0

I am new to LDAP and Unbound ID SDK for Java and I have a problem with adding user roles from my application to my LDAP server (the roles are grouped in ou=roles,dc=test,dc=com and as part of the ou=roles subtree, each role should be an entry of type groupOfUniqueMembers).

However I encounterd the following problem:

ERROR ldap.service.LDAPService - LDAPException(resultCode=21 (invalid attribute syntax), errorMessage='uniqueMember: value #0 invalid per syntax', diagnosticMessage='uniqueMember: value #0 invalid per syntax')

The way I construct my AddRequest is as follows:

String[] ldifLines = {
 "dn: ou=roles,dc=test,dc=com",
 "objectClass: groupOfUniqueNames",
 "uniqueMember: uid=test.user",  // initialMember
 "cn: Admin"
};
AddRequest request = new AddRequest(ldifLines);
connection.add(request);        // <- this line throws the exception

P.S. connection is a LDAPConnection object ,that is properly connecting to my ldap server since SearchRequests and DeleteRequests execute fine, so the problem doesn't seem to be there (It could be the way my server is configured though !).

The server uses LDAP version 3.

If the information I provided is not sufficient, please point me to what more I should include.

Thanks in advance

Nash
  • 1
  • 1
  • 2
  • I think value of uniqueMember is invalid – M2E67 Jun 12 '17 at 12:58
  • Yeah, it seems logical following the exception message, however, when I add the entry manually through Apache Directory Studio the value is accepted. – Nash Jun 12 '17 at 13:10
  • My first thought would be that the value should be an array with the first entry as the user dn, as uniqueMember will certainly contains multiple users ;) – Esteban Jun 12 '17 at 13:12
  • Try to test other value to be sure that problem is value of uniqueMember. – M2E67 Jun 12 '17 at 13:15
  • I tried values: uid=test.user, test.user, test, but the same exception is thrown. – Nash Jun 12 '17 at 13:41

1 Answers1

0

You cannot add an objectClass of groupOfUniqueNames to an OU which is already an objectClass of organizationalUnit

You should try an LDIF like : 

String[] ldifLines = {
 "dn: cn=Admin,ou=roles,dc=test,dc=com",
 "objectClass: groupOfUniqueNames",
 "uniqueMember: uid=test.user",  // initialMember
 "cn: Admin"
};
Esteban
  • 1,752
  • 1
  • 8
  • 17