000038135 - LDAP exception occurred getting attributes for the class <Object Class name> from LDAP server when testing connection to identity source configured with the RSA SecurID Access Cloud Authentication Service

Document created by RSA Customer Support Employee on Jan 7, 2020
Version 1Show Document
  • View in full screen mode

Article Content

Article Number000038135
Applies ToRSA Product Set: SecurID Access
RSA Product/Service Type: Cloud Authentication Service
IssueWhen testing the connection to the directory server(s) that are defined in an identity source configured with the Cloud Authentication Service under the Cloud Administration Console > Users Identity Sources Edit Directory Servers  icon, testing  fails with one of  the following error message shown in the GUI:
  • Unable to connect to Active Directory server. Review the configuration details (if the identity source is Active Directory),
        or

  • Unable to connect to LDAP server. Review the configuration details (if the identity source  is LDAP).
The log message shown in the GUI, or alternatively found in the identity router's symplified log which can be viewed from Cloud Administration Console > Platform > Identity Routers > Dropdown arrow next to Edit > View Log, resembles the following:
 

Service failure [response: ServiceError [code=REMOTE_ERROR, platform=CONTROLLER, reason=LDAP
exception occurred getting attributes for the class 'exampleClassName' from LDAP server 'ldap://<IP address of directory server>:<port>'.,
exceptionClass=com.symplified.adapter.api.userstore.ldap.LdapUserStoreException,
stackTrace=com.symplified.adapter.api.userstore.ldap.LdapUserStoreException: LDAP exception occurred
getting attributes for the class 'exampleClassName' from LDAP server 'ldap://<IP address of directory server>:<port>'. at
com.symplified.adapter.userstores.ldap.LdapUserStoreConnectionImpl.getClassAttributes(LdapUserStoreConnectionImpl.java:1382)
CauseThe Object Class in the identity source configuration under Cloud Administration Console Users Identity Sources Edit > Object Class is set incorrectly.
ResolutionCorrect the Object Class in the identity source configuration. The following are the default values based on identity source type:
  • Active Directory: user
  • LDAP: inetOrgPerson

Attachments

    Outcomes