Cannot connect to LDAP directory CRJAZ1559W
vishnudharan manivannan (118●37●42)
| asked Jul 31 '13, 5:55 a.m.
edited Jul 31 '13, 6:11 a.m. by Krzysztof Kaźmierczyk (7.5k●4●80●103) Hi,
We are trying to install RTC 4.0 Tomcat with LDAP user registry. During installation process in the step 6 we get this error. LDAP connection was attempted with warnings. Resolve warnings or click Next to continue.ID CRJAZ1559W. Note : Already there is an existing RTC 4.0 instance configured with the same LDAP settings which is working perfectly fine. We are installating another instance RTC for dev environment. Shouldn't there be 2 instances of RTC with same LDAP configurations ? Or how do i resolve this error ? Thanks in advance..
|
Accepted answer
3 other answers
But now We get another error. It goes like "In an attempt to connect to the LDAP registry, a problem was found with the LDAP configuration. One or more users in the LDAP registry, including the user "SEDCD015$", do not contain the e-mail address type of property named "cn". For more details, open the help system and search for this message ID.ID CRJAZ2305W " What do we do now ? |
Hello Vishnudharan,
Definietely you should be able to use the same ldap with different RTC servers. Could you provide screen snapshot with error details? There are two technotes regarding this issue: http://www-01.ibm.com/support/docview.wss?uid=swg21587363 http://www-01.ibm.com/support/docview.wss?uid=swg21501072 Can you check if at least one of them matches your issue? Hope that it helps for you. Best regards, Krzysztof Kazmierczyk. Comments Thank you for the response Krzystof. Unfortunately both the tech notes did not match my problem. While trying to Test the connection I get this error
"LDAP connection was attempted with warnings. Resolve warnings or click Next to continue.ID CRJAZ1559W
Server logs :
013-07-31 15:21:46,648 [ http-bio-9443-exec-4] WARN jts.internal.userregistry.ldap.LDAPServerValidator - CRJAZ2149W An error occurred while validating the LDAP configuration.
1
Shubjit Naik
commented Jul 31 '13, 6:34 a.m.
Is the LDAP server running on the same server, localhost?
1
Krzysztof Kaźmierczyk
commented Jul 31 '13, 6:42 a.m.
Hi Vishnudharan,
vishnudharan manivannan
commented Jul 31 '13, 7:47 a.m.
Apparently we found out that the Ldap server has a blocking firewall which is not allowing us to reach it. It is running on a different server. Thank you for the help !
vishnudharan manivannan
commented Jul 31 '13, 9:29 a.m.
But now We get another error. It goes like "In an attempt to connect to the LDAP registry, a problem was found with the LDAP configuration. One or more users in the LDAP registry, including the user "SEDCD015$", do not contain the e-mail address type of property named "cn". For more details, open the help system and search for this message ID.ID CRJAZ2305W " What do we do now ? |
This is not really an error but a warning. As the error suggests, suppose you have mentioned "userId=sAMAccountName,name=cn,emailAddress=mail" in the user property name mapping, the system expects that userid,name and mail fields in the LDAP are mandatory to validate the user and essentially not blank for any user.
If you update the users with email addresses (not essentially valid ones), this warning will go away. Comments
vishnudharan manivannan
commented Aug 01 '13, 2:38 a.m.
So can I save the tomcat configuration files and proceed with the setup ? I have concern that during the final step in the setup process, the ldap sync might fail because it failed to sync for the first 3 or 5 users. So the remaining users in the list might not get the roles. Please advice.
Indradri Basu
commented Aug 01 '13, 3:25 a.m.
I am not too certain about it as I haven't tested this explicitly. However, suppose you are in Step 6 (configure user registry) of the setup process, you can manually edit the url to step 7 to move on and see how it turn out. Then after completing the setup you can try to import the users from the ldap and see if it complains but I think it will not. On the contrary you can always come back after correcting the LDAP users and rerun the setup.
|
Your answer
Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.