OUD - When Trying to Create and Modify Users Import Fails with "ERROR: OBJECTCLASS_VIOLATION LDAP ERROR_65"
(Doc ID 2362051.1)
Last updated on DECEMBER 15, 2022
Applies to:
Oracle Unified Directory - Version 11.1.2.2.3 and laterInformation in this document applies to any platform.
Symptoms
OUD Server 11.1.2.2.3.
There is required to sync users from one OUD environment to another OUD environment.
Users exported in LDIF format and imported in the target OUD server.
After import operation ldap operations as adding and modifications are not working fine and next message error is reported:
ERROR: OBJECTCLASS_VIOLATION LDAP ERROR_65
Changes
Trying to fix the issue next steps were performed:
- 10M records in a node - "cn=people,dc=<SUFFIX NAME>"
- These entries were being deleted using ldapdelete which was taking lot of time. The command was running for more than 24 hrs.
- The purpose of deleting the records was to refresh the entries from production to new production server that are being setup.
Next sample was provided to delete all entries and suffix. In the delete operation (step 2) is where it took more then 24 hours to finish. Provided just like a sample:
- Getting suffix information using ldapsearch
$ ./ldapsearch -T -h <HOSTNAME> -p <LDAP_PORT> -D "cn=<DS_ADMIN>" -w <PASSWORD> -b ou=people,dc=<SUFFIX_DN> -s base objectclass=*
dn: ou=People,dc=<SUFFIX_DN>
ou: People
objectClass: organizationalunit
objectClass: top
- Deleting all the entries including suffix
./ldapdelete -h <HOSTNAME> -p <LDAP_PORT> -D "cn=<DS_ADMIN>" -w <PASSWORD> -x ou=People,dc=<SUFFIX_DN>
$ ./ldapdelete -h <HOSTNAME> -p <LDAP_PORT> -D "cn=<DS_ADMIN>" -w <PASSWORD> -x ou=People,dc=<SUFFIX_DN>
Processing DELETE request for ou=People,dc=<SUFFIX_DN>
DELETE operation successful for DN ou=People,dc=<SUFFIX_DN>
- Validating deletion was successful
$ ./ldapsearch -T -h <HOSTNAME> -p <LDAP_PORT> -D "cn=<DS_ADMIN>" -w <PASSWORD> -b ou=people,dc=<SUFFIX_DN> -s base objectclass=*
SEARCH operation failed
Result Code: 32 (No Such Entry)
Additional Information: The search base entry 'ou=people,dc=<SUFFIX_DN>' does not exist
Matched DN: dc=<SUFFIX_DN>
- Adding the suffix back using ldapmodify
$ ./ldapmodify -h <HOSTNAME> -p <LDAP_PORT> -D "cn=<DS_ADMIN>" -w <PASSWORD>
dn: ou=People,dc=<SUFFIX_DN>
changetype: add
ou: People
objectClass: organizationalunit
objectClass: top
Processing ADD request for ou=People,dc=<SUFFIX_DN>
ADD operation successful for DN ou=People,dc=<SUFFIX_DN>
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
| Symptoms |
| Changes |
| Cause |
| Solution |