cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

LDAP ADS Initial Load fails.

Former Member

on ‎10-08-2011 12:21 AM

0 Kudos

Hi All.

After configure the Inital load for AD, errors like next attached were launched.

Failed getting member from CN=@Tuespacio_mexico,OU=Distribution,OU=AD_Groups - Exception:javaxnaming.OperationNotSupportedException: [LDAP: error code 12 - 00002040: SvcErr: DSID-031401E7, problem 5010 (UNAVAIL_EXTENSION), data 0

$glb.DEFAULT_PRIVILEGE could not be found! - Exception:java.lang.NullPointerException

ToIDStore.deleteEntryCustom got WARNING:Entry does not exist for entry: PRIV:GROUP:AD:CN=@TyP02,OU=Distribution,OU=Groups,OU=TyP,OU=Mexico,DC=mabenet,DC=corpmabe,DC=com!!Test, Ocs 3 (MEX, DTC, TI)

Failed storing GROUP:AD:CN=Exchange Organization Administrators,OU=Microsoft Exchange Security Groups,DC=mabenet,DC=corpmabe,DC=com!!Master Edison

Something like that

After the execution job with errors, a lot of privileges/AD Groups has been exported correctly into de IC under MX_PRVILEGE.

So, how could I fix the perior errors or which are the reason associated?.

Best Regards.

Andrés.

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (2)

Answers (2)

Former Member
‎10-11-2011 1:24 AM
0 Kudos

Hi Martin.

Thanks for your response, after your recommendation i was created the DEFAULT_VALUE as global variable, global constant, and like an attribute in the Identity store for entry types (privilege, group, role) but the same symphtom persist.

$glb.DEFAULT_PRIVILEGE could not be found! - Exception:java.lang.NullPointerException

the other two errors too.

Let me know your comments about.

Best Regards.

Andrés.

Show replies
Show replies
mvoros
Active Contributor
‎10-10-2011 3:14 AM
0 Kudos

Hi,

> $glb.DEFAULT_PRIVILEGE could not be found! - Exception:java.lang.NullPointerException

IdM is trying to read value of global variable DEFAULT_PRIVILIGE but it does not exist. Just check in Identity Center if it's defined.

ToIDStore.deleteEntryCustom got WARNING:Entry does not exist for entry: PRIV:GROUP:AD:CN=@TyP02,OU=Distribution,OU=Groups,OU=TyP,OU=Mexico,DC=mabenet,DC=corpmabe,DC=com!!Test, Ocs 3 (MEX, DTC, TI)

This one is just saying that IdM tried to delete an object which does not exist in LDAP. Not sure why. 

Failed getting member from CN=@Tuespacio_mexico,OU=Distribution,OU=AD_Groups - Exception:javaxnaming.OperationNotSupportedException: [LDAP: error code 12 - 00002040: SvcErr: DSID-031401E7, problem 5010 (UNAVAIL_EXTENSION), data 0

For this LDAP error you can check http://support.microsoft.com/kb/842637. If that article is right than it seems to be an issue with provisioning framework.

Cheers

Show replies
Show replies
Former Member
‎08-23-2012 9:59 AM
0 Kudos

Hi,

i'm using idm 7.2 and i am connected to a windows server AD 2008. I got the same ldap error code 12 when reading the groups (only on 6 out of 3100), using the standard initial load.

Did you find out if it really was an issue with the provisioning framework or is there some parameter to configure on the AD to make it work without errors?

Thank you,

BR,

Clotilde

former_member259565
Member
‎08-23-2012 11:57 AM
0 Kudos

Hi Clothilde,

could you please check how many members those ADS groups have? Maybe it is an issue that the member list is to big for a used extension.

BR,

Marc

Former Member
‎08-23-2012 1:28 PM
0 Kudos

Hi Marc,

I checked and they have respectively 2323, 2294,1643, 2291, 2365 and 2307 members.

Do you know if there is a known limitation?

What do you mean by used extension?

Finally, do you know how to fix this problem?

Cheers,

Clotilde

Former Member
‎12-09-2013 1:00 PM
0 Kudos

Hi all,

I don't whether one the guys asked for help still have that problem or find a way round.

My Way round is the following:

In the SourceTab, where you fill in the LDAP-Connetion-URL, think about the attributes you need within your ID-Management-Installation. Only these attributes should be in the field "Return Attributes".

If you recognize this, may be you won't have the problem anymore.

Kind regards,

Achim Heinekamp

Ask a Question