000024243 - Client receives java.lang.NumberFormatException or 'Bad search filter (89); Bad parameter to an LDAP method' LDAPException when deleting Group Entitlements

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000024243
Applies ToMicrosoft Windows Server 2003 SP1
RSA ClearTrust 5.5.3
Microsoft Windows Active Directory 2003
Issue"java.lang.NumberFormatException" or "Bad search filter (89)" when deleting group entitlements in Cleartrust 5.5.3-88 and higher
The client encountered an error in the Entitlements Manager when deleting any group entitlements.    If the client is running RSA ClearTrust Server 5.5.3 prior to fixpack 5.5.3.88 the following error appears in the entitlements server log file and the standard output when running the entitlements server in debug mode:
java.lang.NumberFormatException: null
at java.lang.Integer.parseInt(Unknown Source)
at java.lang.Integer.parseInt(Unknown Source)
at sirrus.da.ldap.admin.LDAPUser.getPropertiesFromEntry(LDAPUser.java:590)
The client encounters the following error when deleting any group entitlements if they are running RSA ClearTrust Server 5.5.3 after fixpack 5.5.3.88:
netscape.ldap.LDAPException: Bad search filter (89); Bad parameter to an LDAP method
at netscape.ldap.LDAPConnection.search(LDAPConnection.java:2547)
at sirrus.da.ldap.util.LDAPSearchCommand.issueSearch(LDAPSearchCOmmand.java:202)
The client is using an Active Directory auxiliary server and has the global catalog option enabled.
The ldap.conf file contains the following entry where the configuration parameter is split across two lines:
cleartrust.data.ldap.auxuser.filter
:(&objectClass=user)(objectCategory=person)
CauseSince the configuration parameter is split across two separate lines, the java code is unable to read the data in the filter correctly and assumes a null value.
ResolutionCorrect the ldap.conf file and combine the two lines into a single line and restart the entitlements server:
cleartrust.data.ldap.auxuser.filter: (&(objectClass=user)(objectCategory=person)
Legacy Article IDa37045

Attachments

    Outcomes