RSA Identity Management and Governance 6.9.1 P12 Active Directory Identity Data Collector (IDC) collection fails with "Unprocessed Continuation Reference"
4 years ago
Originally Published: 2016-05-24
Article Number
000050421
Applies To
RSA Product Set: RSA Identity Management and Governance
RSA Version/Condition: 6.9.1 P12
 
Issue
When doing a connection test the RSA Identity Management and Governance 6.9.1 P12 Active Directory Identity Data Collector (IDC) fails with the following result:
 
Collector test failed:
com.aveksa.server.runtime.ServerException: Test request failed with response: 
com.aveksa.server.runtime.ServerException: java.lang.RuntimeException Caused By 
Stack java.lang.RuntimeException at

The aveksaServer.log file () shows the following exception:
  
04/12/2016 11:14:57.713 ERROR (ApplyChangesRegularThread-165) [com.aveksa.client.datacollector.collectors.identitydatacollectors.readerImpl.JndiLdapConnector] 
Error occured in fetching users, Root Cause : Unprocessed Continuation Reference(s)
04/12/2016 11:14:57.713 ERROR (ApplyChangesRegularThread-165) [com.aveksa.client.datacollector.framework.DataCollectorManager] 
FAILED method=Collect CollectionMetaInfo[{ID=11, run_id=1460474097611, collector_id=41, test-run=true, collector_name=Active Directory IDC, 
data_file=/home/oracle/jboss-4.2.2.GA/server/default/./deploy/aveksa.ear/aveksa.war/WEB-INF/LocalAgent/collected_data/11.data}] 
java.lang.RuntimeException
	at com.aveksa.client.datacollector.collectors.identitydatacollectors.readerImpl.JndiLdapConnector$UserDirectoryIterator.setContextAndGetUsers(JndiLdapConnector.java:1050)


If the collection is attempted, the collection status shows the following under "Admin Errors for Run":
  
EC[31002]Context[Collector Name=Active Directory IDC, Agent Name=AveksaAgent, Data Run ID=355Reason=java.lang.RuntimeException]Message[Data collection failed on the agent]
 
 
  
 

 
Cause
This issue may occur if the User Base DN of the search is set to the root of the domain (for example, DC=2k8r2-vcloud, DC=local) and the LDAP server is set to generate LDAP referrals.  The error occurs when RSA Identify Management and Governance attempts to incorrectly interpret the referral request as an error message. 
Resolution
This issue is resolved in RSA Identity Management and Governance 6.9.1 P22 or later.  This issue does not exist in RSA Identity Governance and Lifecycle 7.0 GA version or later.
Workaround
This issue only occurs if the User Base DN is set to the root of the LDAP structure.  It may be possible to work around this issue by setting the User Base DN to an OU value that contains the user objects.  If there are multiple OU objects containing users then you must setup separate collectors for each OU. 

Related Articles

Trending Articles

Don't see what you're looking for?