User Creation Fails On OAM-OVD-AD LDAP Error 1 : Could not complete mapping
(Doc ID 745257.1)
Last updated on JANUARY 31, 2022
Applies to:
COREid Identity - Version 10.1.4.1 and laterOracle Virtual Directory - Version 10.1.4.2 and later
Information in this document applies to any platform.
Symptoms
-- Problem Statement:
USER CREATION FAILS ON THE OAM IDENTITY SYSTEM.
A) Creating users in OAM User Manager fails at Initiate workflow step. OAM is configured with OVD as
ldap server for user data. The OVD-AD SSL adapter is connecting to a 2-node replicated AD
environment.
B) OVD log shows that immediately after the ldap_add operation, which does not return an error, OVD
issues a search for the same user and fails to find the entry, logging error:
javax.naming.NameNotFoundException: [LDAP: error code 32 - 0000208D: NameErr: DSID-031001CD, problem 2001 (NO_OBJECT), data 0, best match of:
'OU=Users,OU=<OU>,DC=<COMPANY>,DC=com'
C) Also in OVD is error like :
[2008-10-06 16:31:25,296] DEBUG - ConnectionHandle: Search - Credentials: cn=<USERNAME> - BindDN: cn=<USERNAME> [WorkThread# 32]
[2008-10-06 16:31:25,296] WARN - ConnectionHandle: Error from search [WorkThread# 32]
[2008-10-06 16:31:25,312] ERROR - Mapper: Error executing <filename>_Mapping in
Get operation at line 241 : best match of:
- 'OU=Users,OU=<OU>,DC=<COMPANY>,DC=com'
- there is no line 241 of
D) OAM show the following error:
id_oblog.log --- Identity Server trace oblog
-----------------
2008/10/17@10:25:35.695205 1825 393240 LDAP TRACE 0x00000205 ../ldap_util3.cpp:1342
"Function called" _CallName^ldap_add_ext _CallAddress^0x080E2224 ld^0x097A5518
dn^cn=<USERNAME>,OU=Users,OU=<OU>,DC=<COMPANY>,DC=com attrs^0x0A284F20
2008/10/17@10:25:35.695277 1825 393240 LDAP TRACE 0x00000206 ../ldap_util3.cpp:1352
"Function returned" _CallName^obldap_add_ext _CallAddress^0x080E2224 _CallDuration^0.000082
retCode^0
2008/10/17@10:25:35.695302 1825 393240 DB_RUNTIME TRACE 0x00000204 ../ldap_util3.cpp:1353
"Function exited" _TraceName^LDAPAddExt _TraceDuration^0.000114 return msgID^25
2008/10/17@10:25:35.718184 1825 393240 LDAP DEBUG 0x00000201 ../ldap_util3.cpp:2289
"ldap_parse_result of Add operation" ld handle^0x097A5518 result^0x0A286858 add
entry^cn=<USERNAME>,OU=Users,OU=<OU>,DC=<COMPANY>,DC=com LDAP add operation status code^32
Additional error message^LDAP Error 32 : Could not rollback add : LDAP Error 32 : [LDAP: error
code 32 - 0000208D: NameErr: DSID-031001CD, problem 2001 (NO_OBJECT), data 0, best match
of: 'cn=<USERNAME>,OU=Users,OU=<OU>,DC=<COMPANY>,DC=com' freeit^0 parse_rc^0
E) From an OAM perspective, the ldap_add operation i.e. Step 1 'Initiate' of the workflow is
failing with LDAP Error 32 'No Such Object'. This is because OVD is returning LDAP eror 32.
F) Sometimes the users are created (but disabled from an OAM perspective
since OAM never reaches the 'Activate step of the workflow), but sometimes they are not even
created i.e. users can't be found in AD.
Changes
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
| Symptoms |
| Changes |
| Cause |
| Solution |