My Oracle Support Banner

OUD11g/12c- Virtual Static Group Errors: Result=32 Message - Group Doesn't Exist (Doc ID 2400228.1)

Last updated on FEBRUARY 20, 2019

Applies to:

Oracle Unified Directory - Version 11.1.2.3.0 and later
Information in this document applies to any platform.

Symptoms

On : 12.2.1.3.0 version, Configuration

An entry is a member of a static virtual group in Suffix A and the same entry is also a member of dynamic group in suffix B.

When running ldapsearch for groups on suffix B for that member, OUD is looking for the static virtual group entry in suffix B backend.

In this case OUD throws "No Such Entry (32). "

ERROR
-----------------------

SEARCH conn=6256073 op=2 msgID=3 base="cn=dpool1,ou=memberPeople,o=example.com" scope=base filter="(|(objectclass=ePerson)(objectclass=Person))" attrs="objectClass"
SEARCH RES conn=6256073 op=2 msgID=3 result=0 nentries=1 etime=21
SEARCH conn=6256073 op=3 msgID=4 base="SECAUTHORITY=DEFAULT9" scope=sub filter="(|(member=cn=dpool,ou=memberPeople,o=example.com)(uniqueMember=cn=dpool,ou=memberPeople,o=example.com))" attrs="1.1"
SEARCH RES conn=6256073 op=3 msgID=4 result=32 message="The search base entry 'cn=mailoptin,ou=groups,o=example.com' does not exist" nentries=0 etime=3

Working isMemberOf Search example:

ldapsearch -p 2389 -D "cn=directory manager" -w <PASSWORD> -b o=example.com "cn=dpool" ismemberof

Successful Result:
dn: cn=dpool,ou=memberPeople,o=example.com
 ismemberof: cn=number1,ou=groups,o=example.com
 ismemberof: cn=number2,ou=groups,o=example.com
 ismemberof: cn=admins,cn=SecurityGroups,secAuthority=default9
 ismemberof: cn=number3,ou=groups,o=example.com
 ismemberof: cn=number4,ou=groups,o=example.com
 ismemberof: cn=mailoptin,ou=groups,o=example.com
 ismemberof: cn=number5,ou=groups,o=example.com
 ismemberof: cn=someMembers,ou=groups,o=example.com
 ismemberof: cn=someMembers2,ou=groups,o=example.com

Working o=example.com group search:

ldapsearch -p 2389 -D "cn=directory manager" -w <PASSWORD> -b "o=example.com" "(|(member=cn=dpool,ou=memberPeople,o=example.com)(uniqueMember=cn=dpool,ou=memberPeople,o=example.com))" dn

Successful Result:
dn: cn=someMembers,ou=groups,o=example.com
dn: cn=someMembers2,ou=groups,o=example.com
dn: cn=number5,ou=groups,o=example.com
dn: cn=mailoptin,ou=groups,o=example.com

 

Failing base DN secauthority=default9 search when member DN is under a different suffix (o=example.com) from the suffix that contains the group (secauthority=default9) with the member:

ldapsearch -p 2389 -D "cn=directory manager" -w <PASSWORD>  -b "secauthority=default9" "(|(member=cn=dpool,ou=memberPeople,o=example.com)(uniqueMember=cn=dpool,ou=memberPeople,o=example.com))" dn
SEARCH operation failed
Result Code: 32 (No Such Entry)
Additional Information: The search base entry 'cn=mailoptin,ou=groups,o=example.com' does not exist

Expected Result would return the DN of the group even though the suffix of that group differs from the suffix where the member entry exists:

dn: cn=admins,cn=SecurityGroups,secAuthority=default9

 

Changes

 

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Symptoms
Changes
Cause
Solution
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.