Synchronization fails if User Group/User is located in more than one level within the current Organization Unit

Document ID : KB000087996
Last Modified Date : 14/04/2018
Show Technical Document Details
Issue:
Error Message :
ERROR Could not able to get data from ldap server, this ldap connection may not have authorization on target BaseDn

Synchronization fails if the User Groups or Users are located more than one level down inside the current Organization Unit (OU) of the base DN (Distinguished Name).
 
If the OU parent contains OU children but does not contain any Common names (CN), you will see error messages similar to those below.


2016-10-10 10:44:47.631 [main] c.a.s.l.l.LDAPService                    DEBUG  Error when searching BaseDN
org.apache.directory.api.ldap.model.exception.LdapInvalidDnException: ERR_04195 Unexpected character '*' at position 0. Excpected start of attributeType.
        at org.apache.directory.api.ldap.model.name.FastDnParser.matchAttributeType(FastDnParser.java:286) ~[ldap-sync-1.0.4.jar:1.0.4]
        at org.apache.directory.api.ldap.model.name.FastDnParser.parseRdnInternal(FastDnParser.java:149) ~[ldap-sync-1.0.4.jar:1.0.4]
        at org.apache.directory.api.ldap.model.name.FastDnParser.parseDn(FastDnParser.java:90) ~[ldap-sync-1.0.4.jar:1.0.4]
        at org.apache.directory.api.ldap.model.name.Dn.parseInternal(Dn.java:1369) ~[ldap-sync-1.0.4.jar:1.0.4]
        at org.apache.directory.api.ldap.model.name.Dn.<init>(Dn.java:285) ~[ldap-sync-1.0.4.jar:1.0.4]
        at org.apache.directory.api.ldap.model.name.Dn.<init>(Dn.java:211) ~[ldap-sync-1.0.4.jar:1.0.4]
        at com.automic.sara.ldapsync.ldap.LDAPService.verifyConnection(LDAPService.java:118) ~[ldap-sync-1.0.4.jar:1.0.4]
        at com.automic.sara.ldapsync.steps.AESynchronizationStep.init(AESynchronizationStep.java:66) [ldap-sync-1.0.4.jar:1.0.4]
        at com.automic.sara.ldapsync.steps.BaseSynchronizationStep.execute(BaseSynchronizationStep.java:99) [ldap-sync-1.0.4.jar:1.0.4]
        at com.automic.sara.ldapsync.SynchronizationStepChain.execute(SynchronizationStepChain.java:33) [ldap-sync-1.0.4.jar:1.0.4]
        at com.automic.sara.ldapsync.LDAPSynchronizer.run(LDAPSynchronizer.java:59) [ldap-sync-1.0.4.jar:1.0.4]
        at com.automic.sara.ldapsync.LDAPSynchronizer.main(LDAPSynchronizer.java:28) [ldap-sync-1.0.4.jar:1.0.4]
2016-10-10 10:44:47.632 [main] c.a.s.l.LDAPSynchronizer                 ERROR  Could not able to get data from ldap server, this ldap connection may not have authorization on target BaseDn
com.automic.sara.ldapsync.exceptions.SynchronizationException: Could not able to get data from ldap server, this ldap connection may not have authorization on target BaseDn
        at com.automic.sara.ldapsync.steps.AESynchronizationStep.init(AESynchronizationStep.java:67) ~[ldap-sync-1.0.4.jar:1.0.4]
        at com.automic.sara.ldapsync.steps.BaseSynchronizationStep.execute(BaseSynchronizationStep.java:99) ~[ldap-sync-1.0.4.jar:1.0.4]
        at com.automic.sara.ldapsync.SynchronizationStepChain.execute(SynchronizationStepChain.java:33) ~[ldap-sync-1.0.4.jar:1.0.4]
        at com.automic.sara.ldapsync.LDAPSynchronizer.run(LDAPSynchronizer.java:59) [ldap-sync-1.0.4.jar:1.0.4]
        at com.automic.sara.ldapsync.LDAPSynchronizer.main(LDAPSynchronizer.java:28) [ldap-sync-1.0.4.jar:1.0.4]




 
Environment:
OS Version: N/A
Cause:
Cause type:
Defect
Root Cause: Search scope limitation
Resolution:
Update to a fix version listed below or a newer version if available.

Fix Status: Released

Fix Version(s):
LDAPSync 2.1.0 - Available
LDAPSync 2.0.1 - Available
LDAPSync 1.0.6 - Available
Additional Information:
Workaround :
N/A
File Attachments:
LDAP_SYNC.png