[midPoint] How to set AD password from Midpoint?
Oleksandr Nekriach
o.nekriach at dynatech.lv
Tue Jan 2 08:16:35 CET 2018
Happy new year!
Hi Alcides,
Do you use secure communication for AD connection (ldaps) or not?
Some AD settings does not allow to manage password via open communications.
I had similar issue few years ago with Oracle connector ;)
Regards, Oleksandr
On 28 December 2017 at 21:30, Alcides Carlos de Moraes Neto
<alcides.neto at gmail.com> wrote:
> Hello list,
>
> I'm trying to create AD users from Midpoint. I'm getting the 53
> WILL_NOT_PERFORM error, which it seems to be related to the password policy.
> The AD I'm using does have a password policy.
>
> So I'm trying to set some literal, strong password as a placeholder, but I
> don't think my mapping is working. How should I configure it? I cannot find
> any examples. Below are the error I get and the password outbound mapping.
>
> com.evolveum.midpoint.util.exception.SystemException: Got unexpected
> exception:
> org.identityconnectors.framework.common.exceptions.PermissionDeniedException:
> Error adding LDAP entry CN=JOHN DOE,OU=Users,DC=midpoint,DC=local:
> unwillingToPerform: 0000052D: SvcErr: DSID-031A12D2, problem 5003
> (WILL_NOT_PERFORM), data 0?? (53)
>
> <attribute>
> <c:ref>ri:userPassword</c:ref>
> <tolerant>true</tolerant>
> <exclusiveStrong>false</exclusiveStrong>
> <fetchStrategy>explicit</fetchStrategy>
> <outbound>
> <authoritative>true</authoritative>
> <exclusive>false</exclusive>
> <strength>normal</strength>
> <expression>
> <value>Midpoint2018*</value>
> </expression>
> </outbound>
> </attribute>
>
>
> Thanks and happy new year to all =)
>
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> http://lists.evolveum.com/mailman/listinfo/midpoint
>
--
Best regards,
Oleksandr Nekriach | Identity and access management engineer
Dynatech, Mednieku str. 4a, Riga, LV-1010, Latvia
+37125314685
,
o.nekriach at dynatech.lv
|
www.dynatech.lv
Stay connected:
Confidentiality Notice: This message contains confidential information
and is intended only for the named recipient(s). If you are not the
addressee you may not copy, distribute or perform any other activities
with this information. If you have received this transmission in
error, please notify us by e-mail immediately. E-mail transmission
cannot be guaranteed to be secure or error-free as information could
be intercepted, corrupted, lost, destroyed, arrive late or incomplete,
or contain viruses.
More information about the midPoint
mailing list