OID 10g Import Sync From Novell eDirectory Fails On Entries Changed To Have "Secure Login" Type Objectclasses And Attributes Added In Edir. Sync Profile Trace File Error: Error LDAP_CREATECHG_EXCEPTION / Source ChangeRecord NULL
(Doc ID 1475542.1)
Last updated on FEBRUARY 26, 2019
Applies to:
Oracle Internet Directory - Version 10.1.4.0.1 to 10.1.4.3 [Release 10gR3]Information in this document applies to any platform.
Symptoms
Oracle Internet Directory (OID) 10g 10.1.4, integrated with Novell eDirectory via Directory Integration Platform (DIP) import synchronization.
After the eDirectory Administrator changed a user entry to what achieve what may be called a 'secure login', which created many new attributes and objectclasses, this eDir entry will no longer sync to OID, and further, while processing the change, the entry is completed removed / deleted from OID altogether.
All other entries that do not have this special set of attributes/objectclasses continue to work fine. Only the entries that are changed to have the many attributes/objectclasses for 'secure login' are affected.
Nothing meaninful is shown in the <eDirprofilename>.trc file; only the following is seen:
...<snip>...
Naming attribute value: objectclass
Total # of Mod Items : 2
Modified Entry Successfully : cn=regularUser1,ou=min,cn=users,dc=mycompany,dc=com
Only modifytimestamp of entry cn=regularUser1,ou=min,cn=users,dc=mycompany,dc=com is synchronized.
[mAvailableChangeNum] last change key = 20110909153419Z
Current modifytimestamp 20110909151834Z
extractDNcn=SecureLoginUser,ou=min,o=myou
Error LDAP_CREATECHG_EXCEPTION
Source ChangeRecord NULL
Current modifytimestamp 20110909152054Z
extractDNcn=regularUser2,ou=min,o=myou
ChangeRecord : ----------
...<snip>...
Please note that the entry in question is eDir entry "cn=SecureLoginUser,ou=min,o=myou."
The previous OID entry "cn=regularUser1,ou=min,cn=users,dc=mycompany,dc=com" sync's successfully, and so does the entry afterwards which is edir entry "cn=regularUser2,ou=min,o=myou."
A command line ldapsearch directly to eDir for the problem user works and retrieves the entry without problems. Also verified the eDir modifytimestamp value is set to greater than the last applied change number LACN in the profile after making a change.
Changes
The eDir entry was modified to have many objectclasses and attributes added for "secure login."
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
Symptoms |
Changes |
Cause |
Solution |
References |