I am using ACF2 and CA-LDAP, when trying to connect to CA-LDAP from LDAP JXplorer browser, I am getting the message "unable to connect Invalid DN syntax (34)". What is causing this?

Document ID : KB000053754
Last Modified Date : 14/02/2018
Show Technical Document Details

Description

The Invalid DN syntax (34) means the LDAP server did not receive a full DN or that you did not specify a correct prefix, such as CN instead of UID, which results in the LDAP server not receiving a correct DN.

Solution

The CA-LDAP Server determines the user id to use by looking for cn= as the very first RDN in the DN. The Invalid DN syntax (34) message can occur if just the userid is entered in the "User DN" rather than cn=userid.

To address the problem be sure to specify cn=userid in the 'User DN' text box in JXPLORER screen.

Note: in place of "userid" substitute the desired userid.

Figure 1

Details on the the "USER DN" specification for the JXplorer browser can be found at the JXplorer website.

Details on CA-LDAP can be found in the CA LDAP Server for z/OS Administrator Guide