grouper-users - LDAPPC issues with whitespace in Active Directory
Subject: Grouper Users - Open Discussion List
List archive
- From: Raymond D Walker <>
- To: "" <>
- Subject: LDAPPC issues with whitespace in Active Directory
- Date: Thu, 22 Oct 2009 17:25:59 -0700
- Accept-language: en-US
- Acceptlanguage: en-US
Firing this message off at the end of the day without really looking
for past reports of this particular issue...
When provisioning to Active Directory environment with LDAPPC 1.4, I'm
noticing that if you are working with user DN's that have whitespaces,
LDAPPC takes that and converts to "%20" when actually provisioning,
thus throwing errors/warnings:
---
2009-10-22 16:58:16,976: [Timer-0] ERROR ErrorLog.error(108) -
[edu.internet2.middleware.ldappc.synchronize.GroupEntrySynchronizer]
GROUP[[ DISPLAY NAME = ENT:ITS-SIA-TEST ][NAME = ENT:ITS-SIA-TEST][UID
= 10ea9fd09f744e6fb0ad3cd0baf2dbb0]] ::
javax.naming.NameNotFoundException: [LDAP: error code 32 - 00000525:
NameErr: DSID-031A11A5, problem 2001 (NO_OBJECT), data 0, best match of:
''
---
This error in LDAPPC makes you think it's the group that's at fault,
my initial guesses were that it wasn't being created due to permission
issues, etc... This is in fact not the case, but rather due to
whitespace conversion in user DN's...
Bumped up the log levels and found the attempt to create the group:
---
009-10-22 16:58:16,938: [Timer-0] INFO
GroupEntrySynchronizer.addGroupEntry(870) - Creating 'cn=ENT:ITS-SIA-
TEST,ou=Enterprise Groups,dc=froot,dc=nau,dc=edu' attrs
{grouptype=groupType: -2147483640, objectclass=objectClass: group,
member=member: CN=rdw4,OU=Student%20Wage,OU=Exchange
%20Mailboxes,DC=nau,DC=froot,DC=nau,DC=edu, cn=cn: ENT:ITS-SIA-TEST}
2009-10-22 16:58:16,976: [Timer-0] ERROR ErrorLog.error(108) -
[edu.internet2.middleware.ldappc.synchronize.GroupEntrySynchronizer]
GROUP[[ DISPLAY NAME = ENT:ITS-SIA-TEST ][NAME = ENT:ITS-SIA-TEST][UID
= 10ea9fd09f744e6fb0ad3cd0baf2dbb0]] ::
javax.naming.NameNotFoundException: [LDAP: error code 32 - 00000525:
NameErr: DSID-031A11A5, problem 2001 (NO_OBJECT), data 0, best match of:
''
---
...but still the same warning/error... I tried adding by hand... walah!
---
changetype: modify
add: member
member: CN=aga7,OU=Student%20Wage,OU=Exchange
%20Mailboxes,DC=nau,DC=froot,DC=nau,DC=edu
modifying entry "CN=ENT:ITS-SIA-TEST,OU=Enterprise
Groups,DC=froot,DC=nau,DC=edu"
ldap_modify: No such object (32)
additional info: 00000525: NameErr: DSID-031A11A5, problem 2001
(NO_OBJECT), data 0, best match of:
''
---
Converting the %20 back to " " solves the issue in AD. These
"whitespace" DN users only exist in production thanks to the
flexibility of Exchange.
I'm assuming there is no configuration changes to get around this issue?
Raymond Walker
Software Systems Engineer Sr.
ITS Northern Arizona University
- Re: [grouper-users] Ldappc missing LDAP sourced members, Raymond D Walker, 10/21/2009
- Re: [grouper-users] Ldappc missing LDAP sourced members, Tom Zeller, 10/22/2009
- LDAPPC issues with whitespace in Active Directory, Raymond D Walker, 10/22/2009
- Re: [grouper-users] LDAPPC issues with whitespace in Active Directory, Tom Zeller, 10/23/2009
- Re: [grouper-users] LDAPPC issues with whitespace in Active Directory, Tom Zeller, 10/23/2009
- Re: [grouper-users] LDAPPC issues with whitespace in Active Directory, Raymond D Walker, 10/29/2009
- Re: [grouper-users] LDAPPC issues with whitespace in Active Directory, Tom Zeller, 10/23/2009
- Re: [grouper-users] LDAPPC issues with whitespace in Active Directory, Tom Zeller, 10/23/2009
- LDAPPC issues with whitespace in Active Directory, Raymond D Walker, 10/22/2009
- Re: [grouper-users] Ldappc missing LDAP sourced members, Tom Zeller, 10/22/2009
Archive powered by MHonArc 2.6.16.