Home.... | log in.... | Pub my question! | Sign-up....
Java-index >> E-Mail, Calendar, & Collaboration >> Sun Java System Calendar Server

Attribute "icsDWPHost" is not allowed

Hi,

I am seeing these in my LDAP errors log.

[26/Sep/2006:09:38:29 +0700] - ERROR<5897> - Schema - conn=-1 op=-1 msgId=-1 - User error: Entry "uid=sunvpt3,ou=People,o=vpt.vn,dc=vpt,dc=vn", attribute "icsDWPHost" is not allowed

[26/Sep/2006:10:32:02 +0700] - ERROR<5897> - Schema - conn=-1 op=-1 msgId=-1 - User error: Entry "uid=garry_test3,ou=People,o=vpt.vn,dc=vpt,dc=vn", attribute "icsDWPHost" is not allowed

[26/Sep/2006:10:45:01 +0700] - ERROR<5897> - Schema - conn=-1 op=-1 msgId=-1 - User error: Entry "uid=vinhtt,ou=People,o=vpt.vn,dc=vpt,dc=vn", attribute "icsDWPHost" is not allowed

[26/Sep/2006:16:48:03 +0700] - ERROR<5897> - Schema - conn=-1 op=-1 msgId=-1 - User error: Entry "uid=sunvpt2,ou=People,o=vpt.vn,dc=vpt,dc=vn", attribute "icsDWPHost" is not allowed

Any idea what this means?

JES Q105.

[884 byte] By [justCheeChong] at [2007-11-26 10:23:29]
«« Notes Error 575
»» after install cluster - all nodes, unable to repair /global....
# 1

Hi,

The error you are hitting is most likely due to the user in question not being provisioned correctly to allow calendar access (i.e. they don't have the correct objectclasses in their entry) or there is some kind of LDAP schema issue.

Have you enabled the calendar service on the domain vpt.vn?

Are users in other domains (if you have other domains) able to log in?

Are the users in question able to log into calendar.

Please supply an LDIF of a user with the problem e.g. uid=sunvpt3

Regards,

Shane.

shane_hjorth at 2007-7-7 2:24:43 > top of Java-index,E-Mail, Calendar, & Collaboration,Sun Java System Calendar Server...
# 2

Hi Shane,

>> Have you enabled the calendar service on the domain vpt.vn?

How can I verify this? I have taken over this project from someone who has left the company.

>> Are users in other domains (if you have other domains) able to log in?

Yes. they are able to login.

>> Are the users in question able to log into calendar.

Yes.

>> Please supply an LDIF of a user with the problem e.g. uid=sunvpt3

# entry-id: 30985

dn: uid=sunvpt3,ou=People,o=vpt.vn,dc=vpt,dc=vn

createTimestamp: 20060926023152Z

creatorsName: cn=puser,ou=dsame users,dc=vpt,dc=vn

userPassword: {SSHA}jq6Gnz79P35Vel3bAdYUW/UvPtniOZwzqCufLQ==

inetUserStatus: Active

preferredLocale: en

cn: sunvpt3 sunvpt3

sn: sunvpt3

mailUserStatus: active

givenName: sunvpt3

iplanet-am-modifiable-by: cn=Top-level Admin Role,dc=vpt,dc=vn

iplanet-am-modifiable-by: cn=ou=People_o=vpt.vn_dc=vpt_dc=vn,o=vpt.vn,dc=vpt,d

c=vn

uid: sunvpt3

psIncludeInGAB: true

sunUCDefaultApplication: addressbook

sunUCTheme: uwc

sunUCColorScheme: 2

sunUCDefaultEmailHandler: uc

sunUCTimeZone: America/Los_Angeles

sunUCExtendedUserPrefs: sunUCInitialized=true

sunUCDateFormat: M/D/Y

sunUCDateDelimiter: /

sunUCTimeFormat: 12

nswmExtendedUserPrefs: meDraftFolder=Drafts

nswmExtendedUserPrefs: meSentFolder=Sent

nswmExtendedUserPrefs: meTrashFolder=Trash

nswmExtendedUserPrefs: meInitialized=true

preferredLanguage: en

icsCalendar: sunvpt3@vpt.vn

icsSubscribed: sunvpt3@vpt.vn$sunvpt3 sunvpt3

icsDWPHost: HCM-CAL-01.vpt.vn

icsCalendarOwned: sunvpt3@vpt.vn$sunvpt3 sunvpt3

icsDWPHost: HCM-CAL-01.vpt.vn

icsCalendarOwned: sunvpt3@vpt.vn$sunvpt3 sunvpt3

icsExtendedUserPrefs: ceShowCompletedTasks=false

icsExtendedUserPrefs: ceDefaultCategory=Business

icsExtendedUserPrefs: ceDayHead=9

icsExtendedUserPrefs: ceDayTail=18

icsExtendedUserPrefs: ceInterval=PT1H0M

icsExtendedUserPrefs: ceWeekEndDays=1,7

icsExtendedUserPrefs: ceIncludeWeekendInViews=true

icsExtendedUserPrefs: ceSingleCalendarTZID=0

icsExtendedUserPrefs: ceAllCalendarTZIDs=0

icsExtendedUserPrefs: ceDefaultAlarmStart=PT0H30M

icsExtendedUserPrefs: ceNotifyEnable=1

icsExtendedUserPrefs: ceDefaultView=dayview

icsExtendedUserPrefs: sunCalEventfilter=accepted,tentative,declined,needs-acti

on

icsExtendedUserPrefs: sunCalInitialized=true

icsFirstDay: 1

sunAbExtendedUserPrefs: abName=Personal Address Book

sunAbExtendedUserPrefs: abDescription=This is the personal address book

sunAbExtendedUserPrefs: abEntriesPerPage=25

sunAbExtendedUserPrefs: abSearchDisplayColumn1=displayname

sunAbExtendedUserPrefs: abSearchDisplayColumn2=primaryemail

sunAbExtendedUserPrefs: abSearchDisplayColumn3=primaryphone

sunAbExtendedUserPrefs: abSearchDisplayColumn4=edit

sunAbExtendedUserPrefs: sunAbInitialized=true

psRoot: ldap://HCM-LDAP-01.vpt.vn:389/piPStoreOwner=sunvpt3,o=vpt.vn,o=PiServe

rDb

mailDeliveryOption: mailbox

mail: sunvpt3@vpt.vn

mailHost: HNI-MS-01.vpt.vn

mailMsgQuota: 3000

inetCOS: diamond

objectClass: sunucpreferences

objectClass: userpresenceprofile

objectClass: top

objectClass: iplanet-am-managed-person

objectClass: iplanet-am-user-service

objectClass: icscalendaruser

objectClass: inetadmin

objectClass: organizationalperson

objectClass: person

objectClass: inetuser

objectClass: inetlocalmailrecipient

objectClass: iplanetpreferences

objectClass: ipuser

objectClass: inetorgperson

objectClass: inetsubscriber

objectClass: inetmailuser

modifiersName: cn=puser,ou=dsame users,dc=vpt,dc=vn

modifyTimestamp: 20060926081526Z

nsUniqueId: 0f0a3a81-4d0711db-8099b5c0-18c23f1d

justCheeChong at 2007-7-7 2:24:43 > top of Java-index,E-Mail, Calendar, & Collaboration,Sun Java System Calendar Server...
# 3
Could you send the o=vpt.vn,dc=vpt,dc=vn branch?Regards!
Saro at 2007-7-7 2:24:43 > top of Java-index,E-Mail, Calendar, & Collaboration,Sun Java System Calendar Server...
# 4

Here it is:

# entry-id: 3232

dn: o=vpt.vn,dc=vpt,dc=vn

preferredLanguage: en

icsStatus: active

sunEnableGAB: false

sunRegisteredServiceName: SunPortalNetMailService

sunRegisteredServiceName: iPlanetAMAdminConsoleService

sunRegisteredServiceName: iPlanetAMAuthMembershipService

sunRegisteredServiceName: SunPortalSubscriptionsService

sunRegisteredServiceName: iPlanetAMAuthService

sunRegisteredServiceName: iPlanetAMPolicyConfigService

sunRegisteredServiceName: iPlanetAMUserService

sunRegisteredServiceName: SunPresence

sunRegisteredServiceName: SunSSOAdapterService

sunRegisteredServiceName: SunMobileAppABService

sunRegisteredServiceName: SunMobileAppMailService

sunRegisteredServiceName: SunPortalWSRPConsumerService

sunRegisteredServiceName: SunPortalWSRPProducerService

sunRegisteredServiceName: calendarService

sunRegisteredServiceName: SunMobileAppCalendarService

sunRegisteredServiceName: iPlanetAMAuthLDAPService

sunRegisteredServiceName: SunPortalDesktopService

sunRegisteredServiceName: SunIM

sunRegisteredServiceName: mailService

sunRegisteredServiceName: DomainMailService

sunRegisteredServiceName: GroupMailService

sunRegisteredServiceName: UserMailService

sunRegisteredServiceName: UserCalendarService

sunRegisteredServiceName: DomainCalendarService

aci: (target="ldap:///ou=People,o=vpt.vn,dc=vpt,dc=vn")(targetfilter=(!(|(nsro

ledn=cn=Top-level Admin Role,dc=vpt,dc=vn)(nsroledn=cn=Top-level Help Desk A

dmin Role,dc=vpt,dc=vn)(nsroledn=cn=Organization Admin Role,o=vpt.vn,dc=vpt,

dc=vn)(nsroledn=cn=Container Admin Role,o=vpt.vn,dc=vpt,dc=vn))))(targetattr

!= "iplanet-am-web-agent-access-allow-list || iplanet-am-web-agent-access-n

ot-enforced-list || iplanet-am-domain-url-access-allow || iplanet-am-web-age

nt-access-deny-list || nsroledn") (version 3.0; acl "People container admin

role"; allow (all) roledn = "ldap:///cn=ou=People_o=vpt.vn_dc=vpt_dc=vn,o=vp

t.vn,dc=vpt,dc=vn";)

aci: (target="ldap:///o=vpt.vn,dc=vpt,dc=vn")(targetfilter=(!(|(nsroledn=cn=To

p-level Admin Role,dc=vpt,dc=vn)(nsroledn=cn=Top-level Help Desk Admin Role,

dc=vpt,dc=vn))))(targetattr = "nsroledn")(targattrfilters="add=nsroledn:(nsr

oledn=*,o=vpt.vn,dc=vpt,dc=vn),del=nsroledn:(nsroledn=*,o=vpt.vn,dc=vpt,dc=v

n)")(version 3.0; acl "S1IS Organization Admin Role access allow"; allow (al

l) roledn = "ldap:///cn=Organization Admin Role,o=vpt.vn,dc=vpt,dc=vn";)

aci: (target="ldap:///o=vpt.vn,dc=vpt,dc=vn")(targetfilter=(!(|(nsroledn=cn=To

p-level Admin Role,dc=vpt,dc=vn)(nsroledn=cn=Organization Admin Role,o=vpt.v

n,dc=vpt,dc=vn))))(targetattr = "userPassword") (version 3.0; acl "S1IS Orga

nization Help Desk Admin Role access allow"; allow (write) roledn = "ldap://

/cn=Organization Help Desk Admin Role,o=vpt.vn,dc=vpt,dc=vn";)

aci: (target="ldap:///o=vpt.vn,dc=vpt,dc=vn")(targetfilter=(!(|(nsroledn=cn=To

p-level Admin Role,dc=vpt,dc=vn)(nsroledn=cn=Top-level Help Desk Admin Role,

dc=vpt,dc=vn)(nsroledn=cn=Organization Admin Role,o=vpt.vn,dc=vpt,dc=vn))))(

targetattr = "*") (version 3.0; acl "S1IS Organization Help Desk Admin Role

access allow"; allow (read,search) roledn = "ldap:///cn=Organization Help De

sk Admin Role,o=vpt.vn,dc=vpt,dc=vn";)

aci: (target="ldap:///ou=services,*o=vpt.vn,dc=vpt,dc=vn")(targetattr = "*") (

version 3.0; acl "Organization Policy Admin Role access allow"; allow (all)

roledn = "ldap:///cn=Organization Policy Admin Role,o=vpt.vn,dc=vpt,dc=vn";)

aci: (target="ldap:///o=vpt.vn,dc=vpt,dc=vn")(targetfilter=(!(|(nsroledn=cn=To

p-level Admin Role,dc=vpt,dc=vn)(nsroledn=cn=Top-level Help Desk Admin Role,

dc=vpt,dc=vn)(nsroledn=cn=Organization Admin Role,o=vpt.vn,dc=vpt,dc=vn))))(

targetattr = "*")(version 3.0; acl "Organization Policy Admin access allow";

allow (read,search) roledn = "ldap:///cn=Organization Policy Admin Role,o=v

pt.vn,dc=vpt,dc=vn";)

aci: (target="ldap:///ou=iPlanetAMAuthService,ou=services,*o=vpt.vn,dc=vpt,dc=

vn")(targetattr = "*") (version 3.0; acl "Organization Policy Admin Role acc

ess Auth Service deny"; deny (add,write,delete) roledn = "ldap:///cn=Organiz

ation Policy Admin Role,o=vpt.vn,dc=vpt,dc=vn";)

aci: (target="ldap:///o=vpt.vn,dc=vpt,dc=vn")(targetfilter="(objectclass=sunis

managedorganization)")(targetattr = "sunRegisteredServiceName") (version 3.0

; acl "Organization Policy Admin Role access allow"; allow (read,write,searc

h) roledn = "ldap:///cn=Organization Policy Admin Role,o=vpt.vn,dc=vpt,dc=vn

";)

aci: (targetattr="icscalendar || cn || givenName || sn || uid || mail")(target

filter=(objectClass=icscalendaruser))(version 3.0; acl "Allow Calendar users

to read and search other users - product=ics,class=admin,num=3,version=1";

allow (search,read) userdn = "ldap:///uid=*,ou=People,o=vpt.vn, dc=vpt,dc=vn

";)

createTimestamp: 20060911111002Z

creatorsName: cn=puser,ou=dsame users,dc=vpt,dc=vn

objectClass: sunISManagedOrganization

objectClass: sunNameSpace

objectClass: top

objectClass: sunManagedOrganization

objectClass: organization

objectClass: inetdomainauthinfo

objectClass: sundelegatedorganization

objectClass: maildomain

objectClass: icscalendardomain

o: vpt.vn

sunNameSpaceUniqueAttrs: uid

sunPreferredDomain: vpt.vn

inetDomainStatus: active

sunOrgType: full

preferredMailHost: HNI-MS-01.vpt.vn

mailDomainDiskQuota: -1

mailDomainStatus: active

icsSessionTimeout: 600

icsAnonymousLogin: yes

icsDWPBackEndHosts: HNI-CAL-01.vpt.vn

sunNumUsers: 45

sunAvailableServices: topaz:1000:-1

sunAvailableServices: mars:10:1

sunAvailableServices: diamond:1000:1

sunAvailableServices: platinum:1000:-1

sunAvailableServices: emerald:1000:-1

sunAvailableServices: vpt_mailhosting:500:-1

sunAvailableServices: bronze:1000:3

sunAvailableServices: defaultmail:1000:-1

sunAvailableServices: silver:10:-1

sunAvailableServices: gold:1000:-1

sunAvailableServices: vpt:1000:-1

sunAvailableServices: ruby:1000:-1

modifiersName: cn=dsameuser,ou=dsame users,dc=vpt,dc=vn

modifyTimestamp: 20060926192841Z

nsUniqueId: f7b74301-1dd111b2-8077a6c6-faa8e3bd

justCheeChong at 2007-7-7 2:24:43 > top of Java-index,E-Mail, Calendar, & Collaboration,Sun Java System Calendar Server...
E-Mail, Calendar, & Collaboration
Sun Java System Calendar Server

E-Mail, Calendar, & Collaboration New Topic

E-Mail, Calendar, & Collaboration Hot Topic

E-Mail, Calendar, & Collaboration

All Classified