on 01-16-2009 4:49 PM
Hi everyone, we have just done a 5.2 to 5.3 upgrade in a sandbox environment and are having issues with our LDAP connection it seems. On the create request screen we search for users in our corporate LDAP (MS ADS). After the upgrade the search is returning no records for any type of search criteria we try. We've validated our AD connector configuration and it tests out successfully. Below are the results from the system log for this error. Any help is greatly appreciated.
Thanks,
Ryan
-
2009-01-16 08:33:32,550 [SAPEngine_Application_Thread[impl:3]_37] ERROR Error in Searching Users...
com.virsa.ae.core.BOException: Error in Searching Users...
at com.virsa.ae.search.bo.SearchUserBO.findUsers(SearchUserBO.java:125)
at com.virsa.ae.search.actions.SearchUserAction.searchUsers(SearchUserAction.java:2305)
at com.virsa.ae.search.actions.SearchUserAction.execute(SearchUserAction.java:248)
at com.virsa.ae.commons.utils.framework.NavigationEngine.execute(NavigationEngine.java:271)
at com.virsa.ae.commons.utils.framework.servlet.AEFrameworkServlet.service(AEFrameworkServlet.java:425)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.runServlet(HttpHandlerImpl.java:401)
at com.sap.engine.services.servlets_jsp.server.HttpHandlerImpl.handleRequest(HttpHandlerImpl.java:266)
at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:386)
at com.sap.engine.services.httpserver.server.RequestAnalizer.startServlet(RequestAnalizer.java:364)
at com.sap.engine.services.httpserver.server.RequestAnalizer.invokeWebContainer(RequestAnalizer.java:1039)
at com.sap.engine.services.httpserver.server.RequestAnalizer.handle(RequestAnalizer.java:265)
at com.sap.engine.services.httpserver.server.Client.handle(Client.java:95)
at com.sap.engine.services.httpserver.server.Processor.request(Processor.java:175)
at com.sap.engine.core.service630.context.cluster.session.ApplicationSessionMessageListener.process(ApplicationSessionMessageListener.java:33)
at com.sap.engine.core.cluster.impl6.session.MessageRunner.run(MessageRunner.java:41)
at com.sap.engine.core.thread.impl3.ActionObject.run(ActionObject.java:37)
at java.security.AccessController.doPrivileged(Native Method)
at com.sap.engine.core.thread.impl3.SingleThread.execute(SingleThread.java:102)
at com.sap.engine.core.thread.impl3.SingleThread.run(SingleThread.java:172)
One gotcha I found was that when I created the LDAP connector, I entered in the group field where our groups are in LDAP, as well as putting the DC= entries in the user field. This group field is no longer used, and the user field just needs to have the OU instead of the DC= entries (e.g. OU=users instead of OU=users,DC=domain,DC=com).
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Bingo! William's recommendation regarding the DC= entries in the connector configuration resolved our issue. I removed the DC= entries leaving just the OU and the search functionality is now working.
Thanks everyone for the quick responses!
Cheers,
Ryan
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Ryan,
Are you sure LDAP was working before the upgrade? If yes, did anyone make changes to LDAP mapping, user source or LDAP connector configuration after upgrade?
I have done couple of upgrades and I have not seen this issue. Do you have AE 5.2 screenshots of all the above configuration? If yes then compare them with the configuration you have right now and check for any discrepancies.
Regards,
Alpesh
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Hi Ryan,
have you checked the field mapping for the LDAP connector? Also the settings in the user data source?
Please check the latest version of the AC 5.3 config guide and also the guide attached to SAP note 1282351.
Hope this helps,
Frank
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.