Troubleshooting
Problem
Attempts to display the "RDS Users" view in IBM Rational Directory Administrator (RDA) for IBM Rational Directory Server (RDS) in Corporate mode results in the error: "Could not create the view: An unexpected exception was thrown.", NullPointerException.
Symptom
When you Open Rational Directory Administrator (RDA) and go to the "RDS Users" view.
The right-hand-side panel should display the RDS users of your Corporate Lightweight Directory Access Protocol (LDAP) server.
Instead, it displays the following Java errors :
Could not create the view: An unexpected exception was thrown.
java.lang.NullPointerException
at com.telelogic.tds.engine.ldap.jndi.TDSUser.getAttrIdVal(Unknown Source)
at com.telelogic.tds.ui.views.TDAUsersView.getMappedTDSUser(TDAUsersView.java:833)
...
Cause
By default, RDS uses the following Logon Attribute: CN
The Logon Attribute should always meet the following requirements:
- Be unique to the user
- It fits the properties of a username.
However, some admins have changed the Logon Attribute to samAccountName
"samAccountName" is usually perfect for that purpose because every user in AD has this attribute.
However a new feature has been introduced in RDS Tivoli 5.2 (except on AIX where the latest version is 5.1) and RDS Apache 5.1: "Local Users in Corporate Mode".
The user "tdsadmin" is present but does NOT have the attribute "samAccountName" - only UIDs for local users have it. Therefore, the Java code crashes when it tries to render the "tdsadmin" user object.
Diagnosing The Problem
The RDS administrator may choose to use any Logon Attribute he pleases, if that suits their infrastructure better.
If the LDAP searchbase is "ou=people,dc=telelogic,dc=com", for example, then samAccountName is NOT a good choice because that doesn't exist as an attribute in that tree. You need to set the searchbase to find that attribute.
Resolving The Problem
The following versions fully resolve the issue by properly displaying all users, even the ones that previously had missing fields :
- RDS Tivoli users: RDS Tivoli 5.2.0.2 iFix 2.
- RDS Apache users: RDS Apache 5.1.1 FixPack 2
- RDA 6.0
The following versions partially resolve the issue by properly creating local users without missing attributes:
- RDS Tivoli users: RDS Tivoli 5.2.0.1. (This does not apply to AIX, where the latest RDS version is 5.1.x).
- RDS Apache users: RDS Apache 5.1.1.1.
The following documents are helpful when you are trying to configure RDS to use a different searchbase:
Technote 1504722: Number of LDAP search bases used in IBM Rational Directory Server.
Technote 1324415: How do you configure an LDAP server with Rational Change.
WORKAROUND: As a work around apply the following change and see if it works:
- Change the Logon Attribute from "
samAccountName" to "CN"
When RDN is changed fromsamAccountNametoCN, RDA does not complain, asCNis an attribute present for both corporate and local user/s.
If you have followed this work around, don't forget to change back your Logon Attribute to the value that suits your Corporate LDAP administration when you apply a new release.
Note: If you still encounter the error despite the upgrade, it's very likely that you have mis-configured your Corporate LDAP at some point. So far, Rational Client Support has not come across a scenario where upgrading didn't solve the issue. Make sure that you restart RDS and/or RDA after the upgrade.
Was this topic helpful?
Document Information
More support for:
Rational Directory Server
Software version:
5.1, 5.1.0.1, 5.1.0.2, 5.1.1, 5.1.1.1, 5.2, 5.2.0.1
Operating system(s):
AIX, Linux, Solaris, Windows
Document number:
463937
Modified date:
16 June 2018
UID
swg21571753