Article Content
Article Number | 000033197 |
Applies To | RSA Product Set: RSA Identity Management and Governance RSA Version/Condition: 6.9.1 P12 |
Issue | When doing a connection test the RSA Identity Management and Governance 6.9.1 P12 Active Directory Identity Data Collector (IDC) fails with the following result:Collector test failed: The aveksaServer.log file () shows the following exception: 04/12/2016 11:14:57.713 ERROR (ApplyChangesRegularThread-165) [com.aveksa.client.datacollector.collectors.identitydatacollectors.readerImpl.JndiLdapConnector] If the collection is attempted, the collection status shows the following under "Admin Errors for Run": EC[31002]Context[Collector Name=Active Directory IDC, Agent Name=AveksaAgent, Data Run ID=355Reason=java.lang.RuntimeException]Message[Data collection failed on the agent] |
Cause | This issue may occur if the User Base DN of the search is set to the root of the domain (for example, DC=2k8r2-vcloud, DC=local) and the LDAP server is set to generate LDAP referrals. The error occurs when RSA Identify Management and Governance attempts to incorrectly interpret the referral request as an error message. |
Resolution | This issue is resolved in RSA Identity Management and Governance 6.9.1 P22 or later. This issue does not exist in RSA Identity Governance and Lifecycle 7.0 GA version or later. |
Workaround | This issue only occurs if the User Base DN is set to the root of the LDAP structure. It may be possible to work around this issue by setting the User Base DN to an OU value that contains the user objects. If there are multiple OU objects containing users then you must setup separate collectors for each OU. |