0

Im trying to create the tenant though wso2 console. while creating I m getting bellow error on console. " error Failed to add tenant config. tenant-domain: , tenant-admin: "

in server logs, I am getting below error.

ERROR {org.wso2.carbon.tenant.mgt.core.TenantPersistor} - Error in adding tenant with domain: hit.com org.wso2.carbon.user.core.UserStoreException: Error occurred while searching in root partition for organization :<domain Name>

[LDAP: error code 32 - The entry dc=wso2,dc=org specified as the search base does not exist in the Directory Server]; remaining name 'dc=wso2,dc=org'

 ERROR {org.apache.axis2.rpc.receivers.RPCMessageReceiver} - Exception occurred while trying to invoke service method addTenant java.lang.reflect.InvocationTargetException

ERROR {org.wso2.carbon.tenant.mgt.ui.utils.TenantMgtUtil} - Failed to add tenant config. tenant-domain: hit.com, tenant-admin: admin@hit.com. org.apache.axis2.AxisFault: Exception occurred while trying to invoke service method addTenant

note: we are using Ldap openDj

Sajith
  • 1,240
  • 8
  • 15
Pooja
  • 15
  • 6
  • Can you share the deployment.toml – Sajith May 19 '23 at 05:06
  • HI @Sajith I am unable to share the deployment.toml content here. Is there any option to share ? – Pooja May 19 '23 at 07:26
  • As per the error said `[LDAP: error code 32 - The entry dc=wso2,dc=org specified as the search base does not exist in the Directory Server]; remaining name 'dc=wso2,dc=org'` can you confirm whether you have a directory path as such in you LDAP. otherwise configure the search base accordingly – Anuradha Karunarathna May 19 '23 at 16:31
  • [user_store] type = "read_write_ldap_unique_id" base_dn = "dc=unext,dc=com"            connection_url = "ldap://connection_link:389" connection_name = "cn=admin" connection_password = "password" user_entry_object_class = "identityPerson" user_search_base = "ou=users,dc=unext,dc=com" user_name_attribute = "mail" user_name_search_filter = "(&(objectClass=person)(mail=?))" user_name_list_filter = "(&(objectClass=person)(!(sn=Service)))" user_id_list_filter = "(&(objectClass=person)(scimId=?))" group_search_base = "dc=unext,dc=com" – Pooja May 22 '23 at 07:41

1 Answers1

1

When a tenant is created on WSO2 products, a new sub organization unit (OU) is created if the primary userstore is an LDAP/AD. In that case, it refers to the following configuration to create the sub OU.

[tenant_manager.ldap.properties]
RootPartition = "dc=wso2,dc=org"

Above sample config has the default value which is included in your error message as well, The entry dc=wso2,dc=org specified as the search base does not exist in the Directory Server

You can specify the root of your LDAP (eg: dc=unext,dc=com) for this configuration in order to solve this issue.

References:

Adding a formatted copy of userstore configurations shared in comments for others' reference.

[user_store] 
type = "read_write_ldap_unique_id" 
base_dn = "dc=unext,dc=com" 
connection_url = "ldap://connection_link:389" 
connection_name = "cn=admin" 
connection_password = "password" 
user_entry_object_class = "identityPerson" 
user_search_base = "ou=users,dc=unext,dc=com" 
user_name_attribute = "mail" 
user_name_search_filter = "(&amp;(objectClass=person)(mail=?))" 
user_name_list_filter = "(&amp;(objectClass=person)(!(sn=Service)))" 
user_id_list_filter = "(&amp;(objectClass=person)(scimId=?))" 
group_search_base = "dc=unext,dc=com"
Sajith
  • 1,240
  • 8
  • 15
  • Thank you @Sajith. Added [tenant_manager.ldap.properties]. I am able to create the tenant now. But unable to login with the admin credentials of newly created tenant – Pooja May 26 '23 at 09:09