Some Changes Ignored Synchronizing ODSEE with OID 11g - No Errors (Doc ID 2073289.1)

Last updated on FEBRUARY 11, 2019

Applies to:

Symptoms

Not all changes syncing when modifying user on source.


OID 11g
Syncing ODSEE to OID
Modify multiple attributes plus adding an objectclass results occur where not all modifications are syncing to OID.

Example testcase:

ODSEE to OID
orclodipattributemappingrules=DomainRules
ou=people,dc=<COMPANY NAME>,dc=net:cn=<ODSEE CONTAINER>,cn=users,dc=<COMPANY NAME>,dc=com:
DomainExclusionList

###
AttributeRules
description:::account:description::account:
c:: :country:c: :country:
dc:: :domain:dc: :domain:
member:: :groupofnames:member: :groupofnames:
cn:: :groupofnames:cn: :groupofnames:
uniquemember:: :groupofuniquenames:uniquemember: :groupofuniquenames:
cn:: :groupofuniquenames:cn: :groupofuniquenames:
cn:: :groupofuniquenames:displayname: :orclgroup:
owner:: :groupofuniquenames:owner: :groupofuniquenames:
uid:: :inetorgperson: orclisvisible: :orcluserv2:"true"
mail:: :inetorgperson: mail: :inetorgperson:
uid:: :inetorgperson: uid: :inetorgperson:
employeenumber:: :inetorgperson: employeenumber: :inetorgperson:
o:: :organization: o: :organization:
telephonenumber:: :organizationalperson: telephonenumber:
:organizationalperson:
l:: :organizationalperson: l: :organizationalperson:
ou:: :organizationalunit: ou: : organizationalunit:
sn:: :person:sn: :person:
@ userpassword:: :person: userpassword: :person:
cn:: :person:cn: :person:
targetdn:: :top:krbprincipalname: :orcluserv2:
targetdn:: :top:orclsourceobjectdn: :orclsunoneobject:
AttributeExclusionList

1- create user in ODSEE
 ldapsearch -h <ODSEE HOSTNAME> -p <PORT# -D "cn=directory manager" -w <PASSWORD> -b "uid=<UID>,ou=<ORG_UNIT>,ou=People,dc=<COMPANY NAME>,dc=net" -s sub "objectclass=*"
uid=<UID>,ou=<ORG_UNIT>,ou=People,dc=<COMPANY NAME>,dc=net
objectClass=person
objectClass=organizationalPerson
objectClass=inetOrgPerson
objectClass=top
givenName=<GIVEN NAME>
sn=<SUR NAME>
cn=<COMMON NAME>
uid=<UID>

2- Search for user  in OID
 ldapsearch -h <OID HOSTNAME -p <PORT#> -D "cn=orcladmin" -w<PASSWORD> -b "uid=<UID>,ou=<ORG_UNIT>,cn=<ODSEE CONTAINER>,cn=users,dc=<COMPANY NAME>,dc=com" -s sub "objectclass=*"
uid=<UID>,ou=<ORG_UNIT>,cn=<ODSEE CONTAINER>,cn=users,dc=<COMPANY NAME>,dc=com
orclsourceobjectdn=uid=<UID>,ou=<ORG_UNIT>,ou=People,dc=<COMPANY NAME>,dc=net
objectClass=person
objectClass=organizationalPerson
objectClass=inetOrgPerson
objectClass=top
givenName=<GIVEN NAME>
sn=<SUR NAME>
cn=<COMMON NAME>
uid=<UID>

3. Modify user  using the following ldif file:
dn: uid=<UID>,ou=<ORG_UNIT>,ou=People,dc=<COMPANY NAME>,dc=net
changetype: modify
add: mail
mail: <EMAIL ADDRESS>
-
add: objectclass
objectclass: account
-
add: uid
uid: <NEW UID>
-
add: description
description: <DESC OF USER>

4. search ODSEE
ldapsearch -h <OID HOSTNAME -p <PORT#> -D "cn=orcladmin" -w<PASSWORD> -b "uid=<UID>,ou=<ORG_UNIT>,cn=<ODSEE CONTAINER>,cn=users,dc=<COMPANY NAME>,dc=net" -s sub "objectclass=*"
uid=<UID>,ou=<ORG_UNIT>,cn=<ODSEE CONTAINER>,cn=users,dc=<COMPANY NAME>,dc=net
description=<DESC OF USER>
mail=<EMAIL ADDRESS>
objectClass=person
objectClass=organizationalPerson
objectClass=inetOrgPerson
objectClass=top
objectClass=account
uid=<NEW UID>

givenName=<GIVEN NAME>
sn=<SUR NAME>
cn=<COMMON NAME>
uid=<UID>

5. Search OID again  --- OBJECTCLASS account was added AND description was added  BUT  Mail was not. (nor was the additional UID value)

ldapsearch -h <OID HOSTNAME -p <PORT#> -D "cn=orcladmin" -w<PASSWORD> -b "uid=<UID>,ou=<ORG_UNIT>,cn=<ODSEE CONTAINER>,cn=users,dc=<COMPANY NAME>,dc=com" -s sub "objectclass=*"

uid=<UID>,ou=<ORG_UNIT>,cn=<ODSEE CONTAINER>,cn=users,dc=<COMPANY NAME>,dc=com
orclsourceobjectdn=uid=<UID>,ou=<ORG_UNIT>,ou=People,dc=<COMPANY NAME>,dc=net
objectClass=person
objectClass=organizationalPerson
objectClass=inetOrgPerson
objectClass=top
givenName=<GIVEN NAME>
sn=<SUR NAME>
cn=<COMMON NAME>
uid=<UID>
description=<DESC OF USER>
objectclass=orclsunoneobject
objectclass=orcluserv2
objectclass=person
objectclass=inetorgperson
objectclass=top
objectclass=organizationalPerson
objectclass=account

Cause

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.