Group Member Adding Issue using Mail attribute

Tagged: ,

This topic has 4 replies, 3 voices, and was last updated 6 years, 1 month ago by Firos.

  • Author
    Posts
  • #11774
     Firos
    Participant

    I can add “uid=tester_1,ou=People,dc=ds,dc=test,dc=com” as uniquwMember value
    but
    I cannot add “[email protected],ou=People,dc=ds,dc=test,dc=com” as uniquwMember value

    “Authentication Naming Attribute” is set as “mail” in OpenAM
    “LDAP Users Search Attribute” is set as “mail” in OpenAM

    So when i create user using OpenAM api it lists in OpenDJ using “mail” attribute, and i can login using mailId.
    But when i tried to add that user to a group it doesn’t allows.

    How to resolve?

    #11777
     JnRouvignac
    Participant

    Which version of OpenDJ are you running?

    Which exact commands are you running from the shell?

    > I cannot add “[email protected],ou=People,dc=ds,dc=test,dc=com” as uniquwMember value

    I suppose OpenDJ gives you an error message.
    What is the error message?

    #11797
     Firos
    Participant

    I am using OpenDJ 3

    Not using command, while trying to add from OpenAM or using Apache directory studio

    Error I got is:

    mail=user1,ou=People,dc=test,dc=prime,dc=ds,dc=test,dc=com
    Error while executing LDIF
    – [LDAP: error code 21 – When attempting to modify entry cn=health-care,ou=groups,dc=test,dc=prime,dc=ds,dc=test,dc=com to add one or more values for attribute uniqueMember, value “mail=user1,ou=People,dc=test,dc=prime,dc=ds,dc=test,dc=com” was found to be invalid according to the associated syntax: The provided value “mail=user1,ou=People,dc=test,dc=prime,dc=ds,dc=test,dc=com” could not be parsed as a valid name and optional UID value because an error occurred while trying to parse the DN portion: The DN “mail=user1,ou=People,dc=test,dc=prime,dc=ds,dc=test,dc=com” could not be parsed due to the following reason: No attribute type with name or OID “mail” exists in the schema]
    java.lang.Exception: [LDAP: error code 21 – When attempting to modify entry cn=health-care,ou=groups,dc=test,dc=prime,dc=ds,dc=test,dc=com to add one or more values for attribute uniqueMember, value “mail=user1,ou=People,dc=test,dc=prime,dc=ds,dc=test,dc=com” was found to be invalid according to the associated syntax: The provided value “mail=user1,ou=People,dc=test,dc=prime,dc=ds,dc=test,dc=com” could not be parsed as a valid name and optional UID value because an error occurred while trying to parse the DN portion: The DN “mail=user1,ou=People,dc=test,dc=prime,dc=ds,dc=test,dc=com” could not be parsed due to the following reason: No attribute type with name or OID “mail” exists in the schema]
    at org.apache.directory.studio.connection.core.io.api.DirectoryApiConnectionWrapper.checkResponse(DirectoryApiConnectionWrapper.java:1276)
    at org.apache.directory.studio.connection.core.io.api.DirectoryApiConnectionWrapper.access$9(DirectoryApiConnectionWrapper.java:1244)
    at org.apache.directory.studio.connection.core.io.api.DirectoryApiConnectionWrapper$4.run(DirectoryApiConnectionWrapper.java:724)
    at org.apache.directory.studio.connection.core.io.api.DirectoryApiConnectionWrapper.runAndMonitor(DirectoryApiConnectionWrapper.java:1171)
    at org.apache.directory.studio.connection.core.io.api.DirectoryApiConnectionWrapper.checkConnectionAndRunAndMonitor(DirectoryApiConnectionWrapper.java:1107)
    at org.apache.directory.studio.connection.core.io.api.DirectoryApiConnectionWrapper.modifyEntry(DirectoryApiConnectionWrapper.java:746)
    at org.apache.directory.studio.ldapbrowser.core.jobs.ImportLdifRunnable.importLdifRecord(ImportLdifRunnable.java:515)
    at org.apache.directory.studio.ldapbrowser.core.jobs.ImportLdifRunnable.importLdif(ImportLdifRunnable.java:272)
    at org.apache.directory.studio.ldapbrowser.core.jobs.ExecuteLdifRunnable.executeLdif(ExecuteLdifRunnable.java:157)
    at org.apache.directory.studio.ldapbrowser.core.jobs.ExecuteLdifRunnable.run(ExecuteLdifRunnable.java:123)
    at org.apache.directory.studio.ldapbrowser.core.jobs.UpdateEntryRunnable.run(UpdateEntryRunnable.java:59)
    at org.apache.directory.studio.connection.ui.RunnableContextRunner$1.run(RunnableContextRunner.java:116)
    at org.eclipse.jface.operation.ModalContext$ModalContextThread.run(ModalContext.java:122)

    [LDAP: error code 21 – When attempting to modify entry cn=health-care,ou=groups,dc=test,dc=prime,dc=ds,dc=test,dc=com to add one or more values for attribute uniqueMember, value “mail=user1,ou=People,dc=test,dc=prime,dc=ds,dc=test,dc=com” was found to be invalid according to the associated syntax: The provided value “mail=user1,ou=People,dc=test,dc=prime,dc=ds,dc=test,dc=com” could not be parsed as a valid name and optional UID value because an error occurred while trying to parse the DN portion: The DN “mail=user1,ou=People,dc=test,dc=prime,dc=ds,dc=test,dc=com” could not be parsed due to the following reason: No attribute type with name or OID “mail” exists in the schema]

    #11809
     Ludo
    Moderator

    The mail attribute has a specific syntax and expect the value to be a valid email address: [email protected]
    user1 is not a valid email address.

    This said, you may have hit an issue with OpenDJ 3.0 and the use of specific attributes in DNs (https://bugster.forgerock.org/jira/browse/OPENDJ-2738).
    This issue has been resolved in the master branch, and you can verify it with one of the recent nightly builds.

    #11816
     Firos
    Participant

    Ludo,

    I have checked with correct mail address, even though the issue exists.

    As you mentioned it might be a bug and i believe new build may resolve the issue

Viewing 5 posts - 1 through 5 (of 5 total)

You must be logged in to reply to this topic.

©2022 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?