000025502 - How to configure LDAP synchronization from RSA ACE/Server 5.2 to Microsoft Active Directory 2003

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000025502
Applies ToRSA ACE/Server 5.2
Microsoft Windows 2000
Microsoft Windows Server 2003
Microsoft Active Directory
IssueHow to configure LDAP synchronization from RSA ACE/Server 5.2 to Microsoft Active Directory 2003
Error: "LDAP search error - [LDAP search] Operations error" in ldapsync.log; LDAP Synchronization to Active Directory 2003 fails
Installation worked previously
RSA ACE/Server LDAP sync,  Example:  Base DN:dc=test,dc=ap,dc=rsa,dc=net  works against Active Directory 2000 but not 2003
ResolutionIt is a known problem that RSA ACE/Server LDAP synchronization that previously worked against Active Directory 2000 does not work against Active Directory 2003. This has been resolved in RSA ACE/Server hot fix tst39295. Please contact RSA Security Customer Support to obtain the hot fix.

As a workaround for Active Directory 2003 LDAP synchronization with RSA ACE/Server 5.2, open an ACE/Server Database Administration session and edit the LDAP synchronization job details and add cn=Users to the Base DN as shown in the example below:

cn=Users,dc=test,dc=ap,dc=rsa,dc=net

For instructions on how to add, configure, and set up an LDAP synchronization in RSA ACE/Server, please refer to the RSA ACE/Server Administration Guide, chapter 7 as well as the section "Synchronizing LDAP User Records".

RSA Security Customer Support contact numbers can be found at http://www.rsasecurity.com/node.asp?id=1068.
WorkaroundChanged Active Directory to Windows 2003
Notes
Legacy Article IDa20660

Attachments

    Outcomes