Skip navigation

Log in to create and rate content, and to follow, bookmark, and share content with other members.

000033197 - RSA Identity Management and Governance 6.9.1 P12 Active Directory Identity Data Collector (IDC) collection fails with "Unprocessed Continuation Reference"

Document created by RSA Customer Support

on Jun 14, 2016•Last modified by RSA Customer Support

on Jul 21, 2017

Version 3Show Document

Like • Show 0 Likes0
Comment • 0
View in full screen mode

Article Content

Article Number	000033197
Applies To	RSA Product Set: RSA Identity Management and Governance RSA Version/Condition: 6.9.1 P12
Issue	When doing a connection test the RSA Identity Management and Governance 6.9.1 P12 Active Directory Identity Data Collector (IDC) fails with the following result: Collector test failed: com.aveksa.server.runtime.ServerException: Test request failed with response: com.aveksa.server.runtime.ServerException: java.lang.RuntimeException Caused By Stack java.lang.RuntimeException at The aveksaServer.log file () shows the following exception: 04/12/2016 11:14:57.713 ERROR (ApplyChangesRegularThread-165) [com.aveksa.client.datacollector.collectors.identitydatacollectors.readerImpl.JndiLdapConnector] Error occured in fetching users, Root Cause : Unprocessed Continuation Reference(s) 04/12/2016 11:14:57.713 ERROR (ApplyChangesRegularThread-165) [com.aveksa.client.datacollector.framework.DataCollectorManager] FAILED method=Collect CollectionMetaInfo[{ID=11, run_id=1460474097611, collector_id=41, test-run=true, collector_name=Active Directory IDC, data_file=/home/oracle/jboss-4.2.2.GA/server/default/./deploy/aveksa.ear/aveksa.war/WEB-INF/LocalAgent/collected_data/11.data}] java.lang.RuntimeException at com.aveksa.client.datacollector.collectors.identitydatacollectors.readerImpl.JndiLdapConnector$UserDirectoryIterator.setContextAndGetUsers(JndiLdapConnector.java:1050) If the collection is attempted, the collection status shows the following under "Admin Errors for Run": EC[31002]Context[Collector Name=Active Directory IDC, Agent Name=AveksaAgent, Data Run ID=355Reason=java.lang.RuntimeException]Message[Data collection failed on the agent]
Cause	This issue may occur if the User Base DN of the search is set to the root of the domain (for example, DC=2k8r2-vcloud, DC=local) and the LDAP server is set to generate LDAP referrals. The error occurs when RSA Identify Management and Governance attempts to incorrectly interpret the referral request as an error message.
Resolution	This issue is resolved in RSA Identity Management and Governance 6.9.1 P22 or later. This issue does not exist in RSA Identity Governance and Lifecycle 7.0 GA version or later.
Workaround	This issue only occurs if the User Base DN is set to the root of the LDAP structure. It may be possible to work around this issue by setting the User Base DN to an OU value that contains the user objects. If there are multiple OU objects containing users then you must setup separate collectors for each OU.

Attachments

Outcomes

0 Comments

Recommended Content