LDAP-Error in Identity Server 4.6 when using user registration with "Ask password from user"

StackOverflow https://stackoverflow.com/questions/23283543

Question


I wanted to try the password-notification feature of the IS 4.6 but it throwing an exception.
I followed those links:
https://docs.wso2.org/display/IS460/Recover+with+Notification http://cgchamath.blogspot.mx/2013/12/wso2-identity-server-user-creation-with.html
This is the error I am getting
enter image description here

Here is the Stacktrace

Caused by: org.wso2.carbon.identity.base.IdentityException: Error while persisting identity user data in to user store at org.wso2.carbon.identity.mgt.store.UserStoreBasedIdentityDataStore.store(UserStoreBasedIdentityDataStore.java:81) at org.wso2.carbon.identity.mgt.IdentityMgtEventListener.doPostAddUser(IdentityMgtEventListener.java:420) ... 124 more Caused by: org.wso2.carbon.user.core.UserStoreException: One or more attributes you are trying to add/update are not supported by underlying LDAP. at org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager.doSetUserClaimValues(ReadWriteLDAPUserStoreManager.java:874) at org.wso2.carbon.identity.mgt.store.UserStoreBasedIdentityDataStore.store(UserStoreBasedIdentityDataStore.java:73) ... 125 more Caused by: javax.naming.directory.NoSuchAttributeException: [LDAP: error code 16 - NO_SUCH_ATTRIBUTE: failed for Modify Request Object : 'uid=testUser,ou=Users,dc=wso2,dc=org' Modification[0] Operation : replace Modification http://wso2.org/claims/identity/passwordTimestamp: 1398394865706 Modification1 Operation : replace Modification initials: false : ERR_04269 ATTRIBUTE_TYPE for OID http://wso2.org/claims/identity/passwordtimestamp does not exist!]; remaining name 'uid=testUser' at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3108) at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3033) at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2840) at com.sun.jndi.ldap.LdapCtx.c_modifyAttributes(LdapCtx.java:1411) at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_modifyAttributes(ComponentDirContext.java:253) at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.modifyAttributes(PartialCompositeDirContext.java:165) at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.modifyAttributes(PartialCompositeDirContext.java:154) at org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager.doSetUserClaimValues(ReadWriteLDAPUserStoreManager.java:859) ... 126 more

I can imagine that the application is generating a timestamp for the expiration of the password and tries to save in a field in the LDAP which is mapped by the combination: http://wso2.org/claims/identity/passwordtimestamp -> nickName
This mapping is wrong obviously. How can I force an adequate mapping so the process is saving the user in the right way (and hopefully sending the email after that ...)?

Thanks in advance.

Was it helpful?

Solution

First problem on this way solved: I had to re-add the claim of the password time stamp, but with the correct uri: http://wso2.org/claims/identity/passwordTimestamp

Also helpful was: https://wso2.org/jira/browse/IDENTITY-1200

The LDAP-error is fixed, but still it is not sending the email. But that is another issue

Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
scroll top