclSAMAccountName Type: null ChgType: NOCHANGE Value: [$ ]
Class: null Name: orclObjectGUID Type: null ChgType: REPLACE Value: [s+86AiXo4EW5VplAtIXjkQ==]
DN : *
Normalized DN : cn=admingel,ou=oidusers,cn=users,dc=mycompany,dc=com
Changetype is 5
Processing modifyRadd Operation ..
Proceeding with checkNReplace..
Performing checkNReplace..
Naming attribute: cn
Naming attribute value: orclObjectGUID
Naming attribute value: objectclass
Total # of Mod Items : 1
Exception Modifying Entry : javax.naming.directory.SchemaViolationException: [LDAP: error code 65 - Failed to find krbprincipalname in mandatory or optional attribute list.]; remaining name 'cn=admingel,ou=oidusers,cn=users,dc=mycompany,dc=com'
javax.naming.directory.SchemaViolationException: [LDAP: error code 65 - Failed to find krbprincipalname in mandatory or optional attribute list.]; remaining name 'cn=admingel,ou=oidusers,cn=users,dc=mycompany,dc=com'
at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3019)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2934)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2740)
at com.sun.jndi.ldap.LdapCtx.c_modifyAttributes(LdapCtx.java:1440)
at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_modifyAttributes(ComponentDirContext.java:255)
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.modifyAttributes(PartialCompositeDirContext.java:172)
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.modifyAttributes(PartialCompositeDirContext.java:161)
at javax.naming.directory.InitialDirContext.modifyAttributes(InitialDirContext.java:146)
at oracle.ldap.odip.gsi.LDAPWriter.checkNReplace(LDAPWriter.java:862)
at oracle.ldap.odip.gsi.LDAPWriter.modifyRadd(LDAPWriter.java:740)
at oracle.ldap.odip.gsi.LDAPWriter.writeChanges(LDAPWriter.java:335)
at oracle.ldap.odip.engine.AgentThread.mapExecute(AgentThread.java:581)
at oracle.ldap.odip.engine.AgentThread.execMapping(AgentThread.java:306)
at oracle.ldap.odip.engine.AgentThread.run(AgentThread.java:186)
[LDAP: error code 65 - Failed to find krbprincipalname in mandatory or optional attribute list.]
Based on the objects attributes list, the krbprincipalname is part of the orcluserv2 object class, so the mapping should be fine.
objectclasses: ( 2.16.840.1.113894.1.2.52 NAME 'orclUserV2' SUP 'top' AUXILIAR
Y MAY ( orclHireDate $ orclDateOfBirth $ orclMaidenName $ orclIsVisible $ or
clDisplayPersonalInfo $ middleName $ orclDefaultProfileGroup $ c $ orclTimeZ
one $ orclIsEnabled $ orclPasswordHintAnswer $ orclPasswordHint $ orclWorkfl
owNotificationPref $ orclTimeZone $ c $ orclActiveStartDate $ orclActiveEndD
ate $ orclGender $ userPKCS12 $ orclPKCS12Hint $ orclPassword $ authPassword
$ orclPasswordVerifier $ orclSecondaryUID $ krbPrincipalName $ orclWireless
AccountNumber $ orclUIAccessibilityMode $ assistant $ orclSAMAccountName $ o
rclUserProvMode ) ) -
Hitting error LDAP: error code 20 - mail attribute has duplicate value.
Hi ,
Anyone faced this issue before LDAP: error code 20 - mail attribute has duplicate value. We are getting this error intermittently in oid logs and
and due to that provisioning stuck . I know that the issue due to the object class mismatch in attributes. But map profile looks fine . Anything else need to check ?
SSO verion 10.4.1.3 and DB version 10g .
javax.naming.directory.AttributeInUseException: [LDAP: error code 20 - mail attribute has duplicate value.]; remaining name 'uid=abc,cn=users,dc=xyz ,dc=com'
at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:2972)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2934)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2740)
at com.sun.jndi.ldap.LdapCtx.c_modifyAttributes(LdapCtx.java:1440)
at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_modifyAttributes(ComponentDirContext.java:255)
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.modifyAttributes(PartialCompositeDirContext.java:172)
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.modifyAttributes(PartialCompositeDirContext.java:161)
at javax.naming.directory.InitialDirContext.modifyAttributes(InitialDirContext.java:146)
at oracle.ldap.odip.gsi.LDAPWriter.modify(LDAPWriter.java:479)
at oracle.ldap.odip.gsi.LDAPWriter.writeChanges(LDAPWriter.java:318)
at oracle.ldap.odip.engine.AgentThread.mapExecute(AgentThread.java:656)
at oracle.ldap.odip.engine.AgentThread.execMapping(AgentThread.java:377)
at oracle.ldap.odip.engine.AgentThread.run(AgentThread.java:238)
DIP_LDAPWRITER_ERROR_MODIFY
Error in executing mapping DIP_LDAPWRITER_ERROR_MODIFY
DIP_LDAPWRITER_ERROR_MODIFY
at oracle.ldap.odip.engine.AgentThread.mapExecute(AgentThread.java:830)
at oracle.ldap.odip.engine.AgentThread.execMapping(AgentThread.java:377)
at oracle.ldap.odip.engine.AgentThread.run(AgentThread.java:238)
DIP_LDAPWRITER_ERROR_MODIFY
Setting Change Success Count : 27682
Setting Change Failure Count : 11004
CDSImportProfile:Error in Mapping EngineDIP_LDAPWRITER_ERROR_MODIFY
DIP_LDAPWRITER_ERROR_MODIFY
at oracle.ldap.odip.engine.AgentThread.mapExecute(AgentThread.java:851)
at oracle.ldap.odip.engine.AgentThread.execMapping(AgentThread.java:377)
at oracle.ldap.odip.engine.AgentThread.run(AgentThread.java:238)
CDSImportProfile:about to Update exec statusdid you search the LDAP server to see whether the email value you try to use already exist ? typically LDAP server do not care whether email is duplicated or not, but by default OIM server do not allow duplicated email
-
Hi,
I am getting the following error when I try to do a search on an ldap (AD LDS) database:
javax.naming.NameNotFoundException: [LDAP: error code 32 - 0000208D: NameErr: DSID-031522C9, problem 2001 (NO_OBJECT), data 0, best match of:
'DC=AppPartFE,DC=com'
]; remaining name 'cn=Users,dc=AppPartFE,dc=com'
at com.sun.jndi.ldap.LdapCtx.mapErrorCode(Unknown Source)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(Unknown Source)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(Unknown Source)
at com.sun.jndi.ldap.LdapCtx.searchAux(Unknown Source)
at com.sun.jndi.ldap.LdapCtx.c_search(Unknown Source)
at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(Unknown Source)
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(Unknown Source)
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(Unknown Source)
at javax.naming.directory.InitialDirContext.search(Unknown Source)
at Test.<init>(Test.java:70)
at Test.main(Test.java:118)
I can bind successfully using either the userPrincipalName (UPN) or the Distinguished Name (DN), however my search is failing.
It is almost as if I am connected to the db tree at the wrong place. Do I need a different search scope?
I appreciate any assistance you can provide.
Here is my code:
import java.util.*;
import static java.lang.System.err;
import javax.naming.Context;
import javax.naming.NamingEnumeration;
import javax.naming.NamingException;
import javax.naming.directory.DirContext;
import javax.naming.directory.SearchControls;
import javax.naming.directory.SearchResult;
import javax.naming.ldap.InitialLdapContext;
import javax.naming.ldap.LdapContext;
public class Test
public Test()
Properties prop = new Properties();
prop.put("java.naming.factory.initial", "com.sun.jndi.ldap.LdapCtxFactory");
prop.put("java.naming.provider.url", "ldap://MyHost.Mydomain.labs.CompanyX.com:50004");
String strProviderUrl = "ldap://MyHost.Mydomain.labs.CompanyX.com:50004";
// Can successfully bind with the userPrincipalName in AD LDS
//prop.put("java.naming.security.principal", "[email protected]");
// Can successfully bind with Distinguished Name
// Note: the string is case insensitive and embedded blank after a comma is not a problem
prop.put("java.naming.security.principal", "cn=tst0001,cn=Users,dc=AppPartFE,dc=com");
prop.put("java.naming.security.credentials", "password");
try {
LdapContext ctx = new InitialLdapContext(prop, null);
System.out.println("Bind successful");
//I am successful to this point....
//now try doing a search on another user
String strFilter = "(&(objectClass=userProxy)(sAMAccountName=tst0001))";
SearchControls searchControls = new SearchControls();
searchControls.setSearchScope(SearchControls.SUBTREE_SCOPE); //works with object class=* to find top partition node
NamingEnumeration<SearchResult> results = ctx.search("cn=Users,dc=AppPartFE,dc=com", strFilter, searchControls);
SearchResult searchResult = null;
if(results.hasMoreElements()) {
searchResult = (SearchResult) results.nextElement();
//make sure there is not another item available, there should be only 1 match
if(results.hasMoreElements()) {
System.err.println("Matched multiple users for the accountName");
catch (NamingException ex) {
ex.printStackTrace();
public static void main(String[] args)
Test ldaptest = new Test();Because you are specifiying a base distinguished name in your ldap url, the ldap context will be rooted at that context and all subsequent objects will be relative to that base distinguished name.//connect to my domain controller
String ldapURL = "ldaps://rhein:636/dc=bodensee,dc=de";andString userName = "CN=verena bit,OU=Lehrer,OU=ASR,DC=bodensee,DC=de";results in an fully distinguished name of:CN=verena bit,OU=Lehrer,OU=ASR,DC=bodensee,DC=de,dc=bodensee,dc=deEither specify your ldap url asString ldapURL = "ldaps://rhein:636";and leave your username as is, or specify the user object relative to the base distinguished name in the ldapurlString userName = "CN=verena bit,OU=Lehrer,OU=ASR";
Maybe you are looking for
-
How can I get a newsletter created in PDF format to appear in the body of an email I send, rather than attach it.
-
Dynamic adding of components (doesn't work when programmatically)
Hi, I don't understand, why this doesn't work. I'll explain it on this example: import java.util.concurrent.ScheduledThreadPoolExecutor; import java.util.concurrent.TimeUnit; import javafx.application.Application; import javafx.event.ActionEvent; imp
-
Operation number and work center
I'm looking for the link between inspection plan/recipe header and operation at table lavel. Reason: I have two inspection plan number with same group number but both has different counter and each has 4 operation and each operation has different wor
-
How to insert chinese charater in a table in oracle 10g
Hi, plez help me to insert chinese charater in the databsse..
-
Macbook Pro not turning on, Power button unresponsive
Now, Lets me explain the situation. Our High School issued Macbook Pros as part of some kind of project to boost learning standards, And they let us keep them over the holidays. My friend contacted me an hour ago telling me his was not turning on, We