IBM Support

RS03550: EXCEPTION WHEN SYNCHRONIZING LDAP USERS

Fixes are available

Operational Decision Manager V8.9.2.1: Interim Fix 23
Operational Decision Manager V8.9.2.1: Interim Fix 24
Operational Decision Manager for z/OS 8.10.2.2 Fix Pack
IBM Operational Decision Manager V8.10.2.2 Fix Pack
Operational Decision Manager V8.9.2.1: Interim Fix 26
Operational Decision Manager V8.9.2.1: Interim Fix 27
Operational Decision Manager V8.9.2.1: Interim Fix 28
IBM Operational Decision Manager V8.10.4 Download Document
IBM Operational Decision Manager V8.10.4 Mod Pack
IBM Operational Decision Manager for z/OS 8.10.4 Mod Pack
Operational Decision Manager V8.9.2.1: Interim Fix 30
Operational Decision Manager V8.9.2.1: Interim Fix 31
Operational Decision Manager V8.9.2.1: Interim Fix 34

Subscribe

You can track all active APARs for this component.

 

APAR status

  • Closed as program error.

Error description

  • Whenever the ldap synchronization thread is executed the
following exception is thrown and LDAP users are not
updated.


[8/27/19 19:30:47:429 EDT] 00000084
com.ibm.rules.decisioncenter.userregistry E An error has
occured while synchronization with LDAP registries.
ilog.rules.teamserver.model.IlrDataSourceException:
Could not
lookup datasource named 'DBLOCK'
at ilog.rules.teamserver.ejb.se
rvice.IlrLocalSessionImpl.databaseLockEntry(IlrLocalSessionImpl.
java:81)
at ilog.rules.teamserver.ejb.service.IlrSessionFacadeIm
pl.synchronizeWithLdapRegistries(IlrSessionFacadeImpl.java:10709
)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native
Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMet
hodAccessorImpl.java:90)
at sun.reflect.DelegatingMethodAccessor
Impl.invoke(DelegatingMethodAccessorImpl.java:55)
at
java.lang.reflect.Method.invoke(Method.java:508)
at ilog.rules.t
eamserver.transaction.IlrTransactionalInvocationHandler.invoke(I
lrTransactionalInvocationHandler.java:74)
at
com.sun.proxy.$Proxy152.synchronizeWithLdapRegistries(Unknown
Source)
at ilog.rules.teamserver.model.impl.IlrAbstractSession.s
ynchronizeWithLdapRegistries(IlrAbstractSession.java:2995)
at co
m.ibm.rules.decisioncenter.web.core.DecisionCenterLDAPSyncServic
e$LDAPSyncRunner.doRun(DecisionCenterLDAPSyncService.java:148)
a
t com.ibm.rules.decisioncenter.web.core.UpdateServiceRunner$Peri
odicServiceRunner.run(UpdateServiceRunner.java:192)
at com.ibm.r
ules.decisioncenter.web.core.UpdateServiceRunner$Service.run(Upd
ateServiceRunner.java:81)
at com.google.common.util.concurrent.A
bstractExecutionThreadService$1$2.run(AbstractExecutionThreadSer
vice.java:66)
at com.google.common.util.concurrent.Callables$4.r
un(Callables.java:122)
at java.lang.Thread.run(Thread.java:812)
Caused by: com.ibm.db2.jcc.am.SqlSyntaxErrorException: DCUSER
DOES NOT HAVE THE PRIVILEGE TO PERFORM OPERATION CREATE TABLE
FOR USER DCUSER ON OBJECT DCUSER .DBLOCK. SQLCODE=-5 51,
SQLSTATE=42501, DRIVER=4.24.92
at
com.ibm.db2.jcc.am.b6.a(b6.java:810)
at
com.ibm.db2.jcc.am.b6.a(b6.java:66)
at
com.ibm.db2.jcc.am.b6.a(b6.java:140)
at
com.ibm.db2.jcc.am.k3.c(k3.java:2817)
at
com.ibm.db2.jcc.am.k3.d(k3.java:2801)
at
com.ibm.db2.jcc.am.k3.b(k3.java:2161)
at
com.ibm.db2.jcc.t4.ab.k(ab.java:445)
at
com.ibm.db2.jcc.t4.ab.c(ab.java:104)
at
com.ibm.db2.jcc.t4.p.b(p.java:38)
at
com.ibm.db2.jcc.t4.av.h(av.java:124)
at
com.ibm.db2.jcc.am.k3.ak(k3.java:2156)
at
com.ibm.db2.jcc.am.k3.a(k3.java:3359)
at
com.ibm.db2.jcc.am.k3.e(k3.java:1126)
at
com.ibm.db2.jcc.am.k3.execute(k3.java:1105)
at com.ibm.ws.rsadap
ter.jdbc.WSJdbcStatement.execute(WSJdbcStatement.java:445)
at
sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at s
un.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorI
mpl.java:90)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(
DelegatingMethodAccessorImpl.java:55)
at
java.lang.reflect.Method.invoke(Method.java:508) at ilog.rules.t
eamserver.transaction.logger.IlrStatementInvocationHandler.execu
teStatement(IlrStatementInvocationHandler.java:59)
at ilog.rules
.teamserver.transaction.logger.IlrStatementInvocationHandler.inv
oke(IlrStatementInvocationHandler.java:39)
at
com.sun.proxy.$Proxy183.execute(Unknown Source)
at ilog.rules.te
amserver.ejb.service.dao.IlrElementDAOJDBC.acquireDatabaseLockEn
try(IlrElementDAOJDBC.java:914)
at ilog.rules.teamserver.ejb.ser
vice.dao.IlrElementDAOJDBC.databaseLockEntry(IlrElementDAOJDBC.j
ava:897)
at ilog.rules.teamserver.ejb.service.IlrSessionFacadeIm
pl.databaseLockEntry(IlrSessionFacadeImpl.java:9520)
at
sun.reflect.GeneratedMethodAccessor713.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMet
hodAccessorImpl.java:55)
at
java.lang.reflect.Method.invoke(Method.java:508)
at ilog.rules.t
eamserver.transaction.IlrTransactionalInvocationHandler.invoke(I
lrTransactionalInvocationHandler.java:74)
at
com.sun.proxy.$Proxy152.databaseLockEntry(Unknown
Source)


This problem is seen with DB2 on Z in particular

Local fix

  • In some circumstances it should be possible to give the user
DCUSER owning the schema the right to create a table.

CREATE
ROLE DBA
GRANT DBADM, CREATE_NOT_FENCED, LOAD,
CREATE_EXTERNAL_ROUTINE ON DATABASE TO ROLE DBA
GRANT ROLE DBA
TO USER DCUSER
GRANT DBADM,ACCESSCTRL,DATAACCESS ON DATABASE TO
USER DCUSER
GRANT CREATETAB,CONNECT,IMPLICIT_SCHEMA ON DATABASE
TO USER DCUSER

This does not apply to DB2 on Z

Problem summary

  • ****************************************************************
* USERS AFFECTED:                                              *
* Decision Center administrators implementing ldap             *
* synchronization.                                             *
****************************************************************
* PROBLEM DESCRIPTION:                                         *
* Database not properly locked when synchronizing if db user   *
* does not have rights on table creation.                      *
****************************************************************
* RECOMMENDATION:                                              *
****************************************************************

Problem conclusion

  • The code was fixed.

Temporary fix

  • 



Comments


    

  • 



APAR Information




    

  • APAR number
    RS03550
    • 

  • Reported component name
    WS DECISION CTR
    • 

  • Reported component ID
    5725B6900
    • 

  • Reported release
    892
    • 

  • Status
    CLOSED  PER
    • 

  • PE
    NoPE
    • 

  • HIPER
    NoHIPER
    • 

  • Special Attention
    NoSpecatt / Xsystem
    • 

  • Submitted date
    2020-01-15
    • 

  • Closed date
    2020-01-30
    • 

  • Last modified date
    2020-01-30
    • 





    

  • APAR is sysrouted FROM one or more of the following:
    

    • 

  • APAR is sysrouted TO one or more of the following:
    

    • 



Fix information


    

  • Fixed component name
    WS DECISION CTR
    • 

  • Fixed component ID
    5725B6900
    • 



Applicable component levels


    

  • R892  PSY
       UP
    • 








      
              
                            

              

              [{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSQP76","label":"IBM Operational Decision Manager"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"892","Line of Business":{"code":"LOB45","label":"Automation"}}]
              

                          

          
 
        

      

    

      

        

          

            
Document Information


            

            


                        

            Modified date:
            

            03 November 2021
            

            
                      

        


        

        


      

    

  



    

  

  
    
            

          
Page Feedback