-
Title
"Unescaped trailing ' ' character" error when synchronizing LDAP objects -
Description
LDAP objects with Distinguished Name (DN) containing trailing spaces are not getting imported during synchronization.
Error messages in SynchronizationEditor.log:
ERROR (VI.FormBase.ExceptionMgr ) : Unescaped trailing ' ' character. VI.Base.ViException: Unescaped trailing ' ' character.
at VI.TargetSystem.Base.Utils.LDAP.RDNPartValue.ParseStringValue(String strVal)
at VI.TargetSystem.Base.Utils.LDAP.RDNPart.Parse(String rdnPart, LDAPCompatibilityLevel compat)
at VI.TargetSystem.Base.Utils.LDAP.RDN.Parse(String rdnString, LDAPCompatibilityLevel compat)
at VI.TargetSystem.Base.Utils.LDAP.DN.Parse(String dn, LDAPCompatibilityLevel compat) -
Cause
This is not a schema parser error. External LDAP systems created the DN with a Relative Distinguished Name (RDN) containing an unescaped space like:CN=xxx ,OU=xxx,DC=xxx,DC=xxx.
-
Resolution
1. Search for LDAP objects with a space somewhere in the DN:
(|(CN=*\20*)(OU=*\20*)(ID=*\20*)(UserID=*\20*)(Name=*\20*))2. Remove the trailing space in the LDAP objects' DN before importing into Identity Manager.