Unexpected error. If this error occurs repeatedly please contact your helpdesk. { 5015 ERROR_UNKNOWN (unexpected error trying to store token in datastore: 5015 ERROR_UNKNOWN (unexpected ldap error saving token: [LDAP: error code 65 - attribute 'pwmToken' not allowed])) }
I am using LDAP as Token Storage Method. In one case, I had error. Using another using name, I can find results. Below are one failure log and one successful log.
Failure log:
Fri Apr 25 09:42:38 EDT 2014, WARN , password.pwm.servlet.TopServlet, unexpected pwm error during page generation: 5015 ERROR_UNKNOWN (unexpected error trying to store token in datastore: 5015 ERROR_UNKNOWN (unexpected ldap error saving token: [LDAP: error code 65 - attribute 'pwmToken' not allowed])) [172.17.31.125/jjjjj-win7.int.eeeeeeee.edu]
Fri Apr 25 09:42:38 EDT 2014, TRACE, null, begin id=737,op#32 method getDirectoryVendor()
Fri Apr 25 09:42:38 EDT 2014, TRACE, null, begin id=745,op#14 method getDirectoryVendor()
Fri Apr 25 09:42:38 EDT 2014, TRACE, null, finish id=745,op#14 result: "OPEN_LDAP" (0ms)
Fri Apr 25 09:42:38 EDT 2014, TRACE, null, finish id=737,op#32 result: "OPEN_LDAP" (0ms)
Fri Apr 25 09:42:38 EDT 2014, TRACE, null, begin id=737,op#33 method writeStringAttribute(cn=TNGUYEN,cn=users,dc=int,dc=eeeeeeee,dc=edu,pwmToken,[B65D8FCF1314D00E1CE9A961B9C35706-hash H4sIAAAAAAAAAAHQAC__moTcmNeDF0iw8fkehYL1a6qHd1sMWvQ3BeT975qPwXUkAPEsg2MXzt_tupgehk-oivKi-JxDFtxDMnsQ2889uKnMJhp0X11De-Ha1UqH5plSopLJ-7G4iWqP5Zcq0LMwXufYQ4J0pHBD-7vgTYdfHImIUNMxDf3NlJYugWqkoHdG_iqNCqxuQSCxS2U9NjasgVCe2MRHmF_iMWy6xXUJ9KDfI1FU-jAhQToi5GAKW2FcQ8mjFtVIG13xDPGPeuKOevefk3bIJXdjxxotm0EcROr6pVvQAAAA],true)
Fri Apr 25 09:42:38 EDT 2014, TRACE, null, begin id=745,op#15 method writeStringAttribute(cn=TNGUYEN,cn=users,dc=int,dc=eeeeeeee,dc=edu,pwmToken,[B65D8FCF1314D00E1CE9A961B9C35706-hash H4sIAAAAAAAAAAHQAC__moTcmNeDF0iw8fkehYL1a6qHd1sMWvQ3BeT975qPwXUkAPEsg2MXzt_tupgehk-oivKi-JxDFtxDMnsQ2889uKnMJhp0X11De-Ha1UqH5plSopLJ-7G4iWqP5Zcq0LMwXufYQ4J0pHBD-7vgTYdfHImIUNMxDf3NlJYugWqkoHdG_iqNCqxuQSCxS2U9NjasgVCe2MRHmF_iMWy6xXUJ9KDfI1FU-jAhQToi5GAKW2FcQ8mjFtVIG13xDPGPeuKOevefk3bIJXdjxxotm0EcROr6pVvQAAAA],true)
Fri Apr 25 09:42:38 EDT 2014, TRACE, null, finish id=745,op#13 result: {} (1ms)
Fri Apr 25 09:42:38 EDT 2014, TRACE, null, finish id=737,op#31 result: {} (1ms)
Fri Apr 25 09:42:38 EDT 2014, TRACE, null, begin id=737,op#31 method search(cn=users,dc=int,dc=eeeeeeee,dc=edu,SearchHelper: filter: (&(pwmToken=B65D8FCF1314D00E1CE9A961B9C35706-hash*)(objectClass=inetOrgPerson)), scope: SUBTREE, attributes: [])
Fri Apr 25 09:42:38 EDT 2014, TRACE, null, begin id=745,op#13 method search(cn=users,dc=int,dc=eeeeeeee,dc=edu,SearchHelper: filter: (&(pwmToken=B65D8FCF1314D00E1CE9A961B9C35706-hash*)(objectClass=inetOrgPerson)), scope: SUBTREE, attributes: [])
Fri Apr 25 09:42:38 EDT 2014, TRACE, null, finish id=745,op#12 result: null (1ms)
Fri Apr 25 09:42:38 EDT 2014, TRACE, null, finish id=737,op#30 result: null (1ms)
Fri Apr 25 09:42:38 EDT 2014, TRACE, null, begin id=737,op#30 method readStringAttribute(cn=TNGUYEN,cn=users,dc=int,dc=eeeeeeee,dc=edu,pwmLastPwdUpdate)
Fri Apr 25 09:42:38 EDT 2014, TRACE, null, begin id=745,op#12 method readStringAttribute(cn=TNGUYEN,cn=users,dc=int,dc=eeeeeeee,dc=edu,pwmLastPwdUpdate)
Fri Apr 25 09:42:38 EDT 2014, TRACE, null, finish id=745,op#11 result: "OPEN_LDAP" (2ms)
Fri Apr 25 09:42:38 EDT 2014, TRACE, null, finish id=737,op#29 result: "OPEN_LDAP" (2ms)
Fri Apr 25 09:42:38 EDT 2014, TRACE, null, finish id=745,op#10 result: {"cn=TNGUYEN,cn=users,dc=int,dc=eeeeeeee,dc=edu":{}} (1017ms)
Fri Apr 25 09:42:38 EDT 2014, TRACE, null, finish id=737,op#28 result: {"cn=TNGUYEN,cn=users,dc=int,dc=eeeeeeee,dc=edu":{}} (1018ms)
Fri Apr 25 09:42:38 EDT 2014, TRACE, null, begin id=737,op#29 method getDirectoryVendor()
Fri Apr 25 09:42:38 EDT 2014, TRACE, null, begin id=745,op#11 method getDirectoryVendor()
Fri Apr 25 09:42:38 EDT 2014, TRACE, null, bind successful as cn=pwm,cn=systems,dc=int,dc=eeeeeeee,dc=edu (14ms)
Fri Apr 25 09:42:37 EDT 2014, TRACE, null, begin id=745,op#10 method search(cn=users,dc=int,dc=eeeeeeee,dc=edu,SearchHelper: filter: (&(objectClass=person)(cn=TNGUYEN)), scope: SUBTREE, attributes: [])
Fri Apr 25 09:42:37 EDT 2014, WARN , null, unable to reach ldap server ldaps://ecldapdev.int.eeeeeeee.edu:636
Fri Apr 25 09:42:37 EDT 2014, TRACE, null, begin id=737,op#28 method search(cn=users,dc=int,dc=eeeeeeee,dc=edu,SearchHelper: filter: (&(objectClass=person)(cn=TNGUYEN)), scope: SUBTREE, attributes: [])
Fri Apr 25 09:48:44 EDT 2014, TRACE, null, finish id=737,op#51 result: {"givenName":"jjjjjjj"} (2ms)
Fri Apr 25 09:48:44 EDT 2014, TRACE, null, finish id=745,op#33 result: {"givenName":"jjjjjjj"} (1ms)
Fri Apr 25 09:48:44 EDT 2014, TRACE, null, finish id=737,op#50 result: null (1ms)
Fri Apr 25 09:48:44 EDT 2014, TRACE, null, begin id=737,op#51 method readStringAttributes(cn=jjjjj,cn=users,dc=int,dc=eeeeeeee,dc=edu,[givenName])
Fri Apr 25 09:48:44 EDT 2014, TRACE, null, begin id=745,op#33 method readStringAttributes(cn=jjjjj,cn=users,dc=int,dc=eeeeeeee,dc=edu,[givenName])
Fri Apr 25 09:48:44 EDT 2014, TRACE, null, finish id=745,op#32 result: null (1ms)
Fri Apr 25 09:48:44 EDT 2014, TRACE, null, finish id=745,op#31 result: "jj...@eeeeeeee.edu" (2ms)
Fri Apr 25 09:48:44 EDT 2014, TRACE, null, finish id=737,op#49 result: "jj...@eeeeeeee.edu" (2ms)
Fri Apr 25 09:48:44 EDT 2014, TRACE, null, begin id=737,op#50 method readStringAttribute(cn=jjjjj,cn=users,dc=int,dc=eeeeeeee,dc=edu,personalMobile)
Fri Apr 25 09:48:44 EDT 2014, TRACE, null, begin id=745,op#32 method readStringAttribute(cn=jjjjj,cn=users,dc=int,dc=eeeeeeee,dc=edu,personalMobile)
Fri Apr 25 09:48:44 EDT 2014, TRACE, null, begin id=737,op#49 method readStringAttribute(cn=jjjjj,cn=users,dc=int,dc=eeeeeeee,dc=edu,mail)
Fri Apr 25 09:48:44 EDT 2014, TRACE, null, begin id=745,op#31 method readStringAttribute(cn=jjjjj,cn=users,dc=int,dc=eeeeeeee,dc=edu,mail)
Fri Apr 25 09:48:44 EDT 2014, TRACE, null, finish id=745,op#30 result: null (2ms)
Fri Apr 25 09:48:44 EDT 2014, TRACE, null, finish id=737,op#48 result: null (2ms)
Fri Apr 25 09:48:44 EDT 2014, TRACE, null, begin id=737,op#48 method writeStringAttribute(cn=jjjjj,cn=users,dc=int,dc=eeeeeeee,dc=edu,pwmToken,[840D3E97EE865374581AA522C7400200-hash H4sIAAAAAAAAAAEAAf_-moTcmNeDF0iw8fkehYL1axVORsWtx3TuAQfKAr8UId0df5bpOJBplTWS2fAHBYbZivKi-JxDFtxDMnsQ2889uKnMJhp0X11De-Ha1UqH5plSopLJ-7G4iWqP5Zcq0LMwedw37SeEjZW7Cv_UEYmPDv1padk7nLSRXWQZSCfAAgpQfQMjb5AJaO-Dcg5Ch_9MRlDj7XOMAFXTto7pWK6nktuNs8m7L50YQnLnd07xEPAG93w48eL5tHK-HYNBj0cxGMpOxUT5rxBDxpK8uhDDYCjA7yQX2RbOGq2Idc7q5_Eh4veaZXIt5iWFtRmlHu8cKpMfnQ7E4t5YsHe3UzGu5-yrmmsAAQAA],true)
Fri Apr 25 09:48:44 EDT 2014, TRACE, null, begin id=745,op#30 method writeStringAttribute(cn=jjjjj,cn=users,dc=int,dc=eeeeeeee,dc=edu,pwmToken,[840D3E97EE865374581AA522C7400200-hash H4sIAAAAAAAAAAEAAf_-moTcmNeDF0iw8fkehYL1axVORsWtx3TuAQfKAr8UId0df5bpOJBplTWS2fAHBYbZivKi-JxDFtxDMnsQ2889uKnMJhp0X11De-Ha1UqH5plSopLJ-7G4iWqP5Zcq0LMwedw37SeEjZW7Cv_UEYmPDv1padk7nLSRXWQZSCfAAgpQfQMjb5AJaO-Dcg5Ch_9MRlDj7XOMAFXTto7pWK6nktuNs8m7L50YQnLnd07xEPAG93w48eL5tHK-HYNBj0cxGMpOxUT5rxBDxpK8uhDDYCjA7yQX2RbOGq2Idc7q5_Eh4veaZXIt5iWFtRmlHu8cKpMfnQ7E4t5YsHe3UzGu5-yrmmsAAQAA],true)
Fri Apr 25 09:48:44 EDT 2014, TRACE, null, begin id=737,op#47 method getDirectoryVendor()
Fri Apr 25 09:48:44 EDT 2014, TRACE, null, begin id=745,op#29 method getDirectoryVendor()
Fri Apr 25 09:48:44 EDT 2014, TRACE, null, finish id=745,op#29 result: "OPEN_LDAP" (0ms)
Fri Apr 25 09:48:44 EDT 2014, TRACE, null, finish id=737,op#47 result: "OPEN_LDAP" (0ms)
Fri Apr 25 09:48:44 EDT 2014, TRACE, null, finish id=745,op#28 result: {} (1ms)
Fri Apr 25 09:48:44 EDT 2014, TRACE, null, finish id=737,op#46 result: {} (2ms)
Fri Apr 25 09:48:44 EDT 2014, TRACE, null, begin id=745,op#28 method search(cn=users,dc=int,dc=eeeeeeee,dc=edu,SearchHelper: filter: (&(pwmToken=840D3E97EE865374581AA522C7400200-hash*)(objectClass=inetOrgPerson)), scope: SUBTREE, attributes: [])
Fri Apr 25 09:48:44 EDT 2014, TRACE, null, begin id=737,op#46 method search(cn=users,dc=int,dc=eeeeeeee,dc=edu,SearchHelper: filter: (&(pwmToken=840D3E97EE865374581AA522C7400200-hash*)(objectClass=inetOrgPerson)), scope: SUBTREE, attributes: [])
Fri Apr 25 09:48:44 EDT 2014, TRACE, null, finish id=745,op#27 result: "20140422170904Z" (1ms)
Fri Apr 25 09:48:44 EDT 2014, TRACE, null, finish id=737,op#45 result: "20140422170904Z" (1ms)
Fri Apr 25 09:48:44 EDT 2014, TRACE, null, begin id=737,op#45 method readStringAttribute(cn=jjjjj,cn=users,dc=int,dc=eeeeeeee,dc=edu,pwmLastPwdUpdate)
Fri Apr 25 09:48:44 EDT 2014, TRACE, null, begin id=745,op#27 method readStringAttribute(cn=jjjjj,cn=users,dc=int,dc=eeeeeeee,dc=edu,pwmLastPwdUpdate)
Fri Apr 25 09:48:44 EDT 2014, TRACE, null, finish id=745,op#26 result: "OPEN_LDAP" (1ms)
Fri Apr 25 09:48:44 EDT 2014, TRACE, null, finish id=737,op#44 result: "OPEN_LDAP" (1ms)
Fri Apr 25 09:48:44 EDT 2014, TRACE, null, finish id=745,op#25 result: {"cn=jjjjj,cn=users,dc=int,dc=eeeeeeee,dc=edu":{}} (2ms)
Fri Apr 25 09:48:44 EDT 2014, TRACE, null, finish id=737,op#43 result: {"cn=jjjjj,cn=users,dc=int,dc=eeeeeeee,dc=edu":{}} (2ms)
Fri Apr 25 09:48:44 EDT 2014, TRACE, null, begin id=737,op#44 method getDirectoryVendor()
Fri Apr 25 09:48:44 EDT 2014, TRACE, null, begin id=745,op#26 method getDirectoryVendor()
Fri Apr 25 09:48:44 EDT 2014, TRACE, null, begin id=737,op#43 method search(cn=users,dc=int,dc=eeeeeeee,dc=edu,SearchHelper: filter: (&(objectClass=person)(cn=jjjjj)), scope: SUBTREE, attributes: [])
Fri Apr 25 09:48:44 EDT 2014, TRACE, null, begin id=745,op#25 method search(cn=users,dc=int,dc=eeeeeeee,dc=edu,SearchHelper: filter: (&(objectClass=person)(cn=jjjjj)), scope: SUBTREE, attributes: [])
It looks like a schema issue with your ldap server, the pwmToken attribute isn't available on the user object.
It looks like a schema issue with your ldap server, the pwmToken attribute isn't available on the user object.
--To view this discussion on the web visit https://groups.google.com/d/msgid/pwm-general/64176f66-8314-46b7-91d1-9e29461ac6f3%40googlegroups.com.
You received this message because you are subscribed to the Google Groups "pwm-general" group.
To unsubscribe from this group and stop receiving emails from it, send an email to pwm-general...@googlegroups.com.
To post to this group, send email to pwm-g...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/pwm-general/206fc7fe-9b3b-4340-9da6-bd916138e9f2%40googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/pwm-general/f529d158-b3dc-404b-a5ea-e9a61636604d%40googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/pwm-general/0685e9e5-f3cc-4c5b-be9f-c07e92d24557%40googlegroups.com.
134 <167>1 2014-07-16T08:04:35-04:00 albldapdev1 slapdstg 6013 - - conn=204696 fd=21 ACCEPT from IP=10.1.111.201:40808 (IP=0.0.0.0:13636)
117 <167>1 2014-07-16T08:04:35-04:00 albldapdev1 slapdstg 6013 - - conn=204696 fd=21 TLS established tls_ssf=256 ssf=256
152 <167>1 2014-07-16T08:04:35-04:00 albldapdev1 slapdstg 6013 - - conn=204696 op=0 BIND dn="cn=f5monitor,cn=systems,dc=int,dc=xxx,dc=edu" method=128
159 <167>1 2014-07-16T08:04:35-04:00 albldapdev1 slapdstg 6013 - - conn=204696 op=0 BIND dn="cn=f5monitor,cn=systems,dc=int,dc=xxx,dc=edu" mech=SIMPLE ssf=0
106 <167>1 2014-07-16T08:04:35-04:00 albldapdev1 slapdstg 6013 - - conn=204696 op=0 RESULT tag=97 err=0 text=
184 <167>1 2014-07-16T08:04:35-04:00 albldapdev1 slapdstg 6013 - - conn=204696 op=1 SRCH base="cn=f5monitor,cn=systems,dc=int,dc=xxx,dc=edu" scope=2 deref=0 filter="(objectClass=*)"
125 <167>1 2014-07-16T08:04:35-04:00 albldapdev1 slapdstg 6013 - - conn=204696 op=1 SEARCH RESULT tag=101 err=0 nentries=1 text=
87 <167>1 2014-07-16T08:04:35-04:00 albldapdev1 slapdstg 6013 - - conn=204696 op=2 UNBIND
88 <167>1 2014-07-16T08:04:35-04:00 albldapdev1 slapdstg 6013 - - conn=204696 fd=21 closed
220 <167>1 2014-07-16T08:04:35-04:00 albldapdev1 slapddev 5977 - - conn=226036 op=13 SRCH base="cn=users,dc=int,dc=xxx,dc=edu" scope=2 deref=0 filter="(&(objectClass=person)(mail=y...@xxx.edu)(cn=zzz))"
95 <167>1 2014-07-16T08:04:35-04:00 albldapdev1 slapddev 5977 - - conn=226036 op=13 SRCH attr=1.1
126 <167>1 2014-07-16T08:04:35-04:00 albldapdev1 slapddev 5977 - - conn=226036 op=13 SEARCH RESULT tag=101 err=0 nentries=1 text=
184 <167>1 2014-07-16T08:04:35-04:00 albldapdev1 slapddev 5977 - - conn=226036 op=14 SRCH base="cn=zzz,cn=users,dc=int,dc=xxx,dc=edu" scope=0 deref=0 filter="(objectClass=*)"
108 <167>1 2014-07-16T08:04:35-04:00 albldapdev1 slapddev 5977 - - conn=226036 op=14 SRCH attr=pwmLastPwdUpdate
126 <167>1 2014-07-16T08:04:35-04:00 albldapdev1 slapddev 5977 - - conn=226036 op=14 SEARCH RESULT tag=101 err=0 nentries=1 text=
234 <167>1 2014-07-16T08:04:35-04:00 albldapdev1 slapddev 5977 - - conn=226036 op=15 SRCH base="cn=users,dc=int,dc=xxx,dc=edu" scope=2 deref=0 filter="(&(pwmToken=2acadbc64b7eebb38960d8d08c587e4c-hash*)(objectClass=inetOrgPerson))"
95 <167>1 2014-07-16T08:04:35-04:00 albldapdev1 slapddev 5977 - - conn=226036 op=15 SRCH attr=1.1
126 <167>1 2014-07-16T08:04:35-04:00 albldapdev1 slapddev 5977 - - conn=226036 op=15 SEARCH RESULT tag=101 err=0 nentries=0 text=
140 <167>1 2014-07-16T08:04:35-04:00 albldapdev1 slapddev 5977 - - conn=226036 op=16 MOD dn="cn=zzz,cn=users,dc=int,dc=xxx,dc=edu"
99 <167>1 2014-07-16T08:04:35-04:00 albldapdev1 slapddev 5977 - - conn=226036 op=16 MOD attr=pwmToken
155 <167>1 2014-07-16T08:04:35-04:00 albldapdev1 slapddev 5977 - - Entry (cn=zzz,cn=users,dc=int,dc=xxx,dc=edu), attribute 'pwmToken' not allowed
123 <167>1 2014-07-16T08:04:35-04:00 albldapdev1 slapddev 5977 - - entry failed schema check: attribute 'pwmToken' not allowed
141 <167>1 2014-07-16T08:04:35-04:00 albldapdev1 slapddev 5977 - - conn=226036 op=16 RESULT tag=103 err=65 text=attribute 'pwmToken' not allowed
93 <86>1 2014-07-16T08:04:35-04:00 albldapdev1 sshd 19404 - - Set /proc/self/oom_score_adj to 0
96 <86>1 2014-07-16T08:04:35-04:00 albldapdev1 sshd 19404 - - Connection from 127.0.0.1 port 48785
90 <86>1 2014-07-16T08:04:35-04:00 albldapdev1 sshd 19405 - - Connection closed by 127.0.0.1