[midPoint] LDAP connector 1.4.3 was not found
Ivan Noris
ivan.noris at evolveum.com
Wed Jun 29 15:55:01 CEST 2016
Hmm,
good point, Michael! I can see such mapping also in our samples. But I
remember that years ago I must have removed ri:cn attribute mapping for
old AD connector because the attribute caused troubles.
Dick, can you please remove/comment the attribute configuration for
ri:cn and try again?
Thank you.
Ivan
On 06/29/2016 03:35 PM, Gruber, Michael wrote:
>
> Hi,
>
>
>
> Maybe it is caused by cn. Log shows
>
> cn=LDAP Test
>
> but in cn part of dn ther is a dot cn=ldap.test
>
>
>
> {Name=__NAME__, Value=[cn=ldap.test,ou=Employees
> DC,ou=Tahzoo,dc=na1,dc=tahzooint,dc=com
>
> {Name=cn, Value=[LDAP Test]}
>
>
>
>
>
> It should not be necessary to add cn explicitly since it is already in dn.
>
>
>
>
>
> Regards, michael
>
>
>
>
>
>
>
>
>
>
>
> *Von:*midPoint [mailto:midpoint-bounces at lists.evolveum.com] *Im
> Auftrag von *Ivan Noris
> *Gesendet:* Mittwoch, 29. Juni 2016 15:25
> *An:* midpoint at lists.evolveum.com
> *Betreff:* Re: [midPoint] LDAP connector 1.4.3 was not found
>
>
>
> Hi Dick,
>
> please add trace logging for com.evolveum.polygon.connector.ldap
>
> Troubleshooting AD is not always easy, you can see how cryptic the
> error messages returned from AD are.
> What value are you setting to objectCategory? I see that sample with
>
> <attribute>
> <ref>ri:objectCategory</ref>
> <!-- This is defined as mandatory in
> top object class.
> But it is not really mandatory.
> Well done Microsoft. -->
> <limitations>
> <minOccurs>0</minOccurs>
> </limitations>
> <outbound>
> <expression>
>
> <value>CN=Person,CN=Schema,CN=Configuration,DC=win,DC=evolveum,DC=com</value>
> </expression>
> </outbound>
> </attribute>
>
> (of course the suffix is different in your domain...)
>
> Ivan
>
> On 06/29/2016 01:57 PM, Dick Muller wrote:
>
> Ivan,
>
>
>
> I used a sample LDAP resource file and seems that the attribute
> (that I do not need btw) with the name objectCategory was giving
> problems.
>
> Now I have anoter error, stating that the object can’t be created
> because of an invalied attribute.
>
>
>
> The error log is in the attachments of this mail.
>
>
>
> I hope you can think of something, because we are talking about
> pretty standard attributes I think.
>
>
>
> Thanks,
>
> Dick
>
>
>
> *From: *midPoint <midpoint-bounces at lists.evolveum.com>
> <mailto:midpoint-bounces at lists.evolveum.com> on behalf of Dick
> Muller <dick.muller at tahzoo.com> <mailto:dick.muller at tahzoo.com>
> *Reply-To: *midPoint General Discussion
> <midpoint at lists.evolveum.com> <mailto:midpoint at lists.evolveum.com>
> *Date: *Wednesday 29 June 2016 at 13:25
> *To: *midPoint General Discussion <midpoint at lists.evolveum.com>
> <mailto:midpoint at lists.evolveum.com>
> *Subject: *Re: [midPoint] LDAP connector 1.4.3 was not found
>
>
>
> HI Ivan,
>
>
>
> The logfile tells that there is a constraint error because the
> object already exists.
>
> But that is absolutely not true. I’ve looked in the AD domain and
> forest for the same account, but it doesn’t exist.
>
>
>
> I’ve included the log in the mail.
>
>
>
> Thanks,
>
> Dick
>
>
>
> *From: *midPoint <midpoint-bounces at lists.evolveum.com>
> <mailto:midpoint-bounces at lists.evolveum.com> on behalf of Ivan
> Noris <ivan.noris at evolveum.com> <mailto:ivan.noris at evolveum.com>
> *Organization: *Evolveum, s.r.o.
> *Reply-To: *midPoint General Discussion
> <midpoint at lists.evolveum.com> <mailto:midpoint at lists.evolveum.com>
> *Date: *Wednesday 29 June 2016 at 09:19
> *To: *"midpoint at lists.evolveum.com"
> <mailto:midpoint at lists.evolveum.com> <midpoint at lists.evolveum.com>
> <mailto:midpoint at lists.evolveum.com>
> *Subject: *Re: [midPoint] LDAP connector 1.4.3 was not found
>
>
>
> Hi Dick,
>
> I don't see anything obvious yet.
> Please try to get:
> 1) stack trace from midpoint idm.log when this operation fails
> 2) the (red) result can be clicked and whole tree of operations
> will be displayed. Somewhere will be ICF Create or ICF Update
> operation logged, including the parameters from provisioning. This
> would help to see what was sent to the connector.
>
> Also tracing org.identityconnectors.framework.api during this
> operation would help too. (idm.log will contain the information)
>
> The cn=ldap.test,... account is the one you are trying to create,
> right? Does "ou=Employees DC" exist in OU=Tahzoo?
>
> Ivan
>
> On 06/29/2016 07:36 AM, Dick Muller wrote:
>
> Hi Ivan,
>
>
>
> I get an error when I add a projection to the user with an
> LDAPS connection.
>
> (See the attachment)
>
> I’ve checked the synchronization mappings and synchronization
> tab. I’ve got the reconcile checked and kind and intent
> correctly configured.
>
>
>
> Thanks,
>
>
>
> Dick
>
>
>
> *From: *midPoint <midpoint-bounces at lists.evolveum.com>
> <mailto:midpoint-bounces at lists.evolveum.com> on behalf of Ivan
> Noris <ivan.noris at evolveum.com> <mailto:ivan.noris at evolveum.com>
> *Organization: *Evolveum, s.r.o.
> *Reply-To: *midPoint General Discussion
> <midpoint at lists.evolveum.com> <mailto:midpoint at lists.evolveum.com>
> *Date: *Tuesday 28 June 2016 at 15:17
> *To: *"midpoint at lists.evolveum.com"
> <mailto:midpoint at lists.evolveum.com>
> <midpoint at lists.evolveum.com> <mailto:midpoint at lists.evolveum.com>
> *Subject: *Re: [midPoint] LDAP connector 1.4.3 was not found
>
>
>
> Hi Dick,
>
> AFAIK with midPoint 3.4 you should see LDAP connectors version
> 1.4.2.17 (including AdLdap).
>
> The 1.4.3.0-SNAPSHOT was used during 3.4 development and that
> connector version was tagged as 1.4.2.17, so that should be
> the version you want to use.
>
> What sync problems with 1.4.2.x are you referring to?
>
> The error message means that there is no connector (JAR)
> referenced by Connector repository object (1.4.3.0-SNAPSHOT).
>
> You need to update all resources referencing to the
> 1.4.3.0-SNAPSHOT connectors to refer to 1.4.2.17. (By changing
> the oid in connectorRef in the resources, as we were
> discussing during the training.
>
> Best regards,
> Ivan
>
> On 06/28/2016 03:05 PM, Dick Muller wrote:
>
> Hi,
>
> I upgraded to the latest 3.4 version and wanted to install
> ADLDAP connectors.
>
> I can select 1.4.2 or 1.4.3.0-SNAPSHOT. The 1.4.2 version
> gives problems during syncing. I think this is already
> described in JIRA.
>
> I want to use the latest version 1.4.3.0-snapshot but get
> an error during TEST of the resource.
>
>
>
> I’ve included the Error message as attachment.
>
>
>
> Hope somebody can help me with this.
>
>
>
> Regards,
>
>
>
> ------------------------------------------------------------------------
>
> *Dick Muller*
>
> Senior Systems Engineer
>
> Delftechpark 37i
> 2628 XJ Delft*
> d*: +31 88 2682586
> *m:* +31 6 46477690
>
> <http://www.tahzoo.com/>
>
>
>
>
>
>
>
>
>
>
> _______________________________________________
>
> midPoint mailing list
>
> midPoint at lists.evolveum.com
> <mailto:midPoint at lists.evolveum.com>
>
> http://lists.evolveum.com/mailman/listinfo/midpoint
>
>
>
>
>
>
>
> --
>
> Ing. Ivan Noris
>
> Senior Identity Management Engineer & IDM Architect
>
> evolveum.com evolveum.com/blog/
>
> ___________________________________________________
>
> "Semper ID(e)M Vix."
>
>
>
>
>
>
> _______________________________________________
>
> midPoint mailing list
>
> midPoint at lists.evolveum.com <mailto:midPoint at lists.evolveum.com>
>
> http://lists.evolveum.com/mailman/listinfo/midpoint
>
>
>
>
>
> --
>
> Ing. Ivan Noris
>
> Senior Identity Management Engineer & IDM Architect
>
> evolveum.com evolveum.com/blog/
>
> ___________________________________________________
>
> "Semper ID(e)M Vix."
>
>
>
>
> _______________________________________________
>
> midPoint mailing list
>
> midPoint at lists.evolveum.com <mailto:midPoint at lists.evolveum.com>
>
> http://lists.evolveum.com/mailman/listinfo/midpoint
>
>
>
> --
> Ing. Ivan Noris
> Senior Identity Management Engineer & IDM Architect
> evolveum.com evolveum.com/blog/
> ___________________________________________________
> "Semper ID(e)M Vix."
> WWK Lebensversicherung a. G., Vorstand: Jürgen Schrameier (V.), Rainer
> Gebhart (stv. V.), Dirk Fassott; Vorsitzender des Aufsichtsrats: Dr.
> Frank Schindelhauer, Sitz München, Registergericht München HR B 211;
> WWK Allgemeine Versicherung AG, Vorstand: Jürgen Schrameier (V.),
> Rainer Gebhart (stv. V.), Dirk Fassott; Vorsitzender des
> Aufsichtsrats: Werner Quante, Sitz München, Registergericht München HR
> B 5553; WWK Vermögensverwaltungs und Dienstleistungs GmbH,
> Geschäftsführer: Karl Ruffing, Stefan Sedlmeir, Sitz München,
> Registergericht München HR B 76323; WWK Pensionsfonds AG, Vorstand:
> Ansgar Eckert, Karl Ruffing, Heinrich Schüppert; Vorsitzender des
> Aufsichtsrats: Dirk Fassott, Sitz München, Registergericht München HR
> B 146295; Hausanschrift: Marsstraße 37, 80335 München; WWK Investment
> S.A., Verwaltungsrat: Karl Ruffing (V.), Ansgar Eckert, Stefan
> Schneider (Hauck & Aufhäuser), Handelsregister: R.C. Luxembourg Nr. B
> 81 270, Sitz der Gesellschaft: 1c, rue Gabriel Lippmann, L-5365 Munsbach
>
>
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> http://lists.evolveum.com/mailman/listinfo/midpoint
--
Ing. Ivan Noris
Senior Identity Management Engineer & IDM Architect
evolveum.com evolveum.com/blog/
___________________________________________________
"Semper ID(e)M Vix."
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20160629/e70a78d5/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/png
Size: 7593 bytes
Desc: not available
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20160629/e70a78d5/attachment.png>
More information about the midPoint
mailing list