LDAP: error code 12 - Unavailable Critical Extension

Document ID : KB000055214
Last Modified Date : 14/02/2018
Show Technical Document Details


When executing the LDAP - Synchronize New and Changed Users job, it fails with the following error message.

          LDAPDirectoryService.importUsers():[LDAP: error code 12 - Unavailable Critical Extension]  



LDAP_UNAVAILABLE_CRITICAL_EXTENSION: Indicates that the LDAP server was unable to satisfy a request because one or more critical extensions were not available. Either the server does not support the control or the control is not appropriate for the operation type.

The CA PPM application LDAP code fetches the search results in "batches" (pagination). This allows us to get a large number of user set from the directory servers. In order to do this we do use some control extensions.

One way to instruct our code to not use this new "pagination" technique is to set the Batch Size parameter to 0. When it is set to 0 we do not perform any pagination and fetch the results in old fashioned way - all in one shot.

NOTE: Making this change may impact performance of the job
Log into CA PPM System Administration (CSA) application
Navigate to Properties, Security Tab
Set the Batch Size = 0
Stop and restart both the Application and Background Services 

Refer to the current CA PPM System Administration Guide, Manage Security Section for more details on integrating CA Clarity PPM with Lightweight Directory Access Propocol (LDAP) Servers.

Reference LDAP Configuration and Troubleshooting Guide