IKYP008E DIRECTORY POST UNSUCCESSFUL. LDAP DATA LIBRARY MODULE RC = `nnnn`

Explanation
PKI Services background
certificate processing is attempting to post information (such as
a certificate or CRL) to a directory. The post was unsuccessful. The
OCSF Data Library Module (LDAPDL) return code is displayed in the
message.

System action
The information is not posted now. The post request
remains in the PKI Services request database to be reattempted later. If posting continues
to be unsuccessful for one week, the information is removed from the
request database.

System programmer response
Determine the cause of the failure
from the return code displayed and take appropriate action. These
return codes are documented in z/OS Open Cryptographic Services Facility Application Programming. If the error is LDAPDL_NO_SUCH_OBJECT, the LDAP
entry could not be created because the required suffix does not exist.
Check the PKI Services log to determine the entry that could not be created,
as indicated on messages IKYC005I and IKYC008I. If the entry should be posted to LDAP, you need to define the suffix
in the LDAP server configuration file and recycle the LDAP server. For more information, see Steps for installing and configuring LDAP and z/OS IBM Tivoli Directory Server Administration and Use for z/OS.
If you want PKI Services to bypass
LDAP posting for certificates with missing suffixes, set RetryMissingSuffix=F in the PKI Services pkiserv.conf configuration file. Then, stop and
restart the PKI Services daemon. For more information, see Steps for tailoring the LDAP section of the configuration file.

Routing code
2

Descriptor code
6

IKYP008E DIRECTORY POST UNSUCCESSFUL. LDAP DATA LIBRARY MODULE RC = nnnn

Explanation

System action

System programmer response

Routing code

Descriptor code

IKYP008E DIRECTORY POST UNSUCCESSFUL. LDAP DATA LIBRARY MODULE RC = `nnnn`