[midPoint] Issue with AD Synchronization process

Fabio Contessi f.contessi at nsr.it
Fri Aug 28 11:54:42 CEST 2015 

Ok Ivan, I have a Connector Server host different from Domain Controller host. I have resolved the issue: there were issues about DNS and Global Catalog configuration.

Thanks and regards.

  Fabio



> Il giorno 27/ago/2015, alle ore 18:01, Ivan Noris <ivan.noris at evolveum.com> ha scritto:
> 
> Hi Fabio,
> 
> I haven't tried LiveSync with AD for quite a long time, but I remember one setup, where, running the Connector Server on DC, I had to have both set to "localhost" for LiveSync.
> 
> For provisioning I don't set these at all.
> 
> I.
> 
> On 08/27/2015 04:22 PM, Fabio Contessi wrote:
>> Ok, for the Sync* attributes I have put IP address and not the DNS name of the domain controller. Do you think this might be a problem?
>> 
>>   Fabio
>> 
>> 
>>> Il giorno 27/ago/2015, alle ore 16:18, Ivan Noris <Ivan.Noris at evolveum.com <mailto:Ivan.Noris at evolveum.com>> ha scritto:
>>> 
>>> So far no idea, but can you please check your values for:
>>> 
>>> <gen927:LDAPHostName>xxx.xxx.xxx.x</gen927:LDAPHostName>
>>> <gen927:SearchChildDomains>false</gen927:SearchChildDomains>
>>> <gen927:DomainName>xxxx.xxxx.xxxx</gen927:DomainName>
>>> <gen927:SyncGlobalCatalogServer>xxx.xxx.xxx.x</gen927:SyncGlobalCatalogServer>
>>> <gen927:SyncDomainController>xxx.xxx.xxx.x</gen927:SyncDomainController>
>>> 
>>> If LDAPHostName/DomainName is problem, I assume normal provisioning would cause problems too.
>>> 
>>> Sync* attributes can cause problems only with synchronization. Can you please check if those are resolvable from the machine where connector server runs?
>>> 
>>> Regards,
>>> Ivan
>>> 
>>> From: "Fabio Contessi" < <mailto:f.contessi at nsr.it>f.contessi at nsr.it <mailto:f.contessi at nsr.it>>
>>> To: "midPoint General Discussion" <midpoint at lists.evolveum.com <mailto:midpoint at lists.evolveum.com>>
>>> Sent: Thursday, August 27, 2015 1:57:17 PM
>>> Subject: Re: [midPoint] Issue with AD Synchronization process
>>> 
>>> Hi Ivan,
>>> 
>>> the zip attached file contains:
>>> 
>>> - Resource-ActiveDirectorySyncOnly.xml: resource AD as configured in the environment;
>>> 
>>> - ObjectTemplate-CreateFromAD.xml: the (empty) object template referenced in the resource;
>>> 
>>> - TaskType-ADSync.xml: the task configured for starting the synchronization.
>>> 
>>> Regards.
>>> 
>>>   Fabio
>>> 
>>> 
>>> 
>>> Il giorno 27/ago/2015, alle ore 13:12, Ivan Noris < <mailto:ivan.noris at evolveum.com>ivan.noris at evolveum.com <mailto:ivan.noris at evolveum.com>> ha scritto:
>>> 
>>> Hi,
>>> 
>>> can you please send the resource (anonymized if needed) to see the connector configuration properties?
>>> 
>>> Regards,
>>> Ivan
>>> 
>>> From: "Fabio Contessi" < <mailto:f.contessi at nsr.it>f.contessi at nsr.it <mailto:f.contessi at nsr.it>>
>>> To:  <mailto:midpoint at lists.evolveum.com>midpoint at lists.evolveum.com <mailto:midpoint at lists.evolveum.com>
>>> Sent: Thursday, August 27, 2015 12:29:58 PM
>>> Subject: [midPoint] Issue with AD Synchronization process
>>> 
>>> Hi,
>>> I have a problem in executing synchronization process using an Active Directory as resource. I’m using:
>>> 
>>> - midpoint 3.2;
>>> 
>>> - Active Directory on Windows Server 2008 R2 Enterprise;
>>> 
>>> - Active Directory Connector Server 1.4.1.20257 on Windows Server 2012 R2 Standard Edition.
>>> 
>>> When I start the synchronization task it stops immediately giving the message:
>>> 
>>> Synchronization error: generic connector framework error: org.identityconnectors.framework.impl.api.remote.RemoteWrappedException(The given key was not present in the dictionary.) 
>>> 
>>> Below an extract of the Connector Server log file concerning the synchronization error:
>>> 
>>> ConnectorServer.exe Error: 0 : Exception :
>>> Type: System.Collections.Generic.KeyNotFoundException
>>> Message: The given key was not present in the dictionary.
>>> Source: FrameworkInternal
>>> Stacktrace:    at System.Collections.Generic.Dictionary`2.get_Item(TKey key)
>>>    at Org.IdentityConnectors.ActiveDirectory.ActiveDirectoryConnector.Sync(ObjectClass objClass, SyncToken token, SyncResultsHandler handler, OperationOptions options) in d:\midpoint\tgit\openicf\connectors\dotnet\ActiveDirectoryConnector\ActiveDirectoryConnector.cs:line 1196
>>>    at Org.IdentityConnectors.Framework.Impl.Api.Local.Operations.SyncImpl.Sync(ObjectClass objectClass, SyncToken token, SyncResultsHandler handler, OperationOptions options) in c:\Users\Pavol\Documents\GitHub\ConnId\dotnet\FrameworkInternal\ApiLocalOperations.cs:line 1606
>>>    at Org.IdentityConnectors.Framework.Impl.Api.Local.Operations.ConnectorAPIOperationRunnerProxy.Invoke(Object proxy, MethodInfo method, Object[] args) in c:\Users\Pavol\Documents\GitHub\ConnId\dotnet\FrameworkInternal\ApiLocalOperations.cs:line 247
>>>    at ___proxy1.Sync(ObjectClass , SyncToken , SyncResultsHandler , OperationOptions )
>>>    at Org.IdentityConnectors.Framework.Impl.Api.DelegatingTimeoutProxy.Invoke(Object proxy, MethodInfo method, Object[] args) in c:\Users\Pavol\Documents\GitHub\ConnId\dotnet\FrameworkInternal\Api.cs:line 1344
>>>    at ___proxy1.Sync(ObjectClass , SyncToken , SyncResultsHandler , OperationOptions )
>>>    at Org.IdentityConnectors.Framework.Impl.Server.ConnectionProcessor.ProcessOperationRequest(OperationRequest request) in c:\Users\Pavol\Documents\GitHub\ConnId\dotnet\FrameworkInternal\Server.cs:line 626
>>>     DateTime=2015-08-27T08:02:33.2560306Z
>>> 
>>> Any ideas on how to resolve the issue?
>>> 
>>> Thanks in advance.
>>> 
>>> ————————
>>> Fabio Contessi
>>> 
>>> 
>>> 
>>> 
>>> _______________________________________________
>>> midPoint mailing list
>>> midPoint at lists.evolveum.com <mailto:midPoint at lists.evolveum.com>
>>> http://lists.evolveum.com/mailman/listinfo/midpoint <http://lists.evolveum.com/mailman/listinfo/midpoint>
>>> 
>>> 
>>> 
>>> -- 
>>>   Ing. Ivan Noris
>>>   Senior Identity Management Engineer
>>>   evolveum.com <http://evolveum.com/>
>>>   ___________________________________________
>>>            "Idem per idem - semper idem Vix."
>>> _______________________________________________
>>> midPoint mailing list
>>> midPoint at lists.evolveum.com <mailto:midPoint at lists.evolveum.com>
>>> http://lists.evolveum.com/mailman/listinfo/midpoint <http://lists.evolveum.com/mailman/listinfo/midpoint>
>>> 
>>> 
>>> _______________________________________________
>>> midPoint mailing list
>>> midPoint at lists.evolveum.com <mailto:midPoint at lists.evolveum.com>
>>> http://lists.evolveum.com/mailman/listinfo/midpoint <http://lists.evolveum.com/mailman/listinfo/midpoint>
>>> 
>>> 
>>> 
>>> -- 
>>>   Ing. Ivan Noris
>>>   Senior Identity Management Engineer
>>>   evolveum.com <http://evolveum.com/>
>>>   ___________________________________________
>>>            "Idem per idem - semper idem Vix."
>>> _______________________________________________
>>> midPoint mailing list
>>> midPoint at lists.evolveum.com <mailto:midPoint at lists.evolveum.com>
>>> http://lists.evolveum.com/mailman/listinfo/midpoint <http://lists.evolveum.com/mailman/listinfo/midpoint>
>> 
>> 
>> 
>> _______________________________________________
>> midPoint mailing list
>> midPoint at lists.evolveum.com <mailto:midPoint at lists.evolveum.com>
>> http://lists.evolveum.com/mailman/listinfo/midpoint <http://lists.evolveum.com/mailman/listinfo/midpoint>
> 
> -- 
>   Ing. Ivan Noris
>   Senior Identity Management Engineer & IDM Architect
>   evolveum.com                     evolveum.com/blog/
>   ___________________________________________________
>   "Semper Id(e)M Vix."
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> http://lists.evolveum.com/mailman/listinfo/midpoint

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20150828/82f2fcdb/attachment.htm>

More information about the midPoint mailing list