Error messages and problem solving

A warning or error message might be displayed in the user interface to provide information about the adapter or when an error occurs.

Table1 contains warnings or errors which might be displayed in the user interface if the LDAP Adapter is installed on your system.

Table 1. Warning and error messages
Warning or error message Recommended Action
No login or an invalid credential was supplied in the request. The adapter cannot bind to a naming context or is unable to initialize because invalid credentials were provided. To fix this problem, ensure that:
  • The managed resource is functioning properly and that you are connected to the correct resource.
  • The naming context is correct if the naming context is customized.
  • The administrator ID specified on the service form is correct.
  • The administrator password specified on the service form is correct.
An error occurred while establishing communication with the Tivoli® Directory Integrator server. IBM® Security Verify Identity server cannot establish a connection with Security Directory Integrator. To fix this problem, ensure that:
  • Security Directory Integrator is running.
  • The URL specified on the service form for Security Directory Integrator is correct.
Insufficient 'add' privilege. The administrator ID that is specified on the service form does not have privileges to add a user under the base DN. You must change the administrator ID to an administrator ID that has the correct privileges or assign privileges for the specified administrator ID.
Entry Already Exists or exception:javax.naming.NameAlreadyBoundException. The user has already been added to the resource. This error might occur if you are attempting to add a user to the directory server and IBM Security Verify is not synchronized with the resource. To fix this problem, schedule a reconciliation between IBM Security Verify and the resource. See the online help for information about scheduling a reconciliation.
Unknown Error while adding entry on resource. This error might occur for several reasons. To fix this problem, ensure that:
  • The administrator ID specified on the service form is correct.
  • The administrator password specified on the service form is correct.
  • The base point is correct, if it is customized.
  • The administrator ID has the correct privileges to modify a user account under the base DN.
  • The network connection is not slow.
Cannot add user to specific group. If you cannot add a user to a group, ensure that the specified group was created on the resource.
User not found. This error might occur when you attempt to add, modify, delete, or search for a user. This error might also occur if you attempt to change the password for a user. To fix the problem, ensure that:
  • The server that is specified for the adapter is correct.
  • The administrator ID specified on the service form is correct.
  • The administrator password specified on the service form is correct.
  • The base point is correct, if it is customized.
If the error continues to occur, check to ensure that:
  • The user was created on the directory server.
  • The user was not moved or deleted from the directory server.
To fix the problem, add the user to the directory server and then schedule a reconciliation. See the online help for information about scheduling a reconciliation.
Unknown error while modifying entry on resource. This error might occur for several reasons. To fix this problem, ensure that:
  • The administrator ID specified on the service form is correct.
  • The administrator password specified on the service form is correct.
  • The base point is correct, if it is customized.
  • The administrator ID has the correct privileges to modify a user account under the base DN.
  • The network connection is not slow.
Error adding user to group. If you cannot add a user to a group, ensure that:
  • The user was created on the resource.
  • The user is not already a member of the group.
  • The group was created on the resource.
If the user does not exist on the resource, you must create the user. If a user is already a member of a group, you cannot add the user to the group. If the group does not exist on the resource, you must add the group to the resource before you can add a user to the group. See the online help for information about creating groups or adding users to groups.
Insufficient 'delete' privilege. The administrator ID that is specified on the service form does not have privileges to delete a user under the base DN. You must change the administrator ID to an administrator ID that has the correct privileges or assign privileges for the specified administrator ID.
Search failed. This error might occur for several reasons. To fix the problem, ensure that:
  • The network connection is not slow.
  • The resource is not overloaded with network traffic.
  • Security Directory Integrator has sufficient memory, if you have a large number of users and groups.
Reconciliation operation stops prematurely with Out of Memory error. For more information on modifying LdapProfile.jar, see Customizing the adapter profile.
Group already exists. The group name that you specified already exist on the managed resource. Create a group with another group name.
Specified attribute violates the schema. This error occurs when the following attributes are not in the DN format:
  • Group Owner
  • See Also

Ensure that the values of Group Owner and See Also attributes are in the DN format. For example, you can add a user in the following format for the Group Owner and See Also attributes:cn=user1,dc=com.

Group not found. Perform a reconciliation operation to ensure that the group exists on the managed resource.
Schema violation. This error occurs when the Group RDN attribute is other than CN and the value of CN is blank for the Group Full Name attribute on the group form. Ensure that you select the CN option for the Group RDN attribute on the service form or specify a value for the Group Full Name attribute on the group form.