2 Replies Latest reply: Dec 16, 2013 8:13 AM by Sylvain Duloutre-Oracle RSS

    ldap_simple_bind: No such object error

    user12058466

      Hi Expert,

      below is the configuration from proxy server:

      [root@audi-ldap-te-proxy01 bin]# ./dpconf get-ldap-data-source-prop -h 192.168.104.179 -p 1389 AudiLdap-DS-CNMNG

      Certificate "CN=audi-ldap-te-proxy01:1389" presented by the server is not trusted.

      Type "Y" to accept, "y" to accept just once, "n" to refuse, "d" for more details: Y

      Enter "cn=Proxy Manager" password:

      bind-dn                          :  none 

      bind-pwd                         :  none 

      client-cred-mode                 :  use-client-identity 

      conn-track-attribute             :  clientConnectionID 

      conn-track-base-dn               :  cn=monitor 

      conn-track-bind-dn               :   

      conn-track-bind-pwd              :   

      conn-track-enabled               :  false 

      conn-track-filter                :  (objectClass=*) 

      conn-track-scope                 :  base 

      connect-timeout                  :  50s 

      description                      :   

      down-monitoring-interval         :  inherited 

      is-enabled                       :  true 

      is-read-only                     :  false 

      ldap-address                     :  audi-ldap-te-master01 

      ldap-port                        :  1389 

      ldaps-port                       :  1636 

      monitoring-bind-dn               :  none 

      monitoring-bind-pwd              :  none 

      monitoring-bind-timeout          :  5s 

      monitoring-entry-dn              :  "" 

      monitoring-entry-timeout         :  5s 

      monitoring-inactivity-timeout    :  2m 

      monitoring-interval              :  30s 

      monitoring-mode                  :  proactive 

      monitoring-retry-count           :  3 

      monitoring-search-filter         :  (objectClass=*) 

      monitoring-search-scope          :  base 

      num-bind-incr                    :  10 

      num-bind-init                    :  2 

      num-bind-limit                   :  1024 

      num-read-incr                    :  10 

      num-read-init                    :  2 

      num-read-limit                   :  1024 

      num-write-incr                   :  10 

      num-write-init                   :  2 

      num-write-limit                  :  1024 

      proxied-auth-use-v1              :  false 

      ssl-policy                       :  client 

      use-read-connections-for-writes  :  false 

      use-tcp-keep-alive               :  true 

      use-tcp-no-delay                 :  true 

      [root@audi-ldap-te-proxy01 bin]# ./dpconf get-ldap-data-source-pool-prop  -h 192.168.104.179 -p 1389 AudiLdap-CNMNG

      Enter "cn=Proxy Manager" password:

      client-affinity-bind-dn-filters     :  any 

      client-affinity-criteria            :  connection 

      client-affinity-ip-address-filters  :  any 

      client-affinity-policy              :  write-affinity-after-write 

      client-affinity-timeout             :  20s 

      description                         :   

      enable-client-affinity              :  false 

      load-balancing-algorithm            :  proportional 

      minimum-total-weight                :  100 

      proportion                          :  100 

      sample-size                         :  100

      [root@audi-ldap-te-proxy01 bin]# ./dpconf get-ldap-data-view-prop -h 192.168.104.179 -p 1389 AudiLdap-DVCNMNG

      Enter "cn=Proxy Manager" password:

      alternate-search-base-dn                     :  "" 

      attr-name-mappings                           :  none 

      base-dn                                      :  cn=Directory Manager 

      connect-to-parent                            :  - 

      contains-shared-entries                      :  false 

      custom-distribution-algorithm                :  none 

      description                                  :   

      distribution-algorithm                       :  none 

      dn-join-rule                                 :  none 

      dn-mapping-attrs                             :  none 

      dn-mapping-source-base-dn                    :  none 

      excluded-subtrees                            :  - 

      filter-join-rule                             :  none 

      filter-primary-join-rule                     :  none 

      is-enabled                                   :  true 

      is-read-only                                 :  false 

      is-routable                                  :  true 

      ldap-data-source-pool                        :  AudiLdap-CNMNG 

      lexicographic-attrs                          :  all 

      lexicographic-lower-bound                    :  none 

      lexicographic-upper-bound                    :  none 

      non-viewable-attr                            :  none 

      non-writable-attr                            :  none 

      numeric-attrs                                :  all 

      numeric-default-data-view                    :  false 

      numeric-lower-bound                          :  none 

      numeric-upper-bound                          :  none 

      pattern-matching-base-dn-regular-expression  :  all 

      pattern-matching-base-object-search-filter   :  all 

      pattern-matching-dn-regular-expression       :  all 

      pattern-matching-one-level-search-filter     :  all 

      pattern-matching-subtree-search-filter       :  all 

      process-bind                                 :  - 

      replication-role                             :  master 

      viewable-attr                                :  all except non-viewable-attr 

      writable-attr                                :  all except non-writable-attr

      [root@audi-ldap-te-proxy01 bin]# ./dpconf get-connection-handler-prop -p 1389 AudiLdap-CHDL1

      Enter "cn=Proxy Manager" password:

      aci-source                              :  none 

      allowed-auth-methods                    :  anonymous 

      allowed-auth-methods                    :  sasl 

      allowed-auth-methods                    :  simple 

      allowed-ldap-ports                      :  ldap 

      allowed-ldap-ports                      :  ldaps 

      bind-dn-filters                         :  any 

      close-client-connection                 :  false 

      data-view-routing-custom-list           :  AudiLdap-DVCNMNG 

      data-view-routing-policy                :  custom 

      data-view-use-internal-client-identity  :  false 

      description                             :   

      domain-name-filters                     :  any 

      enable-data-view-affinity               :  false 

      group-dn-filters                        :  any 

      group-search-bind-dn                    :  any 

      group-search-bind-pwd                   :  none 

      ip-address-filters                      :  any 

      is-enabled                              :  true 

      is-ssl-mandatory                        :  false 

      priority                                :  98 

      request-filtering-policy                :  no-filtering 

      require-data-view-availability          :  true 

      resource-limits-policy                  :  no-limits 

      schema-check-enabled                    :  false 

      user-filter                             :  any

       

      [root@audi-ldap-te-proxy01 bin]# ./ldapsearch -p 1389 -D "cn=Direcotry Manager" -w AduiLdappwd -b "" "(objectclass=*)"

      ldap_simple_bind: No such object

      [root@audi-ldap-te-proxy01 bin]# ./ldapsearch -p 1389 -D "cn=Direcotry Manager" -w AduiLdappwd -b "cn=Directory Manager" "(objectclass=*)"

      ldap_simple_bind: No such object

      Could you help me what should I do?

        • 1. Re: ldap_simple_bind: No such object error
          user12058466

          here is the new status:

          when I ran ldapsearch on directory server,it returned correct information

          [root@audi-ldap-te-master01 bin]# ./ldapsearch -p 1389 -D "cn=Directory Manager" -w AudiLdappwd -b "ou=system" "(objectclass=*)",

           

          but when I run it on proxy server

          [root@audi-ldap-te-proxy01 bin]# ./ldapsearch -p 1389 -D "uid=mbb,ou=People,ou=system" -w secret -b "ou=system" "(objectclass=*)"

          ldap_simple_bind: DSA is unavailable

          ldap_simple_bind: additional info: [Original error=52] Unable to retrieve a backend BIND connection.

          [root@audi-ldap-te-proxy01 bin]# ./ldapsearch -p 1389 -D "cn=Directory Manager" -w AudiLdappwd -b "ou=system" "(objectclass=*)"

          ldap_simple_bind: DSA is unavailable

          ldap_simple_bind: additional info: [Original error=52] Unable to retrieve a backend BIND connection.

          I have created a new data view for suffix ou=system.

          • 2. Re: ldap_simple_bind: No such object error
            Sylvain Duloutre-Oracle

            Hello,

             

            The error message you get seems to indicate that the bind as cn=directory manager can be routed to a data view (probably AudiLdap-DVCNMNG according to the config provided). However there is no data source au and running associated with that data view to which the bind request can be routed.

            The cn=manager dataview is associated with data source pool AudiLdap-CNMNG.

            Does this data source pool contain any data sources ?

             

            -Sylvain