[midPoint] Problem with HTTPS winrs powershell command

Lubomir Odlevak odlevak.lubomir at gmail.com
Fri Oct 27 14:42:21 CEST 2017 

Hi guys,

I have the problem with Powershell support in AD/LDAP Connector. My
resource and my enviroment have been set according to guide:
https://wiki.evolveum.com/pages/viewpage.action?pageId=22741970

I have tested winrs command with HTTPand it worked ok in MidPoint:
<code>winrs -r:http://10.50.5.220:5985 -u:$winrm_user -p:$winrm_password
powershell.exe -command "Import-Module ActiveDirectory, ... "</code>


But there is the problem with HTTPS.
<code>winrs -r:https://aspidm-ws2012.ibacz.cz:5986 -u:$winrm_user
-p:$winrm_password powershell.exe -command "Import-Module ActiveDirectory,
... "</code>


*I have set all prerequisites (import certificates, open port) but i have
got error:Can't process shadow: null (OID:null): Generic error in
connector:
org.identityconnectors.framework.common.exceptions.ConnectorException(Script
execution failed (status code 1): ????Winrs error:Access is denied.): Can't
process shadow: null (OID:null): Generic error in connector:
org.identityconnectors.framework.common.exceptions.ConnectorException(Script
execution failed (status code 1): ????Winrs error:Access is denied.): Can't
process shadow: null (OID:null): Generic error in connector:
org.identityconnectors.framework.common.exceptions.ConnectorException(Script
execution failed (status code 1): ????Winrs error:Access is denied.): Can't
process shadow: null (OID:null): Generic error in connector:
org.identityconnectors.framework.common.exceptions.ConnectorException(Script
execution failed (status code 1): ????Winrs error:Access is denied.)*

I was able to run it  successfully only from my powershell console on local
computer but not in MidPoint. I have noticed that you have "-ad" argument
in Midpoint powershell examples. It is required ?

My enviroment is:
Version            3.7-SNAPSHOT
Git describe      git-v3.7devel-167-gb5a6286835
Connector        com.evolveum.polygon.connector.ldap.ad.AdLdapConnector
1.4.5

I've have tried to add "-ad" but i have got error message:
<code>winrs -ad -r:https://aspidm-ws2012.ibacz.cz:5986 -u:$winrm_user
-p:$winrm_password powershell.exe -command "Import-Module ActiveDirectory,
... "</code>

*Can't process shadow: null (OID:null): Generic error in connector:
org.identityconnectors.framework.common.exceptions.ConnectorException(Script
execution failed (status code 1): ????Winrs error:The WinRM client received
an HTTP server error status (500), but the remote service did not include
any other information about the cause of the failure.): Can't process
shadow: null (OID:null): Generic error in connector:
org.identityconnectors.framework.common.exceptions.ConnectorException(Script
execution failed (status code 1): ????Winrs error:The WinRM client received
an HTTP server error status (500), but the remote service did not include
any other information about the cause of the failure.): Can't process
shadow: null (OID:null): Generic error in connector:
org.identityconnectors.framework.common.exceptions.ConnectorException(Script
execution failed (status code 1): ????Winrs error:The WinRM client received
an HTTP server error status (500), but the remote service did not include
any other information about the cause of the failure.): Can't process
shadow: null (OID:null): Generic error in connector:
org.identityconnectors.framework.common.exceptions.ConnectorException(Script
execution failed (status code 1): ????Winrs error:The WinRM client received
an HTTP server error status (500), but the remote service did not include
any other information about the cause of the failure.)*

Then I've tried to set winRmAuthenticationScheme.display = basic or
winRmAuthenticationScheme.display = credssp and I've got error message:

*Can't process shadow: null (OID:null): Generic error in connector:
javax.xml.ws.soap.SOAPFaultException(Error reading XMLStreamReader:
Unexpected EOF in prolog? at [row,col {unknown-source}]:
[1,0])->com.ctc.wstx.exc.WstxEOFException(Unexpected EOF in prolog? at
[row,col {unknown-source}]: [1,0]): Can't process shadow: null (OID:null):
Generic error in connector: javax.xml.ws.soap.SOAPFaultException(Error
reading XMLStreamReader: Unexpected EOF in prolog? at [row,col
{unknown-source}]: [1,0])->com.ctc.wstx.exc.WstxEOFException(Unexpected EOF
in prolog? at [row,col {unknown-source}]: [1,0]): Can't process shadow:
null (OID:null): Generic error in connector:
javax.xml.ws.soap.SOAPFaultException(Error reading XMLStreamReader:
Unexpected EOF in prolog? at [row,col {unknown-source}]:
[1,0])->com.ctc.wstx.exc.WstxEOFException(Unexpected EOF in prolog? at
[row,col {unknown-source}]: [1,0]): Can't process shadow: null (OID:null):
Generic error in connector: javax.xml.ws.soap.SOAPFaultException(Error
reading XMLStreamReader: Unexpected EOF in prolog? at [row,col
{unknown-source}]: [1,0])->com.ctc.wstx.exc.WstxEOFException(Unexpected EOF
in prolog? at [row,col {unknown-source}]: [1,0])*


Do you have any suggestions ?

Best Regards
Lubomir Odlevak
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20171027/d3b9c71f/attachment.htm>

More information about the midPoint mailing list