Environment
Novell Identity Manager
Situation
During a modify operation to eDirectory a -608 is seen in the
trace. This happens when trying to write an attribute to an
object in eDirectory.
Resolution
eDirectory's -608 means that the attribute being written to the
object is illegal per that object's schema. In iMonitor the
error is viewable as the following: -608 FFFFFDA0 ILLEGAL
ATTRIBUTE
The following URL provides more information on the eDirectory error itself:
https://dnsOrIPAddressOfServer:8030/nds/error?error=FFFFFDA0
The port number 8030 is the default for an HTTPS connection on *nix platforms. For NetWare this is port 8009 and for windows it is 8010. This is also a configurable port so check your own server for the correct port.
The explanation from this page contains the following:
An attempt was made to add an attribute to an eDirectory object that is not listed as an optional or a mandatory attribute within the expanded eDirectory schema class definition of the object's base class.
The following URL provides more information on the eDirectory error itself:
https://dnsOrIPAddressOfServer:8030/nds/error?error=FFFFFDA0
The port number 8030 is the default for an HTTPS connection on *nix platforms. For NetWare this is port 8009 and for windows it is 8010. This is also a configurable port so check your own server for the correct port.
The explanation from this page contains the following:
An attempt was made to add an attribute to an eDirectory object that is not listed as an optional or a mandatory attribute within the expanded eDirectory schema class definition of the object's base class.
The only attributes that are supported for an eDirectory object are listed within the expanded eDirectory schema class definition of the object's base class.
The change sent from Identity Manager to eDirectory was invalid in some way per that object's schema. This can happen when schema is not extended properly or when a prerequisite auxiliary class was not added to the object to give access to the attributes being written. For example if attribute 'test0' was being written but this attribute was not part of the User class (it is not by default) a -608 would be an appropriate error message. If this attribute was part of the 'test0AuxClass' class as either an optional or a mandatory attribute adding this at the same time as the 'test0' attribute would work without returning a -608. The attribute must either be added at the same time or after the aux class allowing it to be added to an object. In any case Identity Manager will not be able to add any attributes that are not allowed by the schema until appropriate actions are taken.