SAP Knowledge Base Article - Preview

1788653 - javax.naming.OperationNotSupportedException: LDAP: error code 53(WILL_NOT_PERFORM)

Symptom

  • The User Management Engine (UME) is configured to use Active Directory as an LDAP datasource. See LDAP Directory as Data Source for more details.
  • The UME is configured to use a datasource XML file that allows writable access to the Active Directory e.g. dataSourceConfiguration_ads_writeable_db.xml, dataSourceConfiguration_ads_deep_writeable_db.xml etc.
  • There is an SSL connection between the UME and Active Directory. This is a requirement in order to allow the creation of Active Directory users and password resets using the User Administration UIs. See note 673824 for more details.
  • The user used by the UME to connect to the Active Directory i.e. the user specified as the value of UME property ume.ldap.access.user, has sufficient permissions at Active Directory level to allow users to be created in the Active Directory using the User Administration UIs of the AS Java.
  • An attempt to create a user via the User Administration Identity Management console fails with error message:

LDAP_ERROR_53_.png

  • In the server traces an error such as the following can be found:

Naming exception when trying to create principal USER.CORP_LDAP.ldapuser14

[EXCEPTION]
javax.naming.OperationNotSupportedException: [LDAP: error code 53 - 0000052D: SvcErr: DSID-031A0FC0, problem 5003 (WILL_NOT_PERFORM), data 0
]; remaining name 'cn=ldapuser14'
at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3114)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2987)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2794)
at com.sun.jndi.ldap.LdapCtx.c_createSubcontext(LdapCtx.java:788)
at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_createSubcontext(ComponentDirContext.java:319)
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.createSubcontext(PartialCompositeDirContext.java:248)
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.createSubcontext(PartialCompositeDirContext.java:236)
at javax.naming.directory.InitialDirContext.createSubcontext(InitialDirContext.java:178)
at javax.naming.directory.InitialDirContext.createSubcontext(InitialDirContext.java:178)
at com.sap.security.core.persistence.datasource.imp.LDAPPersistence.createUserAndAccount(LDAPPersistence.java:3696)


Read more...

Environment

Netweaver AS Java all releases with Active Directory as UME datasource.

Product

SAP NetWeaver 2004 ; SAP NetWeaver 7.0 ; SAP NetWeaver 7.3 ; SAP NetWeaver 7.4 ; SAP enhancement package 1 for SAP NetWeaver 7.0 ; SAP enhancement package 1 for SAP NetWeaver 7.3 ; SAP enhancement package 2 for SAP NetWeaver 7.0 ; SAP enhancement package 3 for SAP NetWeaver 7.0

Keywords

User Management Engine UME Active Directory LDAP datasource LDAP: error code 5003 WILL_NOT_PERFORM OperationNotSupportedException , KBA , BC-JAS-SEC-UME , User Management Engine , How To

About this page

This is a preview of a SAP Knowledge Base Article. Click more to access the full version on SAP for Me (Login required).

Search for additional results

Visit SAP Support Portal's SAP Notes and KBA Search.