How to fix a PartialResultException error from JNDI

  • 7011117
  • 29-Mar-2011
  • 02-Nov-2012


NetIQ Access Governance Suite


How to fix a PartialResultException error from JNDI


If an AD/LDAP aggregation shows a JVM-related exception that leads to a Sailpoint exception:

25 Mar 2011 15:13:57,697 DEBUG sailpoint.connector.LDAPConnector:109
- Throwing hasMore - javax.naming.PartialResultException
  [Root exception is javax.naming.CommunicationException:
    [Root exception is
      Operation timed out: connect:could be due to invalid address]]
25 Mar 2011 15:13:57,947 WARN sailpoint.api.Aggregator:928
- Exception during aggregation. Reason:
 java.lang.RuntimeException: java.lang.NullPointerException
java.lang.RuntimeException: java.lang.NullPointerException
at sailpoint.connector.LDAPConnector$
at org.quartz.simpl.SimpleThreadPool$
Caused by:
at com.sun.jndi.ldap.LdapNamingEnumeration.getNextBatch(
at com.sun.jndi.ldap.LdapNamingEnumeration.nextAux(
at com.sun.jndi.ldap.LdapNamingEnumeration.nextImpl(
at sailpoint.connector.LDAPConnector$
... 12 more

The "PartialResultException" occurs if the (AD) LDAP server does not dovetail with the (JS2E) JNDI enumeration logic when a resultset
ends on a partial page.Access Governance Suite provides an (XML-level) application object flag to use an alternate JVM method for this scenario.  The "debug" page's XML editor feature can add the setting to the application object:

<Application ... name="Active_Directory" ... >
      <entry key="useHasMoreElements" value="true"/>