LDAP Sync Incremental Reconciliation Fails With Cookie Expired Error After Changelog Purge In OUD

(Doc ID 1939224.1)

Last updated on APRIL 03, 2017

Applies to:

Identity Manager - Version and later
Oracle Unified Directory - Version and later
Information in this document applies to any platform.


Have OIM-OAM-OUD integratedand the LDAP User Create and Update Reconciliation and LDAP User Delete Reconciliation job scheduled to run every 5 minutes.

The job runs successfully for a while after it is scheduled. What we've noticed is after OUD purges the changelog on its side (the duration is set by the value replication-purge-delay), then the aforementioned OIM scheduled tasks fail. The error we see is:

java.lang.Exception: Full resync required. Reason: The provided cookie is older than the start of historical in the server for the replicated domain : cn=oraclecontext

As a workaround, we have to then manually copy the latest lastExternalChangelogCookie from OUD and replace it on the OIM side (on the LDAP Sync jobs). After that when we run the job, it starts to work again.      The workaround is not feasible in the long term.


Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms