My Oracle Support Banner

ISW Requires Proper Configuration of the Schema Being Used Within ODSEE and Active Directory Entries. (Doc ID 1427728.1)

Last updated on SEPTEMBER 20, 2019

Applies to:

Oracle Directory Server Enterprise Edition - Version 6.3 SP1 to 11.1.1.5.0 [Release 6.0 to 11gR1]
Information in this document applies to any platform.

Symptoms

If ISW is unable to link or synchronize SUN Directory accounts with Active Directory, it will be noticed when attempting to link users with the "idsync resync" command that no modifications are actually written to the DS user entry, even though the command line indicates it is updating entries and completes with a "Success".

When actually looking at the user entry in the DS, if things were successful with the initial idsync resync, the directory server user entry would be updated with the values in bold, below.  If it has failed these entries will be missing/not set within the user entries.

dn: uid=user,ou=people,dc=<SUFFIX>
...
objectclass: dspswuser
...
...
dspswuserlink: (a binary value that does not display properly that is the ObjectGUID value from the corresponding "linked" AD entry)
dspswvalidate: true



There will also be note err=65 messages (objectclass violation) in both the user DS access logs as well as the "connector" logs (CNN1##) at the time linking is taking place when things are NOT configured correctly.

Changes

 

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Symptoms
Changes
Cause
Solution


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.