Receiving LDAP Error Code 17 in logs

Document ID : KB000038951
Last Modified Date : 14/02/2018
Show Technical Document Details

Question:

 An "LDAP Error 17" appears after adding attributes to our directory.xml. How to correctly add custom user attribute to our directories?

Answer:

This is an issue with attributes not being added correctly in the schema. Even though it is being correctly added in the directory.xml. An additional change needs to be made. This is done from this folder location: <CA Directory Home>/dxserver/config/schema. In there, locate the schema file you are using and add your attribute in there using the "Example Format". Default out of the box file is "x500". Recommended action is to not edit the "x500" and add your own file. You can set the attribute in the DXHOME/config/servers/<dsaname>.dxi. This would only only to this DSA while editting it in x500 will apply to all DSAs. Once this change is made, please restart your DSA to apply changes.

 

Example Format:

 

set attribute attributeType:0 = {

        name = commonName

ldap-names = cn

        syntax = caseIgnoreString

};