Identity Manager Application - InternalError during login to IDMApps

  • 7022700
  • 01-Mar-2018
  • 01-Mar-2018


Identity Manager 4.5
Identity Manager 4.6


When trying to login into IDMApps the following error is shown in the browser:

<?xml version="1.0" encoding="UTF-8" standalone="true"?>


Give Identity Vault Administrator [write] rights to oidpInstanceData on all user objects.


The customer had installed and customized IDMApps so that it would be using an limited Identity Vault Administrator, which only had normal browse rights in the tree, this caused the following error:

OSP log:

Preamble: [OIDP]
Priority Level: FINER
Java: internal.osp.oidp.service.source.ldap.LDAPSource.setAttributes() [976] thread=https-jsse-nio-8143-exec-3
Time: 2018-02-07T10:08:56.507+0100
Elapsed time: 3.477 milliseconds
Log Data: Modify attributes:
   DN: cn=userA,ou=users,o=data
   Attributes: oidpInstanceData
   Get next available admin connection:
      Get admin connection from pool:
         Pool: yyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy
         Reserve connection:
            Type: ADMIN_CONNECTION
            Wait filled from existing admin connection: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
         Obtained existing connection: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
      Error while modifying an LDAP object:
[LDAP: error code 50 - NDS error: no access (-672)]
            com.sun.jndi.ldap.LdapCtx: mapErrorCode: 3,144
   Put connection:
      Connection: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
      No pending reservation, check in connection: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx


2051229440 LDAP: [2018/02/07 12:26:45.258] ( modify: dn (cn=userA,ou=users,o=data)
2051229440 LDAP: [2018/02/07 12:26:45.258] ( modifications:
2051229440 LDAP: [2018/02/07 12:26:45.258] (   replace: oidpInstanceData
2051229440 LDAP: [2018/02/07 12:26:45.259] ( DDCModifyEntry failed, err = no access (-672)