000021599 - All users within specified search parameters are not loaded into ACE database during LDAP Sync job (even though it runs without error)

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000021599
Applies ToRSA ACE/Server 5.2
RSA Authentication Manager 6.0
Lightweight Directory Access Protocol (LDAP)
Microsoft Active Directory
Novell eDirectory
Sun ONE Directory Server
IssueAll users within specified search parameters are not loaded into ACE database during LDAP Sync job (even though it runs without error)
ResolutionThe ACE/Server LDAP Sync looks for specific LDAP attributes that will then be mapped to specific ACE database attributes. To see which attributes ACE is looking for, open up your RSA ACE/Server Database Administration Program and go to "System" --> "LDAP Maps". Next, choose the option for your Directory Server - ensure that every user has the 3 "Required Fields" set in the LDAP Server. For example, the LDAP Map for Novell eDirectory reads as follows:

LDAP Default Login:  uid

LDAP Last Name:  sn

LDAP First Name:  givenname

This means that if a user does not have these 3 attributes defined (uid, sn, and givenname), they will not be imported by the ACE/Server, even if they fulfill all other search parameters. 
Legacy Article IDa23994

Attachments

    Outcomes