OID 10g Import Sync From Novell eDirectory Fails On Entries Changed To Have "Secure Login" Type Objectclasses And Attributes Added In Edir. Sync Profile Trace File Error: Error LDAP_CREATECHG_EXCEPTION / Source ChangeRecord NULL (Doc ID 1475542.1)

Last updated on FEBRUARY 26, 2019

Applies to:

Symptoms

Oracle Internet Directory (OID) 10g 10.1.4, integrated with Novell eDirectory via Directory Integration Platform (DIP) import synchronization.

After the eDirectory Administrator changed a user entry to what achieve what may be called a 'secure login', which created many new attributes and objectclasses, this eDir entry will no longer sync to OID, and further, while processing the change, the entry is completed removed / deleted from OID altogether.

All other entries that do not have this special set of attributes/objectclasses continue to work fine.  Only the entries that are changed to have the many attributes/objectclasses for 'secure login' are affected.

Nothing meaninful is shown in the <eDirprofilename>.trc file; only the following is seen:

Please note that the entry in question is eDir entry "cn=SecureLoginUser,ou=min,o=myou."

The previous OID entry "cn=regularUser1,ou=min,cn=users,dc=mycompany,dc=com" sync's successfully, and so does the entry afterwards which is edir entry "cn=regularUser2,ou=min,o=myou."

A command line ldapsearch directly to eDir for the problem user works and retrieves the entry without problems.  Also verified the eDir modifytimestamp value is set  to greater than the last applied change number LACN in the profile after making a change.

Changes

 The eDir entry was modified to have many objectclasses and attributes added for "secure login."

Cause

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.