[midPoint] Assign a role fails because one of previously assigned resources is offline or non responsive

[Radovan Semancik]

Hi,

There is obviously a bug in the connector that presents network errors 
as generic errors. We cannot do much about generic errors, as we do not 
really know what's going on. Therefore just stopping the operation is 
the safest way.

You can fix the connector. The connector should throw exception that 
clearly indicates network problem.

-- 
Radovan Semancik
Software Architect
evolveum.com



On 09/05/2018 11:48 AM, Wojciech Staszewski wrote:
> Hello!
>
> I assign role "SQL RESOURCE ADMIN" to an user (userxxx). This role 
> induces an account on a SQL resource (scriptedSQL connector).
> But this user already has assigned 200 Unix accounts previously.
>
> And the task of assigning "SQL RESOURCE ADMIN" role fails, becouse one 
> of the Unix resources is not responding (turned off, vpn problems, 
> slow responding, etc):
>
> SystemException: Generic error in the connector. Can't process shadow 
> shadow:
> userxxx (OID:9729ba8d-3c70-42e6-9d6d-050849fd1640): Generic error in 
> the connector 
> ConnectorInstanceIcfImpl(connector:e7727a83-034e-4388-a55b-60778695ab97
> (ICF org.connid.bundles.unix.UnixConnector v1.1-SNAPSHOT)).
> Reason: 
> org.identityconnectors.framework.common.exceptions.ConnectorException(channel 
> is not opened.)->com.jcraft.jsch.JSchException(channel is not opened.)
>
>
> The effect is that the userxxx never gets his SQL account because 
> there are always some Unix resources unavailable.
> And the question is: what can I do about this? Is there any way to 
> configure midPoint to continue assigning task in such case or just 
> ignore these errors?
>
> Thanks
> Wojciech Staszewski
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> http://lists.evolveum.com/mailman/listinfo/midpoint