LDAP errors on IM and SSO Integration

Document ID : KB000111769
Last Modified Date : 21/08/2018
Show Technical Document Details
Issue:
We are working to Integrate the Virtual Appliance Identity Manager with Single Sign On. When we delete the directories and environment and start the application server we notice that it's failing to create the directories with the following errors. 

2018-08-17 18:49:26,676 INFO  [ims.Main] (MSC service thread 1-4) * Deploying Directory : UserStore
2018-08-17 18:49:27,371 ERROR [ims.tasktrack.LLSDK] (MSC service thread 1-4) SmApiException: retCode is [facility=4 severity=3 reason=0 status=2 message=SmImsCommand (createImsDirectory) Provider call failed
Error Code was: -2147418012
Error Message: Unknown Failure ID:4] apiObj tried to tunnel the following:   {}

In the SMPS log we see this error:
[08/17/2018][20:12:02.055][20:12:02][10209][140106094589696][SmObjLDAP_IMSDirectory6.cpp:898][][][][][][][][][][][][][][][][][][][][][][LogMessage:ERROR:[sm-log-00000] LDAP error code '34' Message 'Invalid DN syntax'] 
Invalid DN syntax. 
Environment:
Identity Suite Virtual Appliance
Identity Manager (IM)
Single Sign on (SSO)
Resolution:
On creation of the directories and you see the error "LDAP error code '34' Message 'Invalid DN syntax'] Invalid DN syntax." it's most likely due to the LDAP Schema on SSO not being extended. This can vary depending on which type of LDAP is being used as the Policy Store. For CA Directory Please make sure to extend the schema and try again. To extend the Schema please follow our documentation

https://docops.ca.com/ca-identity-manager/14-1/EN/configuring/ca-single-sign-on-integration/integrate-ca-single-sign-on-with-ca-identity-manager/configure-the-ca-sso-policy-store#ConfiguretheCASSOPolicyStore-CADirectoryServer