Bind group to community error
After we upgrade our RAM server to 7511 version, now we follow the following steps do binding will cause problem:
1) Use RAM admin user login, visit administration -> communities 2) select the community, in the first "Users" tab, click the button "New User Group" 3) Specify the name and description, click "Create" link beside "Public group" 4) In the popup window, input the "group name' we have created in LDAP before, and click "search" 5) Select the group in the window and click "Bind" button. error log: [11/13/12 02:16:01 GMT] CRRAM0001E 1001954584 ERROR web pagecode.error.Error - 3D4C9BF7-96EE-6D82-6CBD-4177D775787B - URL: https://usaxram012ccxra.ccmp.ibm.lab/cloud/enterprise/ram/admin/group/userGroupDetail.faces - javax.faces.FacesException: #{pc_UserGroupDetail.doBindToSearchGroups}: com.ibm.ram.repository.security.CustomUserInformationFactory$CustomUserRegistryException: Error on creating search itr for Search="uid=dummy" Base="" at com.sun.faces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:118) at javax.faces.component.UICommand.broadcast(UICommand.java:387) at javax.faces.component.UIViewRoot.broadcastEvents(UIViewRoot.java:458) at javax.faces.component.UIViewRoot.processApplication(UIViewRoot.java:763) at com.sun.faces.lifecycle.InvokeApplicationPhase.execute(InvokeApplicationPhase.java:82) at com.sun.faces.lifecycle.Phase.doPhase(Phase.java:100) at com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:118) at javax.faces.webapp.FacesServlet.service(FacesServlet.java:265) at com.ibm.ws.webcontainer.servlet.ServletWrapper.service(ServletWrapper.java:1663) at com.ibm.ws.webcontainer.servlet.ServletWrapper.service(ServletWrapper.java:1597) at com.ibm.ws.webcontainer.filter.WebAppFilterChain.doFilter(WebAppFilterChain.java:131) at com.ibm.ram.repository.web.security.RAMServletFilter.doFilter(RAMServletFilter.java:529) at com.ibm.ws.webcontainer.filter.FilterInstanceWrapper.doFilter(FilterInstanceWrapper.java:188) at com.ibm.ws.webcontainer.filter.WebAppFilterChain.doFilter(WebAppFilterChain.java:116) at com.ibm.ram.repository.web.filters.CSRFSecurityFilter.doFilter(CSRFSecurityFilter.java:66) at com.ibm.ws.webcontainer.filter.FilterInstanceWrapper.doFilter(FilterInstanceWrapper.java:188) at com.ibm.ws.webcontainer.filter.WebAppFilterChain.doFilter(WebAppFilterChain.java:116) at com.ibm.ram.repository.web.filters.JavascriptSecurityFilter.doFilter(JavascriptSecurityFilter.java:29) at com.ibm.ws.webcontainer.filter.FilterInstanceWrapper.doFilter(FilterInstanceWrapper.java:188) at com.ibm.ws.webcontainer.filter.WebAppFilterChain.doFilter(WebAppFilterChain.java:116) at com.ibm.ram.repository.web.filters.GZipFilter.doFilter(GZipFilter.java:45) at com.ibm.ws.webcontainer.filter.FilterInstanceWrapper.doFilter(FilterInstanceWrapper.java:188) at com.ibm.ws.webcontainer.filter.WebAppFilterChain.doFilter(WebAppFilterChain.java:116) at com.ibm.ram.repository.web.security.SecureAccessFilter.doFilter(SecureAccessFilter.java:41) at com.ibm.ws.webcontainer.filter.FilterInstanceWrapper.doFilter(FilterInstanceWrapper.java:188) at com.ibm.ws.webcontainer.filter.WebAppFilterChain.doFilter(WebAppFilterChain.java:116) at com.ibm.ws.webcontainer.filter.WebAppFilterChain._doFilter(WebAppFilterChain.java:77) at com.ibm.ws.webcontainer.filter.WebAppFilterManager.doFilter(WebAppFilterManager.java:908) at com.ibm.ws.webcontainer.servlet.ServletWrapper.handleRequest(ServletWrapper.java:934) at com.ibm.ws.webcontainer.servlet.ServletWrapper.handleRequest(ServletWrapper.java:502) at com.ibm.ws.webcontainer.servlet.ServletWrapperImpl.handleRequest(ServletWrapperImpl.java:181) at com.ibm.ws.webcontainer.webapp.WebApp.handleRequest(WebApp.java:3935) at com.ibm.ws.webcontainer.webapp.WebGroup.handleRequest(WebGroup.java:276) at com.ibm.ws.webcontainer.WebContainer.handleRequest(WebContainer.java:931) at com.ibm.ws.webcontainer.WSWebContainer.handleRequest(WSWebContainer.java:1592) at com.ibm.ws.webcontainer.channel.WCChannelLink.ready(WCChannelLink.java:186) at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleDiscrimination(HttpInboundLink.java:452) at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleNewRequest(HttpInboundLink.java:511) at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.processRequest(HttpInboundLink.java:305) at com.ibm.ws.http.channel.inbound.impl.HttpICLReadCallback.complete(HttpICLReadCallback.java:83) at com.ibm.ws.tcp.channel.impl.AioReadCompletionListener.futureCompleted(AioReadCompletionListener.java:165) at com.ibm.io.async.AbstractAsyncFuture.invokeCallback(AbstractAsyncFuture.java:217) at com.ibm.io.async.AsyncChannelFuture.fireCompletionActions(AsyncChannelFuture.java:161) at com.ibm.io.async.AsyncFuture.completed(AsyncFuture.java:138) at com.ibm.io.async.ResultHandler.complete(ResultHandler.java:204) at com.ibm.io.async.ResultHandler.runEventProcessingLoop(ResultHandler.java:775) at com.ibm.io.async.ResultHandler$2.run(ResultHandler.java:905) at com.ibm.ws.util.ThreadPool$Worker.run(ThreadPool.java:1613) Caused by: javax.faces.el.EvaluationException: com.ibm.ram.repository.security.CustomUserInformationFactory$CustomUserRegistryException: Error on creating search itr for Search="uid=dummy" Base="" at com.sun.faces.application.MethodBindingMethodExpressionAdapter.invoke(MethodBindingMethodExpressionAdapter.java:102) at com.sun.faces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:102) ... 47 more Caused by: com.ibm.ram.repository.security.CustomUserInformationFactory$CustomUserRegistryException: Error on creating search itr for Search="uid=dummy" Base="" at com.ibm.ram.repository.custom.LDAPUserInformationFactory$SearchIterator.<init>(LDAPUserInformationFactory.java:1175) at com.ibm.ram.repository.custom.LDAPUserInformationFactory.search(LDAPUserInformationFactory.java:1303) at com.ibm.ram.repository.custom.LDAPUserInformationFactory.search(LDAPUserInformationFactory.java:1096) at com.ibm.ram.repository.custom.LDAPUserInformationFactory$LDAPGroupInformation$GroupMemberIterator.searchBase(LDAPUserInformationFactory.java:751) at com.ibm.ram.repository.custom.LDAPUserInformationFactory$LDAPGroupInformation$GroupMemberIterator.flushBases(LDAPUserInformationFactory.java:768) at com.ibm.ram.repository.custom.LDAPUserInformationFactory$LDAPGroupInformation$GroupMemberIterator.buildSearchItr(LDAPUserInformationFactory.java:706) at com.ibm.ram.repository.custom.LDAPUserInformationFactory$LDAPGroupInformation$GroupMemberIterator.hasNext(LDAPUserInformationFactory.java:611) at com.ibm.ram.repository.security.CustomUserInformationManager$1.synchronize(CustomUserInformationManager.java:788) at com.ibm.ram.repository.security.UserGroupInstance.synchronize(UserGroupInstance.java:1472) at com.ibm.ram.repository.security.CustomUserInformationManager.updateRAMGroup(CustomUserInformationManager.java:779) at pagecode.admin.group.UserGroupDetail.bindToExternalGroup(UserGroupDetail.java:699) at pagecode.admin.group.UserGroupDetail.doBindToSearchGroups(UserGroupDetail.java:712) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:48) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:600) at org.apache.el.parser.AstValue.invoke(AstValue.java:159) at org.apache.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:276) at com.sun.faces.application.MethodBindingMethodExpressionAdapter.invoke(MethodBindingMethodExpressionAdapter.java:88) ... 48 more Caused by: javax.naming.OperationNotSupportedException: [LDAP: error code 53 - Unwilling To Perform]; Remaining name: '/' at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3140) at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3013) at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2820) at com.sun.jndi.ldap.LdapCtx.searchAux(LdapCtx.java:1829) at com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1752) at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(ComponentDirContext.java:368) at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:338) at javax.naming.directory.InitialDirContext.search(InitialDirContext.java:222) at com.ibm.ram.repository.custom.LDAPUserInformationFactory$SearchIterator.<init>(LDAPUserInformationFactory.java:1157) ... 66 more |
2 answers
Your LDAP group is invalid. You have a member of the group that is just "uid=Dummy". Members of a group should be ONLY Distinguished Names. uid=Dummy is not a valid group member.
Comments Hi Rich,
Rich, do you have any suggestion for my answer?
Members of a group must have a distinguished name. That is what is looked for. uid=dummy is not a distinguished name.
uid=dummy,ou=bluepages,o=ibm.com
uid=dummy is not enough to identify the member in a group. There needs to be at least two parts to a distinguished name, one is not sufficient. Your LDAP doesn't allow searching like this, so it is throwing the error. I do not know how this could of worked before because it is the same code doing the search. Rich,
|
Hi all,
I have the same problem on RAM 7.5.2: [04/08/15 09:36:22 BRT] CRRAM0004E 558880475 ERROR web com.ibm.ram.repository.security.CustomUserInformationManager - Error updating user group id=1043 name=XXX07 binding id=cn=XXXX07X,ou=xxx,ou=xxxxxxxxx,ou=groups,ou=access,o=xx,c=br Msg=Error on creating search itr for Search="uid=dummy" Base="". It took 1 msecs to process the previous user in the group. [04/08/15 09:36:22 BRT] CRRAM0004E 558880477 ERROR web com.ibm.ram.repository.security.CustomUserInformationManager - A usergroup had failed updating. Will try updating the next usergroup in sequence. Had updated 0 groups so far. com.ibm.ram.repository.security.CustomUserInformationFactory$CustomUserRegistryException: Error on creating search itr for Search="uid=dummy" Base="" at com.ibm.ram.repository.custom.LDAPUserInformationFactory$SearchIterator.<init>(LDAPUserInformationFactory.java:1215) at com.ibm.ram.repository.custom.LDAPUserInformationFactory.search(LDAPUserInformationFactory.java:1343) at com.ibm.ram.repository.custom.LDAPUserInformationFactory.search(LDAPUserInformationFactory.java:1136) at com.ibm.ram.repository.custom.LDAPUserInformationFactory$LDAPGroupInformation$GroupMemberIterator.searchBase(LDAPUserInformationFactory.java:758) at com.ibm.ram.repository.custom.LDAPUserInformationFactory$LDAPGroupInformation$GroupMemberIterator.flushBases(LDAPUserInformationFactory.java:775) at com.ibm.ram.repository.custom.LDAPUserInformationFactory$LDAPGroupInformation$GroupMemberIterator.buildSearchItr(LDAPUserInformationFactory.java:713) at com.ibm.ram.repository.custom.LDAPUserInformationFactory$LDAPGroupInformation$GroupMemberIterator.hasNext(LDAPUserInformationFactory.java:618) at com.ibm.ram.repository.security.CustomUserInformationManager$1.synchronize(CustomUserInformationManager.java:813) at com.ibm.ram.repository.security.UserGroupInstance.synchronize(UserGroupInstance.java:1472) at com.ibm.ram.repository.security.CustomUserInformationManager.updateRAMGroup(CustomUserInformationManager.java:804) at com.ibm.ram.repository.security.CustomUserInformationManager.updateAllRAMUserGroups(CustomUserInformationManager.java:885) at pagecode.admin.repository.Tools.doUpdateCustomUserInfo(Tools.java:184) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:48) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:600) at org.apache.el.parser.AstValue.invoke(AstValue.java:159) at org.apache.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:276) at com.sun.faces.application.MethodBindingMethodExpressionAdapter.invoke(MethodBindingMethodExpressionAdapter.java:88) at com.sun.faces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:102) at javax.faces.component.UICommand.broadcast(UICommand.java:387) at javax.faces.component.UIViewRoot.broadcastEvents(UIViewRoot.java:458) at javax.faces.component.UIViewRoot.processApplication(UIViewRoot.java:763) at com.sun.faces.lifecycle.InvokeApplicationPhase.execute(InvokeApplicationPhase.java:82) at com.sun.faces.lifecycle.Phase.doPhase(Phase.java:100) at com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:118) at javax.faces.webapp.FacesServlet.service(FacesServlet.java:265) at com.ibm.ws.webcontainer.servlet.ServletWrapper.service(ServletWrapper.java:1667) at com.ibm.ws.webcontainer.servlet.ServletWrapper.service(ServletWrapper.java:1602) at com.ibm.ws.webcontainer.filter.WebAppFilterChain.doFilter(WebAppFilterChain.java:149) at com.ibm.ram.repository.web.security.RAMServletFilter.doFilter(RAMServletFilter.java:591) at com.ibm.ws.webcontainer.filter.FilterInstanceWrapper.doFilter(FilterInstanceWrapper.java:190) at com.ibm.ws.webcontainer.filter.WebAppFilterChain.doFilter(WebAppFilterChain.java:125) at com.ibm.ram.repository.web.filters.CSRFSecurityFilter.doFilter(CSRFSecurityFilter.java:66) at com.ibm.ws.webcontainer.filter.FilterInstanceWrapper.doFilter(FilterInstanceWrapper.java:190) at com.ibm.ws.webcontainer.filter.WebAppFilterChain.doFilter(WebAppFilterChain.java:125) at com.ibm.ram.repository.web.filters.JavascriptSecurityFilter.doFilter(JavascriptSecurityFilter.java:29) at com.ibm.ws.webcontainer.filter.FilterInstanceWrapper.doFilter(FilterInstanceWrapper.java:190) at com.ibm.ws.webcontainer.filter.WebAppFilterChain.doFilter(WebAppFilterChain.java:125) at com.ibm.ram.repository.web.filters.GZipFilter.doFilter(GZipFilter.java:42) at com.ibm.ws.webcontainer.filter.FilterInstanceWrapper.doFilter(FilterInstanceWrapper.java:190) at com.ibm.ws.webcontainer.filter.WebAppFilterChain.doFilter(WebAppFilterChain.java:125) at com.ibm.ram.repository.web.security.SecureAccessFilter.doFilter(SecureAccessFilter.java:58) at com.ibm.ws.webcontainer.filter.FilterInstanceWrapper.doFilter(FilterInstanceWrapper.java:190) at com.ibm.ws.webcontainer.filter.WebAppFilterChain.doFilter(WebAppFilterChain.java:125) at com.ibm.ws.webcontainer.filter.WebAppFilterChain._doFilter(WebAppFilterChain.java:80) at com.ibm.ws.webcontainer.filter.WebAppFilterManager.doFilter(WebAppFilterManager.java:908) at com.ibm.ws.webcontainer.servlet.ServletWrapper.handleRequest(ServletWrapper.java:939) at com.ibm.ws.webcontainer.servlet.ServletWrapper.handleRequest(ServletWrapper.java:507) at com.ibm.ws.webcontainer.servlet.ServletWrapperImpl.handleRequest(ServletWrapperImpl.java:181) at com.ibm.ws.webcontainer.webapp.WebApp.handleRequest(WebApp.java:3954) at com.ibm.ws.webcontainer.webapp.WebGroup.handleRequest(WebGroup.java:276) at com.ibm.ws.webcontainer.WebContainer.handleRequest(WebContainer.java:945) at com.ibm.ws.webcontainer.WSWebContainer.handleRequest(WSWebContainer.java:1592) at com.ibm.ws.webcontainer.channel.WCChannelLink.ready(WCChannelLink.java:191) at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleDiscrimination(HttpInboundLink.java:453) at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleNewRequest(HttpInboundLink.java:515) at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.processRequest(HttpInboundLink.java:306) at com.ibm.ws.http.channel.inbound.impl.HttpICLReadCallback.complete(HttpICLReadCallback.java:84) at com.ibm.ws.ssl.channel.impl.SSLReadServiceContext$SSLReadCompletedCallback.complete(SSLReadServiceContext.java:1784) at com.ibm.ws.tcp.channel.impl.AioReadCompletionListener.futureCompleted(AioReadCompletionListener.java:175) at com.ibm.io.async.AbstractAsyncFuture.invokeCallback(AbstractAsyncFuture.java:217) at com.ibm.io.async.AsyncChannelFuture.fireCompletionActions(AsyncChannelFuture.java:161) at com.ibm.io.async.AsyncFuture.completed(AsyncFuture.java:138) at com.ibm.io.async.ResultHandler.complete(ResultHandler.java:204) at com.ibm.io.async.ResultHandler.runEventProcessingLoop(ResultHandler.java:775) at com.ibm.io.async.ResultHandler$2.run(ResultHandler.java:905) at com.ibm.ws.util.ThreadPool$Worker.run(ThreadPool.java:1656) Caused by: javax.naming.OperationNotSupportedException: [LDAP: error code 53 - R010018 Search with null base DN requires either scope=base (for root DSE search) or scope=subtree (for null based subtree search) (process_root_request:294)]; Remaining name: '/' at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3140) at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3013) at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2820) at com.sun.jndi.ldap.LdapCtx.searchAux(LdapCtx.java:1829) at com.sun.jndi.ldap.LdapCtx.c_search(LdapCtx.java:1752) at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_search(ComponentDirContext.java:368) at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.search(PartialCompositeDirContext.java:338) at com.ibm.ram.repository.custom.LDAPUserInformationFactory$SearchIterator.<init>(LDAPUserInformationFactory.java:1197) ... 67 more |
Your answer
Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.