javax.naming.PartialresultException when collecting Active Directory Security Groups in RSA Identity Governance and Lifecycle

2 years ago

Originally Published: 2016-12-14

Article Number

000043020

Applies To

RSA Product Set: RSA Identity Governance and Lifecycle
RSA Version/Condition: All

Issue

An AD Account Collector is getting an error on the test group filter when the Group Base DN is set to the root of the LDAP tree (e. g., DC=sub,DC=acme,DC=com).

The error message in the UI is:

javax.naming.PartialresultException 
[Root is javax.naming.CommunicationException: DomainDnsZones.sub.acme.com:389
[Root exception is java.net.ConnectionException:Connection time Out]]

Cause

The Active Directory 'follow referrals' configure and group lookup fails when it tries a DNS lookup on the referral in the AD server root.

Resolution

Turn on the Ignore Referral option in the ADC collector by editing the collector definition, going to the Connection page (page 2), and clicking on the Ignore Referral option as shown below:

Don't see what you're looking for?

Potential Impact from Salesforce Device Activation Change

Related Articles

Trending Articles