Unable to Save Domain Changes in an Organizational Unit Defined Domain
Summary: This article helps identify an issue with saving domain changes due to Organizational Unit (OU) declaration.
Symptoms
Affected Products:
- Dell Data Security Management Server
Affected Versions:
- v10.0 and Later
The user is unable to save changes to their domain after adding the domain to the server with an OU definition. When the domain is saved, any further changes query the domain and pull a Null value.
In the Security log after invalid credential Error Code:-2147023570:
2022-01-18 07:09:15,839 INFO com.dell.ddps.webui.controllers.DomainController [qtp1083321958-137] - ADFS Url: null 2022-01-18 07:09:15,924 ERROR com.dell.ddps.service.admin.impl.AdminServiceImpl [qtp1083321958-16] - java.lang.NullPointerException
Cause
This is because an OU is not a security principal and does not have a SID. So, when we go for an ADsOpenObject command we come up with a Null value.
Example:
Domain input:
Figure 1: (English Only) Domain Detail
Error saving:
Figure 2: (English Only) Internal Error
Resolution
Contact the Dell Data Security team to help hide the invalid domain. Reference, How to set the Dell Security Management Server to Block or Ignore a Configured Domain, to block its function in the server so it may not create further issues during Active Directory Federation Services (ADFS) lookup.
To contact support, reference Dell Data Security International Support Phone Numbers.
Go to TechDirect to generate a technical support request online.
For additional insights and resources, join the Dell Security Community Forum.