LDAP error 53: While LDAP Sync (Doc ID 1942865.1)

Last updated on OCTOBER 10, 2016

Applies to:

Identity Manager - Version 11.1.2.0.0 and later
Information in this document applies to any platform.

Symptoms

Configured LDAP Sync with OUD in OIM 11G R2 PS2 Environment and getting the LDAP error 53: in diagnostic log files after starting the server but still are able to create the users in oim.

On updating the changelog number to the current value [got by querying OUD] LDAPsync jobs run but subsequent runs fails with the error below. Changelog number doesn't get updated after the job completes.

Replication purge delay is set to 4days and 4hours

commands used:

#dsconfig -h localhost -p port -D "cn=directory manager" -w password -n get-replication-server-prop --provider-name"Multimaster Synchronisation"--advanced --property replication-purge-delay

 

# ldapsearch -h localhost -p port -D "cn=oudadmin" -w password -b "cn=changelog" -s sub "changenumber=*"

changlog number format used: dc=example,dc=com:<Last change number>

In general the ldap sync jobs finish in about 5mins or so and the job is set to run periodic every 10mins
ERROR
-----------------------
[LDAP: error code 53

javax.naming.OperationNotSupportedException: [LDAP: error code 53 - Full resync required. Reason: The provided cookie is older than the start of historical in the server for the replicated domain : dc=example,dc=com]; remaining name 'cn=Changelog'
  at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3140)
  at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3013)
  at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2820)
  at com.sun.jndi.ldap.LdapCtx.searchAux(LdapCtx.java:1829)
  at com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1752)





Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms