[midPoint] O365 ConnectorTypeHost
Jason Everling
jeverling at bshp.edu
Mon Jun 13 18:43:34 CEST 2016
Can you add the SSL certificates that is being used by Graph and Office 365
for OAuth authentication? I think it is "DigiCert Baltimore Root/Microsoft
IT SSL SHA2" . I believe that when I did set this up I did add it to the
midpoint keystore under midpoint.home
JASON
On Mon, Jun 13, 2016 at 7:34 AM, Dick Muller <dick.muller at tahzoo.com> wrote:
> Hi,
>
>
>
> I’m happy that last Friday the Connector was discovered, but today I have
> another problem.
>
> I created the SPN on Office365 and is member of the correct role. I
> checked this.
>
> I added the tenancy name tahzoo365.onmicrosoft.com and applied the
> principalID with the correct symetricKey.
>
>
>
> Whatever I try I keep on getting an error stating that doing GET to
> /tenantDetails?api-version=2013-11-08 has a exception.
>
>
>
> You can find the error in this mail as attachment, together with the
> officeConnector configuration.
>
>
>
> I used the example in the wiki pages for the configuration.
> https://wiki.evolveum.com/pages/viewpage.action?pageId=15433819
>
>
>
> Kindest regards,
>
>
>
> Dick
>
>
>
> *From: *midPoint <midpoint-bounces at lists.evolveum.com> on behalf of Ivan
> Noris <ivan.noris at evolveum.com>
> *Organization: *Evolveum, s.r.o.
> *Reply-To: *midPoint General Discussion <midpoint at lists.evolveum.com>
> *Date: *Friday, June 10, 2016 at 5:27 PM
> *To: *"midpoint at lists.evolveum.com" <midpoint at lists.evolveum.com>
> *Subject: *Re: [midPoint] O365 ConnectorTypeHost
>
>
>
> Glad to hear that!
> And THANK you, Jason!
>
> We will also update the wiki sometime soon, and I will check if/when we
> can put that connector to nexus.
>
> Regards,
> Ivan
>
> On 06/10/2016 04:07 PM, Dick Muller wrote:
>
> This is great Jason,
>
>
>
> I uploaded it to the directory and restarted the services.
>
> It now discovers the connector. Don’t know why, probably the jar file
> wasn’t correct after all.
>
>
>
> Thanks for providing me your copy. That is a great help.
>
>
>
> Regards,
>
> Dick Muller
>
>
>
> *From: *midPoint <midpoint-bounces at lists.evolveum.com>
> <midpoint-bounces at lists.evolveum.com> on behalf of Jason Everling
> <jeverling at bshp.edu> <jeverling at bshp.edu>
> *Reply-To: *midPoint General Discussion <midpoint at lists.evolveum.com>
> <midpoint at lists.evolveum.com>
> *Date: *Friday, June 10, 2016 at 3:52 PM
> *To: *midPoint General Discussion <midpoint at lists.evolveum.com>
> <midpoint at lists.evolveum.com>
> *Subject: *Re: [midPoint] O365 ConnectorTypeHost
>
>
>
> I built this one for ours, we are on 3.2 though, and it imports/discovers
> fine and creates the connector resource,
>
>
>
> [image: line image 1]
>
>
>
> Downloadable jar
> https://drive.google.com/open?id=0BzdcPcHxIfp1emNQSm9ROGM0UXM
>
>
> JASON
>
>
>
> On Fri, Jun 10, 2016 at 7:12 AM, Dick Muller <dick.muller at tahzoo.com>
> wrote:
>
> Hi Ivan,
>
>
>
> Is there another colleague that has a compiled version of the
> connector-office365?
>
> Maybe I can try it with that one and see if it is disocovered.
>
>
>
> Thanks,
>
> Dick
>
>
>
> *From: *midPoint <midpoint-bounces at lists.evolveum.com> on behalf of Dick
> Muller <dick.muller at tahzoo.com>
> *Reply-To: *midPoint General Discussion <midpoint at lists.evolveum.com>
> *Date: *Thursday, June 9, 2016 at 6:13 PM
> *To: *midPoint General Discussion <midpoint at lists.evolveum.com>
>
>
> *Subject: *Re: [midPoint] O365 ConnectorTypeHost
>
>
>
> Hi Ivan,
>
>
>
> Yes, the lines are present in config.xml
>
>
>
> The ls –la results are in the attachment
>
>
>
> Regards,
>
> Dick
>
>
>
> *From: *midPoint <midpoint-bounces at lists.evolveum.com> on behalf of Ivan
> Noris <ivan.noris at evolveum.com>
> *Organization: *Evolveum, s.r.o.
> *Reply-To: *midPoint General Discussion <midpoint at lists.evolveum.com>
> *Date: *Thursday, June 9, 2016 at 5:38 PM
> *To: *"midpoint at lists.evolveum.com" <midpoint at lists.evolveum.com>
> *Subject: *Re: [midPoint] O365 ConnectorTypeHost
>
>
>
> It really seems strange.
> Can you make listing of /data/conf/midpoint and
> /data/conf/midpoint/icf-connectors (ls -la )?
>
> Also please check if config.xml contains this:
> <icf>
> <scanClasspath>true</scanClasspath>
> <scanDirectory>${midpoint.home}/icf-connectors</scanDirectory>
> </icf>
> (it should be there by default just before <keystore> element)
>
> Ivan
>
> On 06/09/2016 05:08 PM, Dick Muller wrote:
>
> HI Ivan,
>
>
>
> I checked the file permissions. After that I started a clean logfile and a
> restart of the tomcat services.
>
>
>
> I do not see anything in the log. You can see my log file in the
> attachments.
>
>
>
> Regards,
>
> Dick
>
>
>
>
>
> *From: *midPoint <midpoint-bounces at lists.evolveum.com>
> <midpoint-bounces at lists.evolveum.com> on behalf of Ivan Noris
> <ivan.noris at evolveum.com> <ivan.noris at evolveum.com>
> *Organization: *Evolveum, s.r.o.
> *Reply-To: *midPoint General Discussion <midpoint at lists.evolveum.com>
> <midpoint at lists.evolveum.com>
> *Date: *Thursday, June 9, 2016 at 4:17 PM
> *To: *"midpoint at lists.evolveum.com" <midpoint at lists.evolveum.com>
> <midpoint at lists.evolveum.com> <midpoint at lists.evolveum.com>
> *Subject: *Re: [midPoint] O365 ConnectorTypeHost
>
>
>
> Hi,
>
> so /data/conf/midpoint/icf-connectors should be that directory.
> Permissions should allow the Tomcat to read the that file (e.g. 644) and
> read/exec the directory (e.g. 755)
>
> Can you please check idm.log when starting? In my case:
>
> ...
> 2016-06-06 14:01:09,326 [] [localhost-startStop-1] INFO
> (com.evolveum.midpoint.init.StartupConfiguration): | Version :
> 3.4-SNAPSHOT
> 2016-06-06 14:01:09,326 [] [localhost-startStop-1] INFO
> (com.evolveum.midpoint.init.StartupConfiguration): | Sources :
> https://github.com/Evolveum/midpoint.git branch: ${scmBranch}
> 2016-06-06 14:01:09,327 [] [localhost-startStop-1] INFO
> (com.evolveum.midpoint.init.StartupConfiguration): | Bug reporting system
> : http://jira.evolveum.com/
> 2016-06-06 14:01:09,327 [] [localhost-startStop-1] INFO
> (com.evolveum.midpoint.init.StartupConfiguration): | Product information :
> http://wiki.evolveum.com/display/midPoint
> 2016-06-06 14:01:09,327 [] [localhost-startStop-1] INFO
> (com.evolveum.midpoint.init.StartupConfiguration):
> +------------------------------------------------------------------------------------------
> ---+
> 2016-06-06 14:01:09,331 [] [localhost-startStop-1] INFO
> (com.evolveum.midpoint.init.ApplicationHomeSetup): midpoint.home =
> /opt/midpoint.home-pokusy/
> 2016-06-06 14:01:09,331 [] [localhost-startStop-1] INFO
> (com.evolveum.midpoint.init.ApplicationHomeSetup): Directory
> /opt/midpoint.home-pokusy/ already exists. Reusing it.
> 2016-06-06 14:01:09,331 [] [localhost-startStop-1] INFO
> (com.evolveum.midpoint.init.ApplicationHomeSetup): Directory
> /opt/midpoint.home-pokusy//icf-connectors already exists. Reusing it.
> 2016-06-06 14:01:09,332 [] [localhost-startStop-1] INFO
> (com.evolveum.midpoint.init.ApplicationHomeSetup): Directory
> /opt/midpoint.home-pokusy//idm-legacy already exists. Reusing it.
> 2016-06-06 14:01:09,332 [] [localhost-startStop-1] INFO
> (com.evolveum.midpoint.init.ApplicationHomeSetup): Directory
> /opt/midpoint.home-pokusy//log already exists. Reusing it.
> 2016-06-06 14:01:09,332 [] [localhost-startStop-1] INFO
> (com.evolveum.midpoint.init.ApplicationHomeSetup): Directory
> /opt/midpoint.home-pokusy//schema already exists. Reusing it.
> 2016-06-06 14:01:09,332 [] [localhost-startStop-1] INFO
> (com.evolveum.midpoint.init.ApplicationHomeSetup): Directory
> /opt/midpoint.home-pokusy//import already exists. Reusing it.
> 2016-06-06 14:01:09,332 [] [localhost-startStop-1] INFO
> (com.evolveum.midpoint.init.ApplicationHomeSetup): Directory
> /opt/midpoint.home-pokusy//export already exists. Reusing it.
> 2016-06-06 14:01:09,332 [] [localhost-startStop-1] INFO
> (com.evolveum.midpoint.init.ApplicationHomeSetup): Directory
> /opt/midpoint.home-pokusy//tmp already exists. Reusing it.
> 2016-06-06 14:01:09,333 [] [localhost-startStop-1] INFO
> (com.evolveum.midpoint.init.StartupConfiguration): Loading midPoint
> configuration from file /opt/midpoint.home-pokusy/config.xml
> ...
> 2016-06-06 14:01:36,986 [] [localhost-startStop-1] INFO
> (com.evolveum.midpoint.provisioning.ucf.impl.ConnectorFactoryIcfImpl):
> Discovered ICF bundle on CLASSPATH: com.evolveum.polygon.connector-csvfile
> version: 1.4.0.49
> 2016-06-06 14:01:37,043 [] [localhost-startStop-1] INFO
> (com.evolveum.midpoint.provisioning.ucf.impl.ConnectorFactoryIcfImpl):
> Discovered ICF bundle on CLASSPATH:
> com.evolveum.polygon.connector-databasetable version: 1.4.0.49
> 2016-06-06 14:01:37,108 [] [localhost-startStop-1] INFO
> (com.evolveum.midpoint.provisioning.ucf.impl.ConnectorFactoryIcfImpl):
> Discovered ICF bundle on CLASSPATH: com.evolveum.polygon.connector-ldap
> version: 1.4.3.0-SNAPSHOT
> *2016-06-06 14:01:37,443 [] [localhost-startStop-1] INFO
> (com.evolveum.midpoint.provisioning.ucf.impl.ConnectorFactoryIcfImpl):
> Discovered ICF bundle in JAR:
> org.forgerock.openicf.connectors.scriptedsql-conne version: 1.1.2.0.em3*
>
>
> This is how my midPoint detected custom (not bundled) connector for
> ScriptedSQL.
>
> Ivan
>
> On 06/09/2016 04:00 PM, Dick Muller wrote:
>
> Hi Ivan,
>
>
>
> I will delete it then.
>
>
>
> The JVM parameter is –Dmidpoint.home=/data/conf/midpoint
>
>
>
> There is my config.xml and I also have stored working schema and
> organization schemaextension files there.
>
> So this must be correct.
>
>
>
> I saved the connector-office365.jar file in the icf-connectors directory.
>
>
>
> I suddenly thought about permissions on the filesystem. This is corrected
> to the tomcat user and restart again.
>
>
>
> But still there is no connector loaded in the repository.
>
>
>
> Thanks,
>
>
>
> Dick
>
>
>
>
>
> *From: *midPoint <midpoint-bounces at lists.evolveum.com>
> <midpoint-bounces at lists.evolveum.com> on behalf of Ivan Noris
> <ivan.noris at evolveum.com> <ivan.noris at evolveum.com>
> *Organization: *Evolveum, s.r.o.
> *Reply-To: *midPoint General Discussion <midpoint at lists.evolveum.com>
> <midpoint at lists.evolveum.com>
> *Date: *Thursday, June 9, 2016 at 3:43 PM
> *To: *"midpoint at lists.evolveum.com" <midpoint at lists.evolveum.com>
> <midpoint at lists.evolveum.com> <midpoint at lists.evolveum.com>
> *Subject: *Re: [midPoint] O365 ConnectorTypeHost
>
>
>
> You should not manually create Connector (ConnectorType) objects, these
> are created by discovering the connectors; they also contain the connector
> schema.
>
> So, please:
> 1) check your current "midpoint.home" setting. It should be JVM parameter
> -Dmidpoint.home=/var/opt/midpoint or whatever you have. This is the
> directory, where config.xml exists, and where icf-connectors directory is
> also stored (with the custom connectors)
> 2) if you are not explicitely setting "midpoint.home" parameter, the
> default is probably Tomcat directory. If you find config.xml file, that's
> the directory.
>
> Is your Office365 connector in the icf-connectors directory of that
> directory?
>
> Unfortunately I have no experience with Office365 connector myself.
>
> Best regards,
> Ivan
>
> On 06/09/2016 03:38 PM, Dick Muller wrote:
>
> Yes, but it was not.
>
> It is now, because I created a connector manually, but the Schema part is
> unknown to me.
>
>
>
> *From: *midPoint <midpoint-bounces at lists.evolveum.com>
> <midpoint-bounces at lists.evolveum.com> on behalf of Ivan Noris
> <ivan.noris at evolveum.com> <ivan.noris at evolveum.com>
> *Organization: *Evolveum, s.r.o.
> *Reply-To: *midPoint General Discussion <midpoint at lists.evolveum.com>
> <midpoint at lists.evolveum.com>
> *Date: *Thursday, June 9, 2016 at 3:37 PM
> *To: *"midpoint at lists.evolveum.com" <midpoint at lists.evolveum.com>
> <midpoint at lists.evolveum.com> <midpoint at lists.evolveum.com>
> *Subject: *Re: [midPoint] O365 ConnectorTypeHost
>
>
>
> (The Connector XML object should be in Configuration - Repository Objects
> - Connector. Typed too fast.)
>
> On 06/09/2016 03:34 PM, Ivan Noris wrote:
>
>
>
> If all the above apply, you should see the Connector object in
> Repository/Connector. It's also the confirmation that your connector has
> been discovered when midPoint started. This information is also in idm.log
> - all discovered connector names are printed to idm.log.
>
>
>
>
>
>
>
> --
>
> Ing. Ivan Noris
>
> Senior Identity Management Engineer & IDM Architect
>
> evolveum.com evolveum.com/blog/
>
> ___________________________________________________
>
> "Semper ID(e)M Vix."
>
>
>
>
>
>
>
> _______________________________________________
>
> midPoint mailing list
>
> midPoint at lists.evolveum.com
>
> http://lists.evolveum.com/mailman/listinfo/midpoint
>
>
>
>
>
>
> --
>
> Ing. Ivan Noris
>
> Senior Identity Management Engineer & IDM Architect
>
> evolveum.com evolveum.com/blog/
>
> ___________________________________________________
>
> "Semper ID(e)M Vix."
>
>
>
>
>
>
> _______________________________________________
>
> midPoint mailing list
>
> midPoint at lists.evolveum.com
>
> http://lists.evolveum.com/mailman/listinfo/midpoint
>
>
>
>
>
> --
>
> Ing. Ivan Noris
>
> Senior Identity Management Engineer & IDM Architect
>
> evolveum.com evolveum.com/blog/
>
> ___________________________________________________
>
> "Semper ID(e)M Vix."
>
>
>
>
>
> _______________________________________________
>
> midPoint mailing list
>
> midPoint at lists.evolveum.com
>
> http://lists.evolveum.com/mailman/listinfo/midpoint
>
>
>
>
> --
>
> Ing. Ivan Noris
>
> Senior Identity Management Engineer & IDM Architect
>
> evolveum.com evolveum.com/blog/
>
> ___________________________________________________
>
> "Semper ID(e)M Vix."
>
>
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> http://lists.evolveum.com/mailman/listinfo/midpoint
>
>
>
>
>
>
> CONFIDENTIALITY NOTICE:
> This e-mail together with any attachments is proprietary and confidential;
> intended for only the recipient(s) named above and may contain information
> that is privileged. You should not retain, copy or use this e-mail or any
> attachments for any purpose, or disclose all or any part of the contents to
> any person. Any views or opinions expressed in this e-mail are those of the
> author and do not represent those of the Baptist School of Health
> Professions. If you have received this e-mail in error, or are not the
> named recipient(s), you are hereby notified that any review, dissemination,
> distribution or copying of this communication is prohibited by the sender
> and to do so might constitute a violation of the Electronic Communications
> Privacy Act, 18 U.S.C. section 2510-2521. Please immediately notify the
> sender and delete this e-mail and any attachments from your computer.
>
>
>
>
> _______________________________________________
>
> midPoint mailing list
>
> midPoint at lists.evolveum.com
>
> http://lists.evolveum.com/mailman/listinfo/midpoint
>
>
>
> --
>
> Ing. Ivan Noris
>
> Senior Identity Management Engineer & IDM Architect
>
> evolveum.com evolveum.com/blog/
>
> ___________________________________________________
>
> "Semper ID(e)M Vix."
>
>
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> http://lists.evolveum.com/mailman/listinfo/midpoint
>
>
--
CONFIDENTIALITY NOTICE:
This e-mail together with any attachments is proprietary and confidential;
intended for only the recipient(s) named above and may contain information
that is privileged. You should not retain, copy or use this e-mail or any
attachments for any purpose, or disclose all or any part of the contents to
any person. Any views or opinions expressed in this e-mail are those of the
author and do not represent those of the Baptist School of Health
Professions. If you have received this e-mail in error, or are not the
named recipient(s), you are hereby notified that any review, dissemination,
distribution or copying of this communication is prohibited by the sender
and to do so might constitute a violation of the Electronic Communications
Privacy Act, 18 U.S.C. section 2510-2521. Please immediately notify the
sender and delete this e-mail and any attachments from your computer.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20160613/6148f542/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 48876 bytes
Desc: not available
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20160613/6148f542/attachment.png>
More information about the midPoint
mailing list