This article has been archived and is no longer maintained by ForgeRock.
You will see the following errors depending on your use case:
- The admin account password is different to the Directory Manager password; the following error is shown in the access log: [21/Oct/2016:15:11:29 +0100] BIND REQ conn=11 op=0 msgID=1 version=3 type=SIMPLE dn="cn=Directory Manager" [21/Oct/2016:15:11:29 +0100] BIND RES conn=11 op=0 msgID=1 result=49 authFailureReason="The password provided by the user did not match any password(s) stored in the user's entry" authDN="cn=Directory Manager" etime=1 The following error is shown in response to a dsreplication command: The provided credentials are not valid in server opendj.example.com:4444. Details: [LDAP: error code 49 - Invalid Credentials]
- The rootDN is not cn=Directory Manager; the following is shown in the access log: [21/Oct/2016:15:11:29 -0100] BIND REQ conn=9 op=0 msgID=1 version=3 type=SIMPLE dn="cn=Directory Manager" [21/Oct/2016:15:11:29 -0100] BIND RES conn=9 op=0 msgID=1 result=49 authFailureReason="Unable to bind to the Directory Server because no such user exists in the server" authDN="cn=Directory Manager" etime=0
Upgraded to, or installed OpenDJ 3.5.
Changed the admin account password.
Installed an OpenDJ instance using a rootDN other than "cn=Directory Manager".
The dsreplication command attempts to bind with "cn=Directory Manager" regardless of whether it should be binding with the admin account or a different rootDN. Since the password and/or user do not match, the dsreplication command fails.
This issue can be resolved by upgrading to OpenDJ 3.5.1 or later; you can download this from BackStage.
If the issue is caused by the global admin and Directory Manager passwords being different, you can update them so they match as a workaround.