My Oracle Support Banner

Active Directory (AD) Synchronization to OID 10g Via SSL Mode Fails: DIP_GEN_CONNECTION_FAILURE (Doc ID 300756.1)

Last updated on MARCH 08, 2017

Applies to:

Oracle Internet Directory - Version 10.1.2.0.2 to 10.1.4.3 [Release 10gR2 to 10gR3]
Information in this document applies to any platform.

Symptoms

Configuring OID to AD sync via SSL fails.

ActiveChgImp.trc file shows error:

LDAP URL : (< AD Host : SSLPort > cn=ADadmin,cn=users,dc=mycompany,dc=com
Connecting in SSL
Updated Attributes
orclodipLastExecutionTime: 20050225133619
orclOdipSynchronizationStatus: Mapping Failure, Agent Execution Not Attempted
orclOdipSynchronizationErrors: LDAP Connection Failure
Error in proxy connection : java.lang.NullPointerException
java.lang.NullPointerException
at oracle.ldap.odip.engine.AgentThread.updateExecStatus(AgentThread.java:487)
at oracle.ldap.odip.engine.AgentThread.run(AgentThread.java:192)
LDAP CommuncationException javax.naming.CommunicationException: < AD Host : SSLPort > [Root exception is javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: No trusted
certificate found] < AD Host : SSLPort >
ActiveChgImp:Error in Mapping EngineODIException: DIP_GEN_CONNECTION_FAILURE
ODIException: DIP_GEN_CONNECTION_FAILURE
at oracle.ldap.odip.gsi.LDAPConnector.connectLdap(LDAPConnector.java:249)
at oracle.ldap.odip.gsi.ActiveChgReader.initialise(ActiveChgReader.java:184)
at oracle.ldap.odip.engine.AgentThread.mapInitialise(AgentThread.java:327)
at oracle.ldap.odip.engine.AgentThread.execMapping(AgentThread.java:253)
at oracle.ldap.odip.engine.AgentThread.run(AgentThread.java:149)


Active Directory server is only listening on SSL.

Ldapbinds from OID to AD work via SSL mode 2:

> ldapbind -h <ADHost> -p <AD SSL Port> -D <ADadmin@domain> -w <ADadminPassword> -P <WalletPassword> -W file:/etc/ORACLE/WALLETS/oracle/ -U 2
> bind successful



Another variation on the error may be as follows:

Trace Log Started at Wed Apr 13 07:21:44 EDT 2005
Request: 1 cancelled
ActiveChgImp:Error in Mapping EngineODIException: DIP_GEN_CONNECTION_FAILURE
ODIException: DIP_GEN_CONNECTION_FAILURE
at oracle.ldap.odip.gsi.LDAPConnector.connectLdap(LDAPConnector.java:249)
at oracle.ldap.odip.gsi.ActiveChgReader.initialise(ActiveChgReader.java:190)
at oracle.ldap.odip.engine.AgentThread.mapInitialise(AgentThread.java:335)
at oracle.ldap.odip.engine.AgentThread.execMapping(AgentThread.java:261)
at oracle.ldap.odip.engine.AgentThread.run(AgentThread.java:155)
ActiveChgImp:about to Update exec status
Error in proxy connection : java.lang.NullPointerException
java.lang.NullPointerException
at oracle.ldap.odip.engine.AgentThread.updateExecStatus(AgentThread.java:500)
at oracle.ldap.odip.engine.AgentThread.execMapping(AgentThread.java:278)
at oracle.ldap.odip.engine.AgentThread.run(AgentThread.java:155)
Updated Attributes
orclodipLastExecutionTime: 20050413072224
orclOdipSynchronizationStatus: Mapping Failure, Agent Execution Not Attempted
orclOdipSynchronizationErrors: LDAP Connection Failure
Sleeping for 1secs
Request: 1 cancelled

Changes

 

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Symptoms
Changes
Cause
Solution
References

This document is being delivered to you via Oracle Support's Rapid Visibility (RaV) process and therefore has not been subject to an independent technical review.
My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.