[midPoint] Nested Organization Structure with LDAP Integration
Radovan Semancik
radovan.semancik at evolveum.com
Mon Jul 10 10:43:17 CEST 2017
Hi,
I have only skimmed through the requirements. But at a first sight these
scenarios seems to be supported in midPoint. However, the configuration
may not be entirely trivial. It is well beyond the "community support"
that Evolveum provides on this mailing list. I would suggest to get
midPoint subscription, purchase professional services, get a training or
sponsor the works to finish midPoint book.
--
Radovan Semancik
Software Architect
evolveum.com
On 07/09/2017 12:51 PM, Mikko Pekkarinen wrote:
> Hi Dilek,
>
> next month I'll be facing exactly the same problem that you have. My
> plan goes something like this:
>
> - define an extension field "ldapDn" in midPoint orgs
> - populate the field in object template:
> if (parent is null or parent's extension/ldapDn is null):
> return null
> else:
> return name + ',' + (parent's extension/ldapDn)
> - when extension/ldapDn is set (and not null) in an org: somehow
> trigger the update in all direct child organisations as well.
> I haven't thought out the details yet.
> - in (meta) role assignment: use a condition that requires that
> extension/ldapDn is not null.
> - In resource config: read the dn of the LDAP OU that's created from
> the extension field.
>
> I think the above should work, and guarantee that the OU trees are
> created in LDAP "top down", regargless the order in which the
> organizations get created in midPoint.
>
>
> Mikko
>
>
>
> On Thu, 15 Jun 2017 15:23:23 +0300
> Dilek Gider <dilek.gider at basistek.com> wrote:
>
>> Hi Ivan,
>>
>> Thank you for your answer, we have hierarchical organization. I
>> already read and used documantetion, but am controlling again.
>> My problem is, i am importing all of organization from one database
>> view to midpoint all together, and when org-template has
>> assignmentTargetSearch for LDAP ou create issue, it gives error
>> because of I mentioned before,
>> OU=5410,OU=0230,OU=0000,DC=tirsantest,DC=local is *firstly* coming
>> before OU=0000,DC=tirsantest,DC=local for example. So, if there is
>> error in importing object record, it also can not assign parent
>> hierarchy.
>>
>> I couldn't understand this side how.
>>
>>
>>
>> On Thu, Jun 15, 2017 at 10:42 AM, Ivan Noris <Ivan.Noris at evolveum.com>
>> wrote:
>>
>>> Hi,
>>> I don't know if the ordering can be changed by the database
>>> connector; but if you have problems with LDAP objects hierarchy, I
>>> would expect the same also in midPoint, as the organizations that
>>> you create usually also have parent (which may not exist yet). Or
>>> are you using flat organization structure in midPoint...?
>>>
>>> I was resolving similar use case by having full path of each object
>>> in the data export (I was using CSV, not DB Table). So I could
>>> create the organization and its parent(s) recursively using on
>>> demand creation. When organization was created in midPoint, its
>>> parent was searched using assignmentTargetSearch. If the parent
>>> didn't exist, createOnDemand would create it. And so on. If each
>>> organization has metarole assigned by object template, it would
>>> also cause creation of group/ou/whatever in LDAP. And as this all
>>> is recursion, the ordering will be correct - from the top of the
>>> tree to the leafs.
>>>
>>> See https://wiki.evolveum.com/display/midPoint/OrgSync+Story+Test.
>>>
>>> Sorting the rows in the Database Table would be fine, but I don't
>>> know if the connector supports it. You can also create your custom
>>> connector (or use ScriptedSQL) if you can programatically sort the
>>> rows when searching...
>>>
>>> Regards,
>>> Ivan
>>>
>>> ------------------------------
>>>
>>> *From: *"Dilek Gider" <dilek.gider at basistek.com>
>>> *To: *"midPoint General Discussion" <midpoint at lists.evolveum.com>
>>> *Sent: *Thursday, June 15, 2017 1:40:46 AM
>>> *Subject: *[midPoint] Nested Organization Structure with LDAP
>>> Integration
>>>
>>> Hi All,
>>>
>>> I have a resource from databasetable connector, which gets all of
>>> organizations from db to midpoint. I have resource and task for it.
>>> I can import all of organizations with parent-child hierarchy.
>>> These hierarchy must be on LDAP, too. So I have LDAP resource
>>> connector and generic, ou syncronization. I added org template to
>>> this integration as a role, like below;
>>>
>>> <mapping>
>>> <name>Link org parent</name>
>>> <strength>strong</strength>
>>> <source>
>>> <c:path>$focus/costCenter</c:path>
>>> </source>
>>> <expression>
>>> <assignmentTargetSearch>
>>> <targetType>c:OrgType</targetType>
>>> <filter>
>>> <q:equal>
>>> <q:matching>polyStringNorm</q:matching>
>>> <q:path>c:name</q:path>
>>> <expression>
>>> <c:path>$costCenter</c:path>
>>> </expression>
>>> </q:equal>
>>> </filter>
>>> </assignmentTargetSearch>
>>> </expression>
>>> <target>
>>> <c:path>assignment</c:path>
>>> </target>
>>> <condition>
>>> <script>
>>> <code>costCenter != null</code>
>>> </script>
>>> </condition>
>>> </mapping>
>>> <mapping>
>>> <name>basic org role</name>
>>> <strength>strong</strength>
>>> <expression>
>>> <assignmentTargetSearch>
>>> <targetType>c:RoleType</targetType>
>>> <oid>9c6d1dbe-1a87-11e5-b107-000000000000</oid>
>>> </assignmentTargetSearch>
>>> </expression>
>>> <target>
>>> <c:path>assignment</c:path>
>>> </target>
>>> </mapping>
>>>
>>> But in LDAP, it must be in hierarchy with ou, for example,
>>>
>>> OU=0000,DC=tirsantest,DC=local
>>> OU=0230,OU=0000,DC=tirsantest,DC=local
>>> OU=5410,OU=0230,OU=0000,DC=tirsantest,DC=local
>>>
>>> But to do this, I have to create OU=0000 first in LDAP, then I have
>>> to create OU=0230 and after that i have to create OU=5410. But i
>>> cant give any order, so organization import or sync is full error.
>>> And because of these LDAP errors, parent-child relation in midpoint
>>> can not succeeded. Without org template "basic org role",
>>> parent-child relation is succeeded.
>>>
>>> How can I put any order for getting organizations databasetable
>>> connector? I thinf if i can put order, it will be success because
>>> of hierarcy. Approximetly 500 organizations exists, with six level.
>>>
>>> If I add manually to LDAP role for organizations with right order,
>>> it is created on LDAP.
>>>
>>> Some of Errors:
>>>
>>> 7-06-15 02:23:22,418 [] [midPointScheduler_Worker-8] ERROR
>>> (com.evolveum.midpoint.model.impl.lens.ChangeExecutor): Error
>>> executing changes for (generic (ou) on resource:746ecf5e-3e8c-11e6-
>>> b2f9-3c970e44b9e2(ADTargetResource)):
>>> com.evolveum.midpoint.util.exception.SystemException:
>>> com.evolveum.midpoint.util.exception.SystemException: Got
>>> unexpected exception:
>>> org.identityconnectors.framework.common.exceptions.UnknownUidException:
>>> Error adding LDAP entry OU=�retim,OU=PDI,OU=5410,OU=
>>> 0230,OU=0000,DC=tirsantest,DC=local: noSuchObject: 0000208D:
>>> NameErr: DSID-03100238, problem 2001 (NO_OBJECT), data 0, best
>>> match of:??'OU=0000,DC=tirsantest,DC=local'?? (32)
>>> com.evolveum.midpoint.util.exception.SystemException:
>>> com.evolveum.midpoint.util.exception.SystemException:
>>> com.evolveum.midpoint.util.exception.SystemException: Got
>>> unexpected exception:
>>> org.identityconnectors.framework.common.exceptions.UnknownUidException:
>>> Error adding LDAP entry OU=�retim,OU=PDI,OU=5410,OU=
>>> 0230,OU=0000,DC=tirsantest,DC=local: noSuchObject: 0000208D:
>>> NameErr: DSID-03100238, problem 2001 (NO_OBJECT), data 0, best
>>> match of:??'OU=0000,DC=tirsantest,DC=local'?? (32) at
>>> com.evolveum.midpoint.provisioning.impl.ProvisioningServiceImpl.
>>> addObject(ProvisioningServiceImpl.java:377)
>>> [provisioning-impl-3.4.1.jar: na] at
>>> com.evolveum.midpoint.model.impl.lens.ChangeExecutor.
>>> addProvisioningObject(ChangeExecutor.java:1386)
>>> ~[model-impl-3.4.1.jar:na] at
>>> com.evolveum.midpoint.model.impl.lens.ChangeExecutor.executeAddition(ChangeExecutor.java:1134)
>>> ~[model-impl-3.4.1.jar:na] at
>>> com.evolveum.midpoint.model.impl.lens.ChangeExecutor.
>>> executeDelta(ChangeExecutor.java:797) ~[model-impl-3.4.1.jar:na] at
>>> com.evolveum.midpoint.model.impl.lens.ChangeExecutor.
>>> executeChanges(ChangeExecutor.java:315) ~[model-impl-3.4.1.jar:na]
>>> at com.evolveum.midpoint.model.impl.lens.Clockwork.
>>> processSecondary(Clockwork.java:507) [model-impl-3.4.1.jar:na] at
>>> com.evolveum.midpoint.model.impl.lens.Clockwork.click(Clockwork.java:336)
>>> [model-impl-3.4.1.jar:na] at
>>> com.evolveum.midpoint.model.impl.lens.Clockwork.run(Clockwork.java:214)
>>> [model-impl-3.4.1.jar:na] at
>>> com.evolveum.midpoint.model.impl.sync.SynchronizationServiceImpl.
>>> reactToChange(SynchronizationServiceImpl.java:766)
>>> [model-impl-3.4.1.jar:na] at
>>> com.evolveum.midpoint.model.impl.sync.SynchronizationServiceImpl.
>>> notifyChange(SynchronizationServiceImpl.java:299)
>>> [model-impl-3.4.1.jar:na] at
>>> com.evolveum.midpoint.provisioning.impl.ChangeNotificationDispatcherIm
>>> pl.notifyChange(ChangeNotificationDispatcherImpl.java:148)
>>> [provisioning-impl-3.4.1.jar:na] at
>>> com.evolveum.midpoint.model.impl.sync.SynchronizeAccountResultHandle
>>> r.handleObjectInternal(SynchronizeAccountResultHandler.java:203)
>>> [model-impl-3.4.1.jar:na] at
>>> com.evolveum.midpoint.model.impl.sync.SynchronizeAccountResultHandle
>>> r.handleObject(SynchronizeAccountResultHandler.java:128)
>>> [model-impl-3.4.1.jar:na] at
>>> com.evolveum.midpoint.model.impl.util.AbstractSearchIterativeResultH
>>> andler.processRequest(AbstractSearchIterativeResultHandler.java:327)
>>> [model-impl-3.4.1.jar:na] at
>>> com.evolveum.midpoint.model.impl.util.AbstractSearchIterativeResultH
>>> andler.handle(AbstractSearchIterativeResultHandler.java:189)
>>> [model-impl-3.4.1.jar:na] at
>>> com.evolveum.midpoint.provisioning.impl.ProvisioningServiceImpl$4.
>>> handle(ProvisioningServiceImpl.java:1184)
>>> [provisioning-impl-3.4.1.jar:na] at
>>> com.evolveum.midpoint.provisioning.impl.ShadowCache$2.handle(ShadowCache.java:857)
>>> [provisioning-impl-3.4.1.jar:na] at
>>> com.evolveum.midpoint.provisioning.impl.ResourceObjectConverter$3.
>>> handle(ResourceObjectConverter.java:1084)
>>> [provisioning-impl-3.4.1.jar:na] at
>>> com.evolveum.midpoint.provisioning.ucf.impl.ConnectorInstanceIcfImpl$2.
>>> handle(ConnectorInstanceIcfImpl.java:2335)
>>> [provisioning-impl-3.4.1.jar: na] at
>>> org.identityconnectors.framework.impl.api.
>>> SearchResultsHandlerLoggingProxy.handle(SearchResultsHandlerLoggingProxy.java:64)
>>> [connector-framework-internal-1.4.2.16.jar:na] at
>>> org.identityconnectors.framework.impl.api.StreamHandlerUtil$
>>> ObjectStreamHandlerAdapter.handle(StreamHandlerUtil.java:101)
>>> [connector-framework-internal-1.4.2.16.jar:na] at
>>> org.identityconnectors.framework.impl.api.BufferedResultsProxy.invoke(BufferedResultsProxy.java:262)
>>> [connector-framework-internal-1.4.2.16.jar:na] at
>>> org.identityconnectors.framework.impl.api.
>>> DelegatingTimeoutProxy.invoke(DelegatingTimeoutProxy.java:94)
>>> [connector-framework-internal-1.4.2.16.jar:na] at
>>> com.sun.proxy.$Proxy169.search(Unknown Source) [na:na] at
>>> sun.reflect.GeneratedMethodAccessor1178.invoke(Unknown Source)
>>> ~[na:na] at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown
>>> Source) ~[na:1.8.0_101] at java.lang.reflect.Method.invoke(Unknown
>>> Source) ~[na:1.8.0_101] at
>>> org.identityconnectors.framework.impl.api.LoggingProxy.invoke(LoggingProxy.java:83)
>>> [connector-framework-internal-1.4.2.16.jar:na] at
>>> com.sun.proxy.$Proxy169.search(Unknown Source) [na:na] at
>>> org.identityconnectors.framework.impl.api.AbstractConnectorFacade.
>>> search(AbstractConnectorFacade.java:178)
>>> [connector-framework-internal- 1.4.2.16.jar:na] at
>>> com.evolveum.midpoint.provisioning.ucf.impl.ConnectorInstanceIcfImpl.
>>> search(ConnectorInstanceIcfImpl.java:2431)
>>> [provisioning-impl-3.4.1.jar: na] at
>>> com.evolveum.midpoint.provisioning.impl.ResourceObjectConverter.
>>> searchResourceObjects(ResourceObjectConverter.java:1094)
>>> [provisioning-impl-3.4.1.jar:na] at
>>> com.evolveum.midpoint.provisioning.impl.ShadowCache.
>>> searchObjectsIterative(ShadowCache.java:864)
>>> [provisioning-impl-3.4.1.jar: na] at
>>> com.evolveum.midpoint.provisioning.impl.ShadowCache.
>>> searchObjectsIterative(ShadowCache.java:789)
>>> [provisioning-impl-3.4.1.jar: na] at
>>> com.evolveum.midpoint.provisioning.impl.ProvisioningServiceImpl.
>>> searchObjectsIterative(ProvisioningServiceImpl.java:1232)
>>> [provisioning-impl-3.4.1.jar:na] at
>>> com.evolveum.midpoint.model.impl.ModelObjectResolver.searchIterative(ModelObjectResolver.java:224)
>>> [model-impl-3.4.1.jar:na] at
>>> com.evolveum.midpoint.model.impl.util.AbstractSearchIterativeTaskHan
>>> dler.runInternal(AbstractSearchIterativeTaskHandler.java:252)
>>> [model-impl-3.4.1.jar:na] at
>>> com.evolveum.midpoint.model.impl.util.AbstractSearchIterativeTaskHan
>>> dler.run(AbstractSearchIterativeTaskHandler.java:159)
>>> [model-impl-3.4.1.jar:na] at
>>> com.evolveum.midpoint.task.quartzimpl.execution.
>>> JobExecutor.executeHandler(JobExecutor.java:473)
>>> [task-quartz-impl-3.4.1.jar:na] at
>>> com.evolveum.midpoint.task.quartzimpl.execution.
>>> JobExecutor.executeSingleTask(JobExecutor.java:294)
>>> [task-quartz-impl-3.4.1.jar:na] at
>>> com.evolveum.midpoint.task.quartzimpl.execution.JobExecutor.execute(JobExecutor.java:160)
>>> [task-quartz-impl-3.4.1.jar:na] at
>>> org.quartz.core.JobRunShell.run(JobRunShell.java:213)
>>> [quartz-2.1.3.jar:na] at
>>> org.quartz.simpl.SimpleThreadPool$WorkerThread.run(SimpleThreadPool.java:557)
>>> [quartz-2.1.3.jar:na] Caused by:
>>> com.evolveum.midpoint.util.exception.SystemException:
>>> com.evolveum.midpoint.util.exception.SystemException: Got
>>> unexpected exception:
>>> org.identityconnectors.framework.common.exceptions.UnknownUidException:
>>> Error adding LDAP entry OU=�retim,OU=PDI,OU=5410,OU=
>>> 0230,OU=0000,DC=tirsantest,DC=local: noSuchObject: 0000208D:
>>> NameErr: DSID-03100238, problem 2001 (NO_OBJECT), data 0, best
>>> match of:??'OU=0000,DC=tirsantest,DC=local'?? (32) at
>>> com.evolveum.midpoint.provisioning.consistency.impl.
>>> ErrorHandlerFactory.createErrorHandler(ErrorHandlerFactory.java:90)
>>> ~[provisioning-impl-3.4.1.jar:na] at
>>> com.evolveum.midpoint.provisioning.impl.ShadowCache.
>>> handleError(ShadowCache.java:715) [provisioning-impl-3.4.1.jar:na]
>>> at com.evolveum.midpoint.provisioning.impl.ShadowCache.
>>> addShadow(ShadowCache.java:398) [provisioning-impl-3.4.1.jar:na] at
>>> com.evolveum.midpoint.provisioning.impl.ProvisioningServiceImpl.
>>> addObject(ProvisioningServiceImpl.java:349)
>>> [provisioning-impl-3.4.1.jar: na] ... 42 common frames omitted
>>> Caused by: com.evolveum.midpoint.util.exception.SystemException:
>>> Got unexpected exception:
>>> org.identityconnectors.framework.common.exceptions.UnknownUidException:
>>> Error adding LDAP entry OU=�retim,OU=PDI,OU=5410,OU=
>>> 0230,OU=0000,DC=tirsantest,DC=local: noSuchObject: 0000208D:
>>> NameErr: DSID-03100238, problem 2001 (NO_OBJECT), data 0, best
>>> match of:??'OU=0000,DC=tirsantest,DC=local'?? (32) at
>>> com.evolveum.midpoint.provisioning.ucf.impl.ConnectorInstanceIcfImpl.
>>> addObject(ConnectorInstanceIcfImpl.java:1514)
>>> [provisioning-impl-3.4.1.jar:na] at
>>> com.evolveum.midpoint.provisioning.impl.ResourceObjectConverter.
>>> addResourceObject(ResourceObjectConverter.java:270)
>>> [provisioning-impl-3.4.1.jar:na] at
>>> com.evolveum.midpoint.provisioning.impl.ShadowCache.
>>> addShadow(ShadowCache.java:395)
>>> [provisioning-impl-3.4.1.jar:na] ... 43 common frames omitted
>>> Caused by:
>>> org.identityconnectors.framework.common.exceptions.UnknownUidException:
>>> Error adding LDAP entry OU=�retim,OU=PDI,OU=5410,OU=
>>> 0230,OU=0000,DC=tirsantest,DC=local: noSuchObject: 0000208D:
>>> NameErr: DSID-03100238, problem 2001 (NO_OBJECT), data 0, best
>>> match of:??'OU=0000,DC=tirsantest,DC=local'?? (32) at
>>> com.evolveum.polygon.connector.ldap.LdapUtil.
>>> processLdapResult(LdapUtil.java:454)
>>> ~[connector-ldap-1.4.2.18.jar:na] at
>>> com.evolveum.polygon.connector.ldap.AbstractLdapConnector.
>>> processCreateResult(AbstractLdapConnector.java:762)
>>> ~[connector-ldap-1.4.2.18.jar:na] at
>>> com.evolveum.polygon.connector.ldap.AbstractLdapConnector.create( AbstractLdapConnector.java:723)
>>> ~[connector-ldap-1.4.2.18.jar:na] at
>>> org.identityconnectors.framework.impl.api.local.
>>> operations.CreateImpl.create(CreateImpl.java:107)
>>> ~[connector-framework- internal-1.4.2.16.jar:na] at
>>> sun.reflect.GeneratedMethodAccessor1239.invoke(Unknown Source)
>>> ~[na:na] at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown
>>> Source) ~[na:1.8.0_101] at java.lang.reflect.Method.invoke(Unknown
>>> Source) ~[na:1.8.0_101] at
>>> org.identityconnectors.framework.impl.api.local.operations.
>>> ConnectorAPIOperationRunnerProxy.invoke(ConnectorAPIOperationRunnerProxy.java:98)
>>> ~[connector-framework-internal-1.4.2.16.jar:na] at
>>> com.sun.proxy.$Proxy178.create(Unknown Source) ~[na:na] at
>>> sun.reflect.GeneratedMethodAccessor1239.invoke(Unknown Source)
>>> ~[na:na] at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown
>>> Source) ~[na:1.8.0_101] at java.lang.reflect.Method.invoke(Unknown
>>> Source) ~[na:1.8.0_101] at
>>> org.identityconnectors.framework.impl.api.local.operations.
>>> ThreadClassLoaderManagerProxy.invoke(ThreadClassLoaderManagerProxy.java:96)
>>> ~[connector-framework-internal-1.4.2.16.jar:na] at
>>> com.sun.proxy.$Proxy178.create(Unknown Source) ~[na:na] at
>>> sun.reflect.GeneratedMethodAccessor1239.invoke(Unknown Source)
>>> ~[na:na] at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown
>>> Source) ~[na:1.8.0_101] at java.lang.reflect.Method.invoke(Unknown
>>> Source) ~[na:1.8.0_101] at
>>> org.identityconnectors.framework.impl.api.
>>> DelegatingTimeoutProxy.invoke(DelegatingTimeoutProxy.java:99)
>>> [connector-framework-internal-1.4.2.16.jar:na] at
>>> com.sun.proxy.$Proxy178.create(Unknown Source) ~[na:na] at
>>> sun.reflect.GeneratedMethodAccessor1239.invoke(Unknown Source)
>>> ~[na:na] at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown
>>> Source) ~[na:1.8.0_101] at java.lang.reflect.Method.invoke(Unknown
>>> Source) ~[na:1.8.0_101] at
>>> org.identityconnectors.framework.impl.api.LoggingProxy.invoke(LoggingProxy.java:83)
>>> [connector-framework-internal-1.4.2.16.jar:na] at
>>> com.sun.proxy.$Proxy178.create(Unknown Source) ~[na:na] at
>>> org.identityconnectors.framework.impl.api.AbstractConnectorFacade.
>>> create(AbstractConnectorFacade.java:156)
>>> [connector-framework-internal- 1.4.2.16.jar:na] at
>>> com.evolveum.midpoint.provisioning.ucf.impl.ConnectorInstanceIcfImpl.
>>> addObject(ConnectorInstanceIcfImpl.java:1487)
>>> [provisioning-impl-3.4.1.jar:na] ... 45 common frames omitted
>>> 2017-06-15 02:23:22,443 [] [midPointScheduler_Worker-8] WARN
>>> (com.evolveum.midpoint.report.impl.ReportManagerImpl): Probably
>>> invalid projection context: both old and new objects are null
>>> 2017-06-15 02:23:22,444 [] [midPointScheduler_Worker-8] ERROR
>>> (com.evolveum.midpoint.model.impl.util.AbstractSearchIterativeResultHandler):
>>> Import of object
>>> shadow:2ef7cb4e-3259-4810-bbad-5e3126ead57e(0000.0230.5410.PDI.�retim)
>>> from resource:d7c8e3a5-3031-4c7d-a1fc-dc2583b85eee(Tirsan
>>> Organizational Structure) failed:
>>> com.evolveum.midpoint.util.exception.SystemException:
>>> com.evolveum.midpoint.util.exception.SystemException: Got
>>> unexpected exception:
>>> org.identityconnectors.framework.common.exceptions.UnknownUidException:
>>> Error adding LDAP entry OU=�retim,OU=PDI,OU=5410,OU=
>>> 0230,OU=0000,DC=tirsantest,DC=local: noSuchObject: 0000208D:
>>> NameErr: DSID-03100238, problem 2001 (NO_OBJECT), data 0, best
>>> match of:??'OU=0000,DC=tirsantest,DC=local'?? (32):
>>> com.evolveum.midpoint.util.exception.SystemException:
>>> com.evolveum.midpoint.util.exception.SystemException: Got
>>> unexpected exception:
>>> org.identityconnectors.framework.common.exceptions.UnknownUidException:
>>> Error adding LDAP entry OU=�retim,OU=PDI,OU=5410,OU=
>>> 0230,OU=0000,DC=tirsantest,DC=local: noSuchObject: 0000208D:
>>> NameErr: DSID-03100238, problem 2001 (NO_OBJECT), data 0, best
>>> match of:??'OU=0000,DC=tirsantest,DC=local'?? (32):
>>> com.evolveum.midpoint.util.exception.SystemException:
>>> com.evolveum.midpoint.util.exception.SystemException: Got
>>> unexpected exception:
>>> org.identityconnectors.framework.common.exceptions.UnknownUidException:
>>> Error adding LDAP entry OU=�retim,OU=PDI,OU=5410,OU=
>>> 0230,OU=0000,DC=tirsantest,DC=local: noSuchObject: 0000208D:
>>> NameErr: DSID-03100238, problem 2001 (NO_OBJECT), data 0, best
>>> match of:??'OU=0000,DC=tirsantest,DC=local'?? (32):
>>> com.evolveum.midpoint.util.exception.SystemException:
>>> com.evolveum.midpoint.util.exception.SystemException: Got
>>> unexpected exception:
>>> org.identityconnectors.framework.common.exceptions.UnknownUidException:
>>> Error adding LDAP entry OU=�retim,OU=PDI,OU=5410,OU=
>>> 0230,OU=0000,DC=tirsantest,DC=local: noSuchObject: 0000208D:
>>> NameErr: DSID-03100238, problem 2001 (NO_OBJECT), data 0, best
>>> match of:??'OU=0000,DC=tirsantest,DC=local'?? (32) 2017-06-15
>>> 02:23:22,444 [] [midPointScheduler_Worker-8] INFO
>>> (com.evolveum.midpoint.model.impl.util.AbstractSearchIterativeResultHandler):
>>> Import object
>>> shadow:2ef7cb4e-3259-4810-bbad-5e3126ead57e(0000.0230.5410.PDI.�retim)
>>> from resource:d7c8e3a5-3031-4c7d-a1fc-dc2583b85eee(Tirsan
>>> Organizational Structure) done with status PARTIAL_ERROR (this one:
>>> 191 ms, avg: 74 ms) (total progress: 457, wall clock avg: 114 ms)
>>> 2017-06-15 02:23:22,513 [] [midPointScheduler_Worker-8] WARN
>>> (com.evolveum.midpoint.model.impl.sync.SynchronizationServiceImpl):
>>> Couldn't create action with uri 'http://midpoint.evolveum.com/
>>> xml/ns/public/model/action-3#modifyFocus' in resource
>>> resource:d7c8e3a5-3031-4c7d-a1fc-dc2583b85eee(Tirsan Organizational
>>> Structure), skipping action. 2017-06-15 02:23:22,535 []
>>> [midPointScheduler_Worker-8] ERROR
>>> (com.evolveum.midpoint.model.impl.sync.SynchronizationServiceImpl):
>>> SYNCHRONIZATION: Error in synchronization on
>>> resource:d7c8e3a5-3031-4c7d-a1fc-dc2583b85eee(Tirsan Organizational
>>> Structure) for situation LINKED: SchemaException: No association
>>> {http://midpoint.evolveum.com/xml/ns/public/resource/
>>> instance-3}organizationalUnit in object class Organizational Unit
>>> in construction in role:9c6d1dbe-1a87-11e5-b107-000000000000(LDAP
>>> Organization Metarole). Change was ResourceObjectShadowChangeDesc
>>> ription(objectDelta=ObjectDelta(ShadowType:7e025f66-2cee-42c7-ab05-7329ed327d0d,ADD:
>>> shadow:7e025f66-2cee-42c7-ab05-7329ed327d0d(0000.0230.5410.�retim
>>> ve Servis)),
>>> currentShadow=shadow:7e025f66-2cee-42c7-ab05-7329ed327d0d(0000.0230.5410.�retim
>>> ve Servis), oldShadow=null, sourceChannel=http://midpoint.
>>> evolveum.com/xml/ns/public/provisioning/channels-3#import,
>>> resource=resource:d7c8e3a5-3031-4c7d-a1fc-dc2583b85eee(Tirsan
>>> Organizational Structure))
>>> com.evolveum.midpoint.util.exception.SchemaException: No
>>> association { http://midpoint.evolveum.com/xml/ns/public/resource/
>>> instance-3}organizationalUnit in object class Organizational Unit
>>> in construction in role:9c6d1dbe-1a87-11e5-b107-000000000000(LDAP
>>> Organization Metarole) at
>>> com.evolveum.midpoint.model.impl.lens.Construction.evaluateAssociation(Construction.java:637)
>>> ~[model-impl-3.4.1.jar:na] at
>>> com.evolveum.midpoint.model.impl.lens.Construction.
>>> evaluateAssociations(Construction.java:606)
>>> ~[model-impl-3.4.1.jar:na] at
>>> com.evolveum.midpoint.model.impl.lens.Construction.
>>> evaluate(Construction.java:441) ~[model-impl-3.4.1.jar:na] at
>>> com.evolveum.midpoint.model.impl.lens.EvaluatedAssignmentImpl.
>>> evaluateConstructions(EvaluatedAssignmentImpl.java:245)
>>> ~[model-impl-3.4.1.jar:na] at
>>> com.evolveum.midpoint.model.impl.lens.projector.AssignmentProcessor.
>>> evaluateConstructions(AssignmentProcessor.java:898)
>>> ~[model-impl-3.4.1.jar:na] at
>>> com.evolveum.midpoint.model.impl.lens.projector.AssignmentProcessor.
>>> evaluateConstructions(AssignmentProcessor.java:880)
>>> ~[model-impl-3.4.1.jar:na] at
>>> com.evolveum.midpoint.model.impl.lens.projector.AssignmentProcessor.
>>> processAssignmentsProjectionsWithFocus(AssignmentProcessor.java:565)
>>> ~[model-impl-3.4.1.jar:na] at
>>> com.evolveum.midpoint.model.impl.lens.projector.AssignmentProcessor.
>>> processAssignmentsProjections(AssignmentProcessor.java:194)
>>> ~[model-impl-3.4.1.jar:na] at
>>> com.evolveum.midpoint.model.impl.lens.projector.FocusProcessor.
>>> processFocusFocus(FocusProcessor.java:233)
>>> ~[model-impl-3.4.1.jar:na] at
>>> com.evolveum.midpoint.model.impl.lens.projector.
>>> FocusProcessor.processFocus(FocusProcessor.java:146)
>>> ~[model-impl-3.4.1.jar:na] at
>>> com.evolveum.midpoint.model.impl.lens.projector.Projector.
>>> projectInternal(Projector.java:208) ~[model-impl-3.4.1.jar:na] at
>>> com.evolveum.midpoint.model.impl.lens.projector.Projector.project(Projector.java:106)
>>> ~[model-impl-3.4.1.jar:na] at
>>> com.evolveum.midpoint.model.impl.lens.Clockwork.click(Clockwork.java:302)
>>> ~[model-impl-3.4.1.jar:na] at
>>> com.evolveum.midpoint.model.impl.lens.Clockwork.run(Clockwork.java:214)
>>> ~[model-impl-3.4.1.jar:na] at
>>> com.evolveum.midpoint.model.impl.sync.SynchronizationServiceImpl.
>>> reactToChange(SynchronizationServiceImpl.java:766)
>>> [model-impl-3.4.1.jar:na] at
>>> com.evolveum.midpoint.model.impl.sync.SynchronizationServiceImpl.
>>> notifyChange(SynchronizationServiceImpl.java:299)
>>> [model-impl-3.4.1.jar:na] at
>>> com.evolveum.midpoint.provisioning.impl.ChangeNotificationDispatcherIm
>>> pl.notifyChange(ChangeNotificationDispatcherImpl.java:148)
>>> [provisioning-impl-3.4.1.jar:na] at
>>> com.evolveum.midpoint.model.impl.sync.SynchronizeAccountResultHandle
>>> r.handleObjectInternal(SynchronizeAccountResultHandler.java:203)
>>> [model-impl-3.4.1.jar:na] at
>>> com.evolveum.midpoint.model.impl.sync.SynchronizeAccountResultHandle
>>> r.handleObject(SynchronizeAccountResultHandler.java:128)
>>> [model-impl-3.4.1.jar:na] at
>>> com.evolveum.midpoint.model.impl.util.AbstractSearchIterativeResultH
>>> andler.processRequest(AbstractSearchIterativeResultHandler.java:327)
>>> [model-impl-3.4.1.jar:na] at
>>> com.evolveum.midpoint.model.impl.util.AbstractSearchIterativeResultH
>>> andler.handle(AbstractSearchIterativeResultHandler.java:189)
>>> [model-impl-3.4.1.jar:na] at
>>> com.evolveum.midpoint.provisioning.impl.ProvisioningServiceImpl$4.
>>> handle(ProvisioningServiceImpl.java:1184)
>>> [provisioning-impl-3.4.1.jar:na] at
>>> com.evolveum.midpoint.provisioning.impl.ShadowCache$2.handle(ShadowCache.java:857)
>>> [provisioning-impl-3.4.1.jar:na] at
>>> com.evolveum.midpoint.provisioning.impl.ResourceObjectConverter$3.
>>> handle(ResourceObjectConverter.java:1084)
>>> [provisioning-impl-3.4.1.jar:na] at
>>> com.evolveum.midpoint.provisioning.ucf.impl.ConnectorInstanceIcfImpl$2.
>>> handle(ConnectorInstanceIcfImpl.java:2335)
>>> [provisioning-impl-3.4.1.jar: na] at
>>> org.identityconnectors.framework.impl.api.
>>> SearchResultsHandlerLoggingProxy.handle(SearchResultsHandlerLoggingProxy.java:64)
>>> [connector-framework-internal-1.4.2.16.jar:na] at
>>> org.identityconnectors.framework.impl.api.StreamHandlerUtil$
>>> ObjectStreamHandlerAdapter.handle(StreamHandlerUtil.java:101)
>>> [connector-framework-internal-1.4.2.16.jar:na] at
>>> org.identityconnectors.framework.impl.api.BufferedResultsProxy.invoke(BufferedResultsProxy.java:262)
>>> [connector-framework-internal-1.4.2.16.jar:na] at
>>> org.identityconnectors.framework.impl.api.
>>> DelegatingTimeoutProxy.invoke(DelegatingTimeoutProxy.java:94)
>>> [connector-framework-internal-1.4.2.16.jar:na] at
>>> com.sun.proxy.$Proxy169.search(Unknown Source) [na:na] at
>>> sun.reflect.GeneratedMethodAccessor1178.invoke(Unknown Source)
>>> ~[na:na] at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown
>>> Source) ~[na:1.8.0_101] at java.lang.reflect.Method.invoke(Unknown
>>> Source) ~[na:1.8.0_101] at
>>> org.identityconnectors.framework.impl.api.LoggingProxy.invoke(LoggingProxy.java:83)
>>> [connector-framework-internal-1.4.2.16.jar:na] at
>>> com.sun.proxy.$Proxy169.search(Unknown Source) [na:na] at
>>> org.identityconnectors.framework.impl.api.AbstractConnectorFacade.
>>> search(AbstractConnectorFacade.java:178)
>>> [connector-framework-internal- 1.4.2.16.jar:na] at
>>> com.evolveum.midpoint.provisioning.ucf.impl.ConnectorInstanceIcfImpl.
>>> search(ConnectorInstanceIcfImpl.java:2431)
>>> [provisioning-impl-3.4.1.jar: na] at
>>> com.evolveum.midpoint.provisioning.impl.ResourceObjectConverter.
>>> searchResourceObjects(ResourceObjectConverter.java:1094)
>>> [provisioning-impl-3.4.1.jar:na] at
>>> com.evolveum.midpoint.provisioning.impl.ShadowCache.
>>> searchObjectsIterative(ShadowCache.java:864)
>>> [provisioning-impl-3.4.1.jar: na] at
>>> com.evolveum.midpoint.provisioning.impl.ShadowCache.
>>> searchObjectsIterative(ShadowCache.java:789)
>>> [provisioning-impl-3.4.1.jar: na] at
>>> com.evolveum.midpoint.provisioning.impl.ProvisioningServiceImpl.
>>> searchObjectsIterative(ProvisioningServiceImpl.java:1232)
>>> [provisioning-impl-3.4.1.jar:na] at
>>> com.evolveum.midpoint.model.impl.ModelObjectResolver.searchIterative(ModelObjectResolver.java:224)
>>> [model-impl-3.4.1.jar:na] at
>>> com.evolveum.midpoint.model.impl.util.AbstractSearchIterativeTaskHan
>>> dler.runInternal(AbstractSearchIterativeTaskHandler.java:252)
>>> [model-impl-3.4.1.jar:na] at
>>> com.evolveum.midpoint.model.impl.util.AbstractSearchIterativeTaskHan
>>> dler.run(AbstractSearchIterativeTaskHandler.java:159)
>>> [model-impl-3.4.1.jar:na] at
>>> com.evolveum.midpoint.task.quartzimpl.execution.
>>> JobExecutor.executeHandler(JobExecutor.java:473)
>>> [task-quartz-impl-3.4.1.jar:na] at
>>> com.evolveum.midpoint.task.quartzimpl.execution.
>>> JobExecutor.executeSingleTask(JobExecutor.java:294)
>>> [task-quartz-impl-3.4.1.jar:na] at
>>> com.evolveum.midpoint.task.quartzimpl.execution.JobExecutor.execute(JobExecutor.java:160)
>>> [task-quartz-impl-3.4.1.jar:na] at
>>> org.quartz.core.JobRunShell.run(JobRunShell.java:213)
>>> [quartz-2.1.3.jar:na] at
>>> org.quartz.simpl.SimpleThreadPool$WorkerThread.run(SimpleThreadPool.java:557)
>>> [quartz-2.1.3.jar:na] 2017-06-15 02:23:22,535 []
>>> [midPointScheduler_Worker-8] ERROR
>>> (com.evolveum.midpoint.model.impl.util.AbstractSearchIterativeResultHandler):
>>> Import of object
>>> shadow:7e025f66-2cee-42c7-ab05-7329ed327d0d(0000.0230.5410.�retim
>>> ve Servis) from
>>> resource:d7c8e3a5-3031-4c7d-a1fc-dc2583b85eee(Tirsan Organizational
>>> Structure) failed: No association
>>> { http://midpoint.evolveum.com/xml/ns/public/resource/
>>> instance-3}organizationalUnit in object class Organizational Unit
>>> in construction in role:9c6d1dbe-1a87-11e5-b107-000000000000(LDAP
>>> Organization Metarole) 2017-06-15 02:23:22,535 []
>>> [midPointScheduler_Worker-8] INFO
>>> (com.evolveum.midpoint.model.impl.util.AbstractSearchIterativeResultHandler):
>>> Import object
>>> shadow:7e025f66-2cee-42c7-ab05-7329ed327d0d(0000.0230.5410.�retim
>>> ve Servis) from
>>> resource:d7c8e3a5-3031-4c7d-a1fc-dc2583b85eee(Tirsan Organizational
>>> Structure) done with status FATAL_ERROR (this one: 46 ms, avg: 74
>>> ms) (total progress: 458, wall clock avg: 114 ms) 2017-06-15
>>> 02:23:22,618 [] [midPointScheduler_Worker-8] WARN
>>> (com.evolveum.midpoint.model.impl.sync.SynchronizationServiceImpl):
>>> Couldn't create action with uri 'http://midpoint.evolveum.com/
>>> xml/ns/public/model/action-3#modifyFocus' in resource
>>> resource:d7c8e3a5-3031-4c7d-a1fc-dc2583b85eee(Tirsan Organizational
>>> Structure), skipping action. 2017-06-15 02:23:22,725 []
>>> [midPointScheduler_Worker-8] WARN
>>> (com.evolveum.midpoint.notifications.impl.AccountOperationListener):
>>> There is no owner of account 5e229376-3556-4d5a-ac50-b7ada0470041
>>> (in repo nor in task). 2017-06-15 02:23:22,731 []
>>> [midPointScheduler_Worker-8] DEBUG
>>> (com.evolveum.polygon.connector.ldap.OperationLog): method: null
>>> msg:ldaps://idmtest.tirsantest.local/ Add REQ Entry: Entry dn:
>>> OU=�retim ve Servis,OU=�retim ve Servis,OU=5410,OU=0230,OU=
>>> 0000,DC=tirsantest,DC=local objectClass: organizationalUnit ou:
>>> �retim ve Servis description: �retim ve Servis
>>>
>>> 2017-06-15 02:23:22,732 [] [midPointScheduler_Worker-8] DEBUG
>>> (com.evolveum.polygon.connector.ldap.OperationLog): method: null
>>> msg:ldaps://idmtest.tirsantest.local/ Add RES OU=�retim ve
>>> Servis,OU=�retim ve
>>> Servis,OU=5410,OU=0230,OU=0000,DC=tirsantest,DC=local: Ldap Result
>>> Result code : (NO_SUCH_OBJECT) noSuchObject
>>> Matched Dn : 'OU=0000,DC=tirsantest,DC=local'
>>> Diagnostic message : '0000208D: NameErr: DSID-03100238,
>>> problem 2001 (NO_OBJECT), data 0, best match of:
>>> 'OU=0000,DC=tirsantest,DC=local'
>>>
>>>
>>>
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> http://lists.evolveum.com/mailman/listinfo/midpoint
More information about the midPoint
mailing list