LDAP Sync Incremental Reconciliation Fails With Cookie Expired Error After Changelog Purge In OUD
Last updated on APRIL 03, 2017
Applies to:Identity Manager - Version 18.104.22.168.1 and later
Oracle Unified Directory - Version 22.214.171.124.0 and later
Information in this document applies to any platform.
Have OIM-OAM-OUD integratedand the LDAP User Create and Update Reconciliation and LDAP User Delete Reconciliation job scheduled to run every 5 minutes.
The job runs successfully for a while after it is scheduled. What we've noticed is after OUD purges the changelog on its side (the duration is set by the value replication-purge-delay), then the aforementioned OIM scheduled tasks fail. The error we see is:
java.lang.Exception: Full resync required. Reason: The provided cookie is older than the start of historical in the server for the replicated domain : cn=oraclecontext
As a workaround, we have to then manually copy the latest lastExternalChangelogCookie from OUD and replace it on the OIM side (on the LDAP Sync jobs). After that when we run the job, it starts to work again. The workaround is not feasible in the long term.
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms