[midPoint] Live Sync on AD LDAP Connector

Radovan Semancik radovan.semancik at evolveum.com
Mon Jan 4 12:11:41 CET 2016 

Hi Samu,

AD Livesync with LDAP connector is supposed to work and it indeed works 
in my tests. Here's the setup on midPoint side:

https://github.com/Evolveum/midpoint/tree/master/testing/conntest/src/test/resources/ad-ldap

I have documented the entire setup in this wiki page:

https://wiki.evolveum.com/display/midPoint/Active+Directory+with+LDAP+connector

However, I'm not really sure what are exactly the access rights and 
setup to be done on the AD side.

Perhaps the best steps for you are to enable trace on ConnId framework 
and LDAP connector. Set up logging like this:

org.identityconnectors.framework: TRACE
com.evolveum.polygon.connector.ldap: TRACE

The midPoint logfiles should tell you what exactly is going on and why 
are you not getting any synchronization events. You should see 
invocation of ConnId sync() method, then LDAP connector detecting the 
change, invocation of ConnId handle() method for each change and then 
midPoint provisioning and model (notifyChange() method) processing the 
change.

However, please be warned: if the problem is on the AD side then all you 
usually get is "unwilling to perform" error and I have found no 
practical way how to figure out what is going on on the AD side. AD 
logfiles are mostly useless. So good old guessing and trial and error is 
often the only way ...

-- 
Radovan Semancik
Software Architect
evolveum.com



On 12/30/2015 09:40 AM, Samu Viitanen wrote:
> Hello,
>
> I have experimented with the new experimental AD with LDAP connector, 
> and in my solution the Live Synchronization does not seem to work. Is 
> it supposed to work or is that still TODO? I keep getting a warning 
> about current sync token being null and it does not sync anything from 
> AD, but the task is still running fine. If it should work, is there 
> something special I need to take into consideration to get it working?
>
> Best Regards
> Samu Viitanen
>
>
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> http://lists.evolveum.com/mailman/listinfo/midpoint


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20160104/4c07333b/attachment.htm>

More information about the midPoint mailing list