OID 10g Import Sync From Novell eDirectory Fails On Entries Changed To Have "Secure Login" Type Objectclasses And Attributes Added In Edir. Sync Profile Trace File Error: Error LDAP_CREATECHG_EXCEPTION / Source ChangeRecord NULL
Last updated on MARCH 08, 2017
Applies to:Oracle Internet Directory - Version 10.1.4.0.1 to 10.1.4.3 [Release 10gR3]
Information in this document applies to any platform.
Oracle Internet Directory (OID) 10g 10.1.4, integrated with Novell eDirectory via Directory Integration Platform (DIP) import synchronization.
After the eDirectory Administrator changed a user entry to what achieve what may be called a 'secure login', which created many new attributes and objectclasses, this eDir entry will no longer sync to OID, and further, while processing the change, the entry is completed removed / deleted from OID altogether.
All other entries that do not have this special set of attributes/objectclasses continue to work fine. Only the entries that are changed to have the many attributes/objectclasses for 'secure login' are affected.
Nothing meaninful is shown in the <eDirprofilename>.trc file; only the following is seen:
Naming attribute value: objectclass
Total # of Mod Items : 2
Modified Entry Successfully : cn=regularUser1,ou=min,cn=users,dc=mycompany,dc=com
Only modifytimestamp of entry cn=regularUser1,ou=min,cn=users,dc=mycompany,dc=com is synchronized.
[mAvailableChangeNum] last change key = 20110909153419Z
Current modifytimestamp 20110909151834Z
Source ChangeRecord NULL
Current modifytimestamp 20110909152054Z
ChangeRecord : ----------
Please note that the entry in question is eDir entry "cn=SecureLoginUser,ou=min,o=myou."
The previous OID entry "cn=regularUser1,ou=min,cn=users,dc=mycompany,dc=com" sync's successfully, and so does the entry afterwards which is edir entry "cn=regularUser2,ou=min,o=myou."
A command line ldapsearch directly to eDir for the problem user works and retrieves the entry without problems. Also verified the eDir modifytimestamp value is set to greater than the last applied change number LACN in the profile after making a change.
The eDir entry was modified to have many objectclasses and attributes added for "secure login."
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
Million Knowledge Articles and hundreds of Community platforms