Forum Stats

  • 3,768,292 Users
  • 2,252,772 Discussions
  • 7,874,519 Comments

Discussions

LDAP: error code 34 on EPM 11.1.1.2

776129
776129 Member Posts: 26
edited Jun 13, 2011 12:47PM in EPM System Infrastructure
Hi,

I am facing a problem on my Devlopment environment where HFM and FDM are installed. I have configured MSAD users in the shared services. Any MSAD user is not able to login to the FDM or HFM applications, the login process keeps on going for ever. The users in the native directory are having no problem, they are able to use application very well. I have reconfigured the MSAD but no improvement.

On the production server the same architecture if followed and same MSAD is configured and there is no such problem on this server. There is an error generated in the SharedServices_Security.log logfile on devlopment server.

2011-05-27 19:33:39,388 WARN [Thread-13] com.hyperion.css.spi.impl.msad.MSADCacheUpdater.createCSSNodeInfo(Unknown Source) -- Exception occurred while retrieving attributes[Root Cause: CN=Terminal Server Computers
CNF:4157ec57-d59f-4059-bf26-84584d23e0aa,CN=Users: [LDAP: error code 34 - 0000208F: NameErr: DSID-031001D1, problem 2006 (BAD_NAME), data 8349, best match of:
'CN=Terminal Server Computers
CNF:4157ec57-d59f-4059-bf26-84584d23e0aa,CN=Users,DC=norvay,DC=com'
] ]


2011-05-27 19:43:02,899 WARN [Thread-13] com.hyperion.css.spi.impl.msad.MSADCacheUpdater.updateUserCache(Unknown Source) -- Ignoring NamingException. Error getting User for User Cache[Root Cause: [LDAP: error code 10 - 0000202B: RefErr: DSID-031006BB, data 0, 1 access points
ref 1: 'wsm.norvay.com'
] ]

Answers

  • D_EPM
    D_EPM Member Posts: 81
    for FDm, you also needs to configure users from FDM.
    Login to FDM using the SS admin user and grant access to user from User management console.
    It is suggested that FDM access is granted by user ratehr than by group in SS.
  • D_EPM
    D_EPM Member Posts: 81
    If you have assigned any groups to be used for HFM during configuration, please add all the users to that group in SS.
  • 776129
    776129 Member Posts: 26
    Thanks for the Reply Rao,

    I have already done these steps, my login process keep on going it does not throw any error, in the backend
    only a error is generated in the Sharedservices_security.log file.

    There is another log that has been generated now is

    WARN [Thread-13] com.hyperion.css.spi.impl.msad.MSADCacheUpdater.resolveCircularDependency(Unknown Source) -- MSAD 'MSAD': There is a circular dependency in the group hierarchy path [msad://OBJECTGUID=\4f\df\cb\46\0f\70\87\43\9d\42\eb\9c\de\b4\74\be?GROUP, msad://OBJECTGUID=\15\09\e5\e0\47\70\55\45\9e\d0\e7\3c\db\98\83\bf?GROUP, msad://OBJECTGUID=\88\6f\6a\a2\04\7d\34\44\a1\8c\81\ed\98\0f\74\cf?GROUP] with group msad://OBJECTGUID=\4f\df\cb\46\0f\70\87\43\9d\42\eb\9c\de\b4\74\be?GROUP
  • D_EPM
    D_EPM Member Posts: 81
    Can you take of all the provisioning and try to login with admin user and see if u can login
  • 776129
    776129 Member Posts: 26
    I am able to login both HFM and FDM by any user in the Native Directory including admin, the problem is only with
    MSAD users, i have reconfigured my MSAD directory, the test is also successful but not able to login to the Applications with any of the MSAD users.
  • D_EPM
    D_EPM Member Posts: 81
    FDM

    The user must be provisioned for FDM in Shared Services and also must be added to the FDM Applications User Maintenance Menu with location security applied to successfully login to the application.
    If the user who is attempting to login to FDM is only provisioned in Shared Services and has not been added to the User Maintenance Menu in the FDM application, the login process would be unable to locate the users location security to set the POV and could not connect.

    HFM

    Are you using any Admin Group in Shared Services to provision users with HFM access?. If yes, please add users to that group after reconfiguring the MSAD.

    Please let me know if this helps.

    Thanks
    Dinesh
  • D_EPM
    D_EPM Member Posts: 81
    Aravind,

    Seems like i have re posted my same comments as earlier, This is what i can think of right now. Might not be much helpful.
This discussion has been closed.