Hello,
We are unable to do a search based on root node after successful LDAP integration but if we add a particular OU within the base entry then we are able to search the users for that specific OU. Specifying a specific OU is not the right solution as we have different OU for North America, Europe,
Latin America etc. regions. We need to specify the root node so that it will search for all the users in different region. We are getting the below operation failed error when we don't specify OU in the base entry.
Message no. LDAPRC001
This is an error message that is triggered by the directory server.
It is not possible to analyze the error in the SAP system.
Check the log files for the directory server (if they exist), to see if they
contain more information.
Please let us know if you guys have faced this situation and what was the resolution.
Thanks,
Gautam.
Gautam,
We got that error message at one point. I think we had several things wrong in our configuration; we have an LDAP forest of 3 LDAPs plus another LDAP that is not part of the forest. It took us a bit of trial and error, but we finally have all 4 of them retrieving user details.
Be sure you have the host name right, the port right, and that all the connector groups are listed under:
SPRO > GRC >Access Control >Maintain Mappings for Actions and Connector Groups
Gretchen
Hi Gautam,
As mentioned in the SAP Note 511141, the error you're facing means:
LDAPRC 001 (Operation is aborted):
"This message indicates that the directory could not process the request
for internal reasons, but cannot send a more detailed error message.
This error message does not mean that the SAP System sent incorrect
data."
In other words, the LDAPRC001 means that the error message was provided
by the directory side, but not an specific error message that could be
interpreted by the SAP. In this case you have to look at
your directory services.
Then, in order to find more information, you should contact the vendor
of your directory server as they can better assist.
Additionally,please review note 934177 which contains some useful information relating to your issue.
Best Regards,
Nandita
Hello !
Facing the same issue here. Not able provision AD groups to user through GRC 10.1 SP 11 .
So did it finally worked for you guys?
Can you please let me know the steps under taken..
I did used port - 368, but still showing me as -
Message No. LDAPRC053
Thanks !
Akshat
Add a comment