10 Troubleshooting

This chapter provides solutions to problems you might encounter with the OID connector.

Table 10-1 Troubleshooting for the OID Connector

Problem Solution

Problem	Solution
User Sync Reconciliation initiation fails against OUD 11.1.1.5.0 with an error message. For example: Can not use cookie based sync strategy because control 1.3.6.1.4.1.26027.1.5.4 is not supported for OUD	This problem can be caused by either: You are not using OUD Release 2 or later. Upgrade to supported release of OUD, as listed in Certified Components. You did not enable the changelog. The OUD changelog is automatically enabled when enabling replication.
Multiple reconciliation events are generated during reconciliation of groups that are deleted and then created again on the target system. For example: Create two groups in the target system, create similar organizations in Oracle Identity Manager, and then run group reconciliation. The events are linked. Delete the two groups and run group delete reconciliation. The events are linked and then revoked. Create the same two groups in the target system again and run target reconciliation. Result: Four reconciliation events are created for the two groups (two reconciliation events per group). Two events are linked, and two are not linked.	This result is the expected behavior by the connector. The sync reconciliation task reads the changelog, and every record (create, update, or delete) related to the specific object class is returned from the connector.
A group provisioning operation fails when you try to provision it to a user that already has another virtual static group provisioned. The same happens during a delete provisioning operation as well.	This problem is caused because virtual static groups are not supported by default. To use the connector for dynamic or virtual static groups, you must apply the following guidelines: Ensure referential integrity in OUD is enabled. Set the value of the maintainLdapGroupMembership entry in the Lookup.LDAP.OUD.Configuration lookup definition to `false.`

User Sync Reconciliation initiation fails against OUD 11.1.1.5.0 with an error message. For example:

Can not use cookie based sync strategy because control 1.3.6.1.4.1.26027.1.5.4 is not supported for OUD

This problem can be caused by either:

You are not using OUD Release 2 or later. Upgrade to supported release of OUD, as listed in Certified Components.
You did not enable the changelog. The OUD changelog is automatically enabled when enabling replication.

Multiple reconciliation events are generated during reconciliation of groups that are deleted and then created again on the target system. For example:

Create two groups in the target system, create similar organizations in Oracle Identity Manager, and then run group reconciliation. The events are linked.
Delete the two groups and run group delete reconciliation. The events are linked and then revoked.
Create the same two groups in the target system again and run target reconciliation.

Result: Four reconciliation events are created for the two groups (two reconciliation events per group). Two events are linked, and two are not linked.

This result is the expected behavior by the connector. The sync reconciliation task reads the changelog, and every record (create, update, or delete) related to the specific object class is returned from the connector.

A group provisioning operation fails when you try to provision it to a user that already has another virtual static group provisioned. The same happens during a delete provisioning operation as well.

This problem is caused because virtual static groups are not supported by default. To use the connector for dynamic or virtual static groups, you must apply the following guidelines:

Ensure referential integrity in OUD is enabled.
Set the value of the maintainLdapGroupMembership entry in the Lookup.LDAP.OUD.Configuration lookup definition to false.