Issue/Introduction:
The error "LDAP: error code 12 - Unavailable Critical Extension" may occur because your LDAP server doesn't support paged results.
By default, the pagination is set to true in IAM as most of the LDAP servers support pagination. As a result, we are getting this error when trying to sync the LDAP groups.
This can be resolved by turning off the pagination in IAM. But currently, we do not have this option exposed in the IAM UI
Cause:
Pagination in IAM
Environment:
Release : 10.5
Component : CA Service Virtualization
Resolution:
However, we can run the below steps and query to turn it off (assuming there is one LDAP configuration in IAM):
1) Stop the IAM Server.
2) Connect to the IAM Database and run the below commands:
UPDATE COMPONENT_CONFIG SET VALUE=false WHERE NAME='pagination';
COMMIT;
3) Disconnect the database connection
4) Start the IAM Server.
5) Able to sync the LDAP Groups.
------------------------------
Technical Support Engineer III
Broadcom, Inc
------------------------------