cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Repository sync job is failing for LDAP connector in GRC10

Former Member

on ‎03-06-2014 5:36 AM

0 Kudos

Hi,

We are on SP11 and completed all the LDAP configuration set up as per the guidelines.

And able to fetch the users for LDAP connector using LDAP tcode but we are not able to fetch the records when we run repository sync since job got failed.See the logs in the below attachment. our LDAP name and server name is the same.

Kindly suggest me what is missing.

Thanks in advance.

Regards,

Sushma

Show replies
Show replies
Answer

Accepted Solutions (0)

Answers (3)

Answers (3)

Former Member
‎10-09-2014 9:58 AM
0 Kudos

Hi Sushma,

have you solved this issue?

Now I am facing exactly same problem as you described.

Thanks for answer & regards

Igor

Show replies
Show replies
AndrzejP
Active Participant
‎03-06-2014 12:16 PM
0 Kudos

Hi Sushma,

we had similar problem and we have find out that the problem was caused by privileges for system user in LDAP. You could try to check with your LDAP team if system user in LDAP has all required (list/display) privileges for base entry, as well as for OUs below.

Regards, Andrzej

Show replies
Show replies
Former Member
‎03-06-2014 12:51 PM
0 Kudos

Hi Andrzej,

Thanks for your reply.I am checking with my LDAP team.

Former Member
‎03-12-2014 11:39 AM
0 Kudos

Hi Prasant,

what if we use other options(not basis entry only) for search depth in LDAP.

Please let me know that  this filter criteria are we using in GRC code level..

Regards,

Sushma M

former_member193066
Active Contributor
‎03-06-2014 10:57 AM
0 Kudos

go to SE38,

run program for ldap user sync.

its like RSuserdync or somehting.

dont need to run repository user sync for LDAP.

Regards,

Prasant

Show replies
Show replies
Former Member
‎03-06-2014 11:25 AM
0 Kudos

Hi Prasant,

I also run user program for user sync in SE38 but no luck.

It is showing count as 0.

Regards,

Sushma M

former_member193066
Active Contributor
‎03-06-2014 11:29 AM
0 Kudos

ok,

seems your ldap mapping is incorrect.

can u post screen shot of you mapping.

Regards,

Prasant

Former Member
‎03-06-2014 11:35 AM
0 Kudos

Hi Prasant,

Please find the snapshot below

filed mapping

parameter mapping:

Regards,

Sushma

Former Member
‎03-06-2014 11:36 AM
0 Kudos

Seems to be filed mapping screen is missed..Plz find here.

former_member193066
Active Contributor
‎03-06-2014 11:44 AM
0 Kudos

User id is SAMACCOUNTNAME          

Former Member
‎03-06-2014 11:49 AM
0 Kudos

Uid,CN  are the fields for userid in our LDAP system

former_member193066
Active Contributor
‎03-06-2014 11:50 AM
0 Kudos

please maintain SAMACCOUNTNAME 

user credential are stored in Security account manager in AD(called as SAM)

Prasant

Former Member
‎03-06-2014 11:57 AM
0 Kudos

Yes Maintained still no luck

former_member193066
Active Contributor
‎03-06-2014 11:59 AM
0 Kudos

ok

g to LDAP. check for base entry it might be wrong then

Regards,

Prasant

Former Member
‎03-06-2014 12:03 PM
0 Kudos

We won't be able to fetch the records if base entry is incorrect..Right?

Am able to see the records of LDAP users using LDAP tcode.

former_member193066
Active Contributor
‎03-06-2014 12:04 PM
0 Kudos

please paste screen shot . of that.

can you go to access request search for user see if you are able to search user from ldap

regards,

Prasant

Former Member
‎03-06-2014 12:14 PM
0 Kudos

am unable to search with SAMACCOUNTNAME as object but am able to fetch with CN.

Am not able to search the users in the Access request form

Former Member
‎03-06-2014 12:14 PM
0 Kudos

former_member193066
Active Contributor
‎03-06-2014 12:45 PM
0 Kudos

select base entry only.

Regards,

Prasant

Former Member
‎03-06-2014 12:51 PM
0 Kudos

If i select base entry only then am getting an error message as operation is failed.

Given filter field value as (&(objectclass=*)(CN=SMU164))..is this Correct?

former_member193066
Active Contributor
‎03-06-2014 1:53 PM
0 Kudos

its failing that why entry is 0.

check with LDAP team. user will be service user.

2nd get the base entry from them as well .

this will fix your problem.

Prasant

former_member193066
Active Contributor
‎03-07-2014 9:14 AM
0 Kudos

parameter value will never be *

Former Member
‎03-11-2014 2:38 PM
0 Kudos

Hi Prasant,

Why do we need to basie entry only option for search depth option in LDAP?

Because we are able to fetch the records from LDAP with Basis entry and all levels below option in LDAP but not able to see any records with Basis entry only option.

Kindly let us know what is the main difference with these two options.

Thanks in advance.

Regards,

Sushma M

Ask a Question