eDirectory 8.7.3 LDAP trace shows error 34 (0x22) - Illegal ndsname.

  • 3796793
  • 10-Jan-2007
  • 06-Jun-2012

Environment

Novell eDirectory 8.7.3 for All Platforms
Novell iManager 2.02

Situation

eDirectory 8.7.3 LDAP trace shows error 34 (0x22) - Illegal ndsname.
Attempts to login to iManager fail.

Resolution

Correct the base in the search and the search should be successful. If the object simply does not exist then a -601 would be returned.

If this is being seen from an iManager 2.02 installation the check in Configure - iManager Configuration - Portal - Properties and make sure the correct syntax is specified in the Portal containers field.

Additional Information

Sample log:

LDAP: [2005/01/24 16:16:40] Search request:
base: "headquarters"
scope:1 dereference:0 sizelimit:0 timelimit:0 attrsonly:0
filter: "(name=user1)"
attribute: "1.1"
LDAP: [2005/01/24 16:16:40] Illegal ndsname "headquarters" in ldap2uNDSDN, err = 34 (0x22)
LDAP: [2005/01/24 16:16:40] ldap2uNDSDN ldapDN = "headquarters" - error 34 (0x22)
LDAP: [2005/01/24 16:16:40] nds_back_search: ldap2uNDSDN failed with err 34 (0x22)

In this log we can see the problem in bold. A base search is specified but there is no qualifier to indicate what type of object"headquarters" is. The LDAP RFC states there can be no default assumption if the qualifier is not specified. If the base search is from an ou then the correct base would be ou=headquarters, o=novell.

Formerly known as TID# 10096373
Formerly known as TID# NOVL100760