Error 'method (got_dap_domset): Unknown error' with LDAP auto creation and ldap_sync when using Service Desk LDAP integration with Novell eDirectory 8.7.3.

Document ID : KB000004056
Last Modified Date : 14/02/2018
Show Technical Document Details
Issue:

Having configured Service Desk to integrate with Novell eDirectory 8.7.3 and confirmed that ldap_test returns user information successfully, ldap_sync fails with the following error message:

 

Method 'got_ldap_domset' in Contact_Object failed (Unknown error)

 

 

The first attempt to log in to Service Desk by a valid eDirectory user, which should cause a new Contact record to be created, may fail with the following message:

 

 

AHD04013: Internal error in method (got_dap_domset): Unknown error

Environment:
This document may apply to earlier releases of Novell eDirectory.
Cause:

An ldap.mod file needs to be created to allow Service Desk to map Contact table attributes to specific eDirectory attributes.

The mapping is required for the following fields:

first_name
last_name
userid

By default the ldap.maj file has multiple attributes mapped possible LDAP server attributes as follows:

OBJECT ldap LDAP {

ATTRIBUTES LDAP_Entry{

   id              distinguishedName            STRING 512;

        last_name       sn,pzLastName                STRING ;

        first_name      givenName,pzFirstName        STRING ;

        middle_name     initials,pzMiddleName        STRING ;

        userid          uid,sAMAccountName,pzUserName STRING ;

        phone_number    telephoneNumber,pzWorkPhoneNumber STRING ;

        alt_phone       mobile,pzMobilePhoneNumber   STRING ;

        dept            department,pzDepartment      STRING ;

        fax_phone       facsimileTelephoneNumber,pzFaxPhoneNumber STRING ;

        beeper_phone    pager                        STRING ;

        email_address   mail,pzEmailAddress          STRING ;

        address1        streetAddress,pzAddress      STRING ;

        city            l,pzCity                     STRING ;

        ldap_state      st,pzState                   STRING ;

        zip             postalCode,pzPostalCode      STRING ;

        country         c,pzCountry                  STRING ;

      ldap_org        o                            STRING ;

        memberOf        memberOf                     STRING ;

        ldap_dn         ldap_dn                      STRING ;

        access_type     LOCAL INTEGER {ATTR_INIT get_ldap_access_type @"@|BOP-LOGIN|validate_user"(id) 50;};

    } ;

    FACTORY {

        STANDARD_LISTS {

            SORT_BY  userid;

            MLIST OFF ;

            RLIST OFF ;

        };

        REL_ATTR  id;

        COMMON_NAME userid ;

        FUNCTION_GROUP "inventory" ;

    } ;

    METHODS {

        make_from_ldap( object, object|nil, uuid );

 get_val_srel( ... );

    } ;
} ;

Resolution:

In order to have the correct mappings between Service Desk and eDirectory an ldap.mod file is required. The file is created as follows:

  1. Navigate to $NX_ROOT/site/mods/majic
  2. Create a file called ldap.mod in this directory
  3. Enter the following lines into the file and save it:
    MODIFY ldap last_name sn ;
    MODIFY ldap first_name givenName ;
    MODIFY ldap userid uid ;
    Note : Make sure that you enter a carriage return after the last line
  4. Recycle Service Desk to make the above affective

Ldap_sync and the auto creation of eDirectory users will then be successful.