Protocol Error During LDAP Synchronization Project (One Identity Version 9.2.1)

Issue Description:

I am encountering a protocol error during my LDAP synchronization project. Here are the details:

Error Message:

(2025-04-17 12:55:23.240) [1777018] Error running synchronization project (LDAP domain 'dc=XXX,dc=at( 10.1.3.9 )' (Generic))'s workflow (Provisioning).
[1777124] Error running synchronization step (InetOrgPerson) of synchronization configuration (Provisioning (Provisioning)).
[1777004] Method (Delete (Delete)) could not be run successfully.
[VI.Projector.LDAP.Driver.LdapRequestException] A protocol error occurred.
[System.DirectoryServices.Protocols.DirectoryOperationException] A protocol error occurred.

Steps Taken:

  • Checked LDAP configuration.
  • Updated LDAP filters.
  • Checked network connectivity.
  • Consulted documentation.

Jobqueue Info:

Job chain Name: LDP_Account_Delete

Request: I am looking for guidance on how to resolve this issue. Any insights or suggestions would be greatly appreciated.

Additional Information:

  • One Identity Manager version: 9.1.3
  • LDAP server details: PING LDAP

Problem just with the LDAP Account Deletion, Could be great if someone can suggest me an idea or solution for this 

Thanks and Regards,

Badhri

Parents
  • This is due to some LDAP systems that do not support a recursive deletion of objects - called "DeleteTree".

    If the LDAP system supports this operation then It could also be that the LDAP user that is used to execute the LDAP jobs does not have this permission.

    In these cases, the job would fail with the error message "A protocol error occurred".

    To solve this you have two options:

    Give the service account being used for the LDAP synchronization project the permission for this or in the synchronization project disable the DeleteTree option

Reply
  • This is due to some LDAP systems that do not support a recursive deletion of objects - called "DeleteTree".

    If the LDAP system supports this operation then It could also be that the LDAP user that is used to execute the LDAP jobs does not have this permission.

    In these cases, the job would fail with the error message "A protocol error occurred".

    To solve this you have two options:

    Give the service account being used for the LDAP synchronization project the permission for this or in the synchronization project disable the DeleteTree option

Children
No Data