Hi,

I'm struggling trying to update to OSP 6.0.0.3, but I still facing this
error:

[OIDP] 2016-04-06T16:51:19.072+0200
Level: TRACE
Code: com.novell.identity.common.ldap.jndi.JNDIConnectio n.getObject()
[1009] thread=http-bio-8543-exec-9
Message: Exception while attempting to get a user store object!

The setup is:
- IDM 4.5.3 on Windows 2012R2
- eDirectory 8.8.8.7 on same server
- Configupdate 4.0.2
- JRE 8
- OSP 6.0.0.3
- Tomcat ssl configured

Before the update to OSP 6.0.0.3, everything is working fine.

After update to OSP 6.0.0.3 there is the error (same problem with
userapp 4.5 and after update to userapp 4.5.3).

It seems the OSP cannot get the LDAP username from eDirectory:

[OIDP] 2016-04-06T16:50:53.989+0200
Level: TRACE
Code: com.novell.oidp.source.ldap.LDAPAuthenticationSour ce.searchUser()
[1082] thread=http-bio-8543-exec-9
Message: Searching for principal(s) on Data Store idm_idv using filter:
(&(objectClass=User)(|(cn=sma)(mail=sma))). Find all principals: true

[OIDP] 2016-04-06T16:50:53.990+0200
Level: TRACE
Code: com.novell.oidp.source.ldap.LDAPAuthenticationSour ce.searchUser()
[1170] thread=http-bio-8543-exec-9
Message: Performing LDAP search
(&(objectClass=User)(|(cn=sma)(mail=sma))) in context ou=users,o=xxxx

[OIDP] 2016-04-06T16:50:53.991+0200
Level: TRACE
Code: com.novell.identity.common.ldap.jndi.JNDIStore.doA dminSearch()
[1112] thread=http-bio-8543-exec-9
Message: Base context: ou=users,o=xxxx, Filter:
(&(objectClass=User)(|(cn=sma)(mail=sma))), Scope: 2, Attributes: GUID,
cn, nrfMemberOf, srvprvPreferredLocale, mail, mail, initials, givenName,
mobile, {$dn}, cn, sn, {$dn}, objectClass, loginIntruderAttempts,
Request Controls: 0

[OIDP] 2016-04-06T16:50:54.003+0200
Level: TRACE
Code: com.novell.identity.common.ldap.jndi.JNDIConnectio n.<init>() [219]
thread=http-bio-8543-exec-9
Message:
Connection: 8f359929-7a40-48ac-9d3a-0b3b1acf16a4, Environment
Parameters for InitialDirContext() method call:
Key: java.naming.factory.initial, Value:
com.sun.jndi.ldap.LdapCtxFactory
Key: java.naming.provider.url, Value: ldaps://iam1.adir.local:636
Key: com.sun.jndi.ldap.connect.timeout, Value: 0
Key: java.naming.security.principal, Value:
cn=admin,ou=users,ou=system,o=xxxx
Key: java.naming.security.authentication, Value: simple
Key: java.naming.security.credentials, Value: *****
Key: java.naming.security.protocol, Value: ssl
Key: java.naming.ldap.factory.socket, Value:
com.novell.osp.util.net.client.OSP_SSLSocketFactor y

[OIDP] 2016-04-06T16:50:54.027+0200
Level: TRACE
Code:
com.novell.identity.common.ldap.jndi.JNDIConnectio n.setContextEnvironmentProperties()
[1875] thread=http-bio-8543-exec-9
Message: Added property to DirContext Environment: Property Name:
java.naming.ldap.attributes.binary, Value: GUID
nDSPKITrustedRootCertificate

[OIDP] 2016-04-06T16:50:54.028+0200
Level: DEBUG
Code: com.novell.oidp.source.ldap.LDAPSource.accept() [1592]
thread=http-bio-8543-exec-9
Message: CreateConnection

[OIDP] 2016-04-06T16:51:19.071+0200
Level: TRACE
Code: com.novell.identity.common.ldap.jndi.JNDIStore.doA dminSearch()
[1118] thread=http-bio-8543-exec-9
Message: Try connection: ldaps://iam1.adir.local

[OIDP] 2016-04-06T16:51:19.072+0200
Level: TRACE
Code: com.novell.identity.common.ldap.jndi.JNDIConnectio n.getObject()
[1009] thread=http-bio-8543-exec-9
Message: Exception while attempting to get a user store object!


I can see the query on LDAP iMonitor trace, but no error.

Any help ?

Thanks

Sylvain


--
sma
------------------------------------------------------------------------
sma's Profile: https://forums.netiq.com/member.php?userid=174
View this thread: https://forums.netiq.com/showthread.php?t=55667