Expand my Community achievements bar.

July 31st AEM Gems Webinar: Elevate your AEM development to master the integration of private GitHub repositories within AEM Cloud Manager.

LDAP user sync - CanonicalName is null


Level 4

I need to setup user sync from LDAP to LiveCycle. It seems to be very intuitive and easy, but ...

I can connect LDAP well, but no users are transfered. I found the LDAP query was OK and LDAP response was OK. LiveCycle complains about:

This record is missing a required attribute and cannot be used. Specifically CanonicalName is null. Common Name: Adam Agama

The LDAP entry is:

dn: cn=Adam Agama, ou=Users, o=My org,c=CZ

o: My org

givenName: Adam

sn: Agama

ou: Users

mail: adam.agama@myorg.cz

userCertificate;binary:: MIIIODCCB....

objectClass: top

objectClass: person

objectClass: organizationalPerson

objectClass: inetOrgPerson

objectClass: opencaEmailAddress

objectClass: pkiUser

uid: adam.agama@myorg.cz

cn: Adam Agama

What does the LiveCycle mean by CanonicalName? I have not seen such an attribute anywhere.

Any help would be appreciated.

--- Jaroslav Pavlicek
2 Replies


Level 4
I reply myself:

When configuring LDAP connection, there are predefined templates for various LDAP types: SunOne, ActiveDirectory, IBM Domino, ...

You probably must select one. If you don't, "Unique identifier" field would not appear on following page and you are not allowed to edit it. And also you would have no idea, what the Unique identifier is expected to be :)


Level 4
Hi Jaroslav

For more details on what constitutes a uniqueId have a look at http://blogs.adobe.com/livecycle/2008/06/what_is_dn_and_what_is_the_not_1.html

And canonical name => Unique Identifier.