[midPoint] Adding user to AD group with 2K members
Dmitriy Berezkin
berezkin.dmitriy at gmail.com
Tue Jun 6 13:36:58 CEST 2023
Hi all,
I have issue with ldap ad connector (v3.4).
I’m adding user to group with 2K+ members. After provisioning this group has just 1501 members and 1501-st is my user.
I’m a bit stuck because I don’t know how to fix it. Is it a connector bug or apache.ldap library bug or AD configuration problem or resourse configuration problem?
Logs:
> 2023-06-06 13:44:02,580 [] [pool-3-thread-134] DEBUG (com.evolveum.polygon.connector.ldap.OperationLog): method: null msg:ldaps://controller1.domain.test/ Search REQ base=<GUID=30301b28-b162-4b26-b563-a4cc0b48e140>, filter=(objectClass=*), scope=base, attributes=[member, mailNickname, objectGUID, objectClass], controls=null
> 2023-06-06 13:44:02,580 [] [pool-3-thread-134] DEBUG (org.apache.directory.ldap.client.api.LdapNetworkConnection): MSG_04104_SENDING_REQUEST (MessageType : SEARCH_REQUEST
> Message ID : 14
> SearchRequest
> baseDn : '<GUID=30301b28-b162-4b26-b563-a4cc0b48e140>'
> filter : '(objectClass=*)'
> scope : base object
> typesOnly : false
> Size Limit : no limit
> Time Limit : no limit
> Deref Aliases : never Deref Aliases
> attributes : 'member', 'mailNickname', 'objectGUID', 'objectClass'
> org.apache.directory.api.ldap.model.message.SearchRequestImpl at 8c6b5577)
> 2023-06-06 13:44:02,580 [] [pool-3-thread-134] DEBUG (org.apache.directory.ldap.client.api.LdapNetworkConnection): MSG_04106_ADDING (14,org.apache.directory.ldap.client.api.future.SearchFuture)
> 2023-06-06 13:44:02,676 [] [NioProcessor-107] DEBUG (org.apache.directory.ldap.client.api.LdapNetworkConnection): MSG_04142_MESSAGE_RECEIVED (MessageType : SEARCH_RESULT_ENTRY
> Message ID : 14
> Search Result Entry
> Entry
> dn: CN=Test-Group-1,OU=OU_Groups,OU=midpoint-ad-test,OU=MidPointTest,OU=OU_Users,DC=domain,DC=test
> objectClass: top
> objectClass: group
> member;range=0-1499: CN=User 1,OU=OU_Users,DC=domain,DC=test
> ...
> ...
> ...
> member;range=0-1499: CN=User 1499,OU=Users and Groups,OU=Branches,DC=domain,DC=test
> objectGUID: 0x28 0x1B 0x30 0x30 0x62 0xB1 0x26 0x4B 0xB5 0x63 0xA4 0xCC 0x0B 0x48 0xE1 0x40
> member: (null)
> )
> 2023-06-06 13:44:02,677 [] [NioProcessor-107] DEBUG (org.apache.directory.ldap.client.api.LdapNetworkConnection): MSG_04119_GETTING (14,org.apache.directory.ldap.client.api.future.SearchFuture)
> 2023-06-06 13:44:02,680 [] [NioProcessor-107] DEBUG (org.apache.directory.ldap.client.api.LdapNetworkConnection): MSG_04128_SEARCH_ENTRY_FOUND (MessageType : SEARCH_RESULT_ENTRY
> Message ID : 14
> Search Result Entry
> Entry
> dn: CN=Test-Group-1,OU=OU_Groups,OU=midpoint-ad-test,OU=MidPointTest,OU=OU_Users,DC=domain,DC=test
> objectClass: top
> objectClass: group
> member;range=0-1499: CN=User 1,OU=OU_Users,DC=domain,DC=test
> ...
> ...
> ...
> member;range=0-1499: CN=User 1499,OU=Users and Groups,OU=Branches,DC=domain,DC=test
> objectGUID: 0x28 0x1B 0x30 0x30 0x62 0xB1 0x26 0x4B 0xB5 0x63 0xA4 0xCC 0x0B 0x48 0xE1 0x40
> member: (null)
> )
> 2023-06-06 13:44:02,682 [] [NioProcessor-107] DEBUG (org.apache.directory.ldap.client.api.LdapNetworkConnection): MSG_04142_MESSAGE_RECEIVED (MessageType : SEARCH_RESULT_DONE
> Message ID : 14
> Search Result Done
> Ldap Result
> Result code : (SUCCESS) success
> Matched Dn : ''
> Diagnostic message : ''
> )
> 2023-06-06 13:44:02,682 [] [NioProcessor-107] DEBUG (org.apache.directory.ldap.client.api.LdapNetworkConnection): MSG_04119_GETTING (14,org.apache.directory.ldap.client.api.future.SearchFuture)
> 2023-06-06 13:44:02,682 [] [NioProcessor-107] DEBUG (org.apache.directory.ldap.client.api.LdapNetworkConnection): MSG_04131_SEARCH_SUCCESSFUL (MessageType : SEARCH_RESULT_DONE
> Message ID : 14
> Search Result Done
> Ldap Result
> Result code : (SUCCESS) success
> Matched Dn : ''
> Diagnostic message : ''
> )
> 2023-06-06 13:44:02,682 [] [NioProcessor-107] DEBUG (org.apache.directory.ldap.client.api.LdapNetworkConnection): MSG_04126_REMOVING (14,org.apache.directory.ldap.client.api.future.SearchFuture)
> 2023-06-06 13:44:02,684 [] [pool-3-thread-134] DEBUG (com.evolveum.polygon.connector.ldap.OperationLog): method: null msg:ldaps://controller1.domain.test/ Search RES Entry
> dn: CN=Test-Group-1,OU=OU_Groups,OU=midpoint-ad-test,OU=MidPointTest,OU=OU_Users,DC=domain,DC=test
> objectClass: top
> objectClass: group
> member;range=0-1499: CN=User 1,OU=OU_Users,DC=domain,DC=test
> ...
> ...
> ...
> member;range=0-1499: CN=User 1499,OU=Users and Groups,OU=Branches,DC=domain,DC=test
> objectGUID: 0x28 0x1B 0x30 0x30 0x62 0xB1 0x26 0x4B 0xB5 0x63 0xA4 0xCC 0x0B 0x48 0xE1 0x40
> member: (null)
>
> 2023-06-06 13:44:02,688 [] [pool-3-thread-134] DEBUG (com.evolveum.polygon.connector.ldap.OperationLog): method: null msg:ldaps://controller1.domain.test/ Search REQ base=CN=Test-Group-1,OU=OU_Groups,OU=midpoint-ad-test,OU=MidPointTest,OU=OU_Users,DC=domain,DC=test, filter=(objectClass=*), scope=base, attributes=member;range=1500-*
> 2023-06-06 13:44:02,688 [] [pool-3-thread-134] DEBUG (org.apache.directory.ldap.client.api.LdapNetworkConnection): MSG_04104_SENDING_REQUEST (MessageType : SEARCH_REQUEST
> Message ID : 15
> SearchRequest
> baseDn : 'CN=Test-Group-1,OU=OU_Groups,OU=midpoint-ad-test,OU=MidPointTest,OU=OU_Users,DC=domain,DC=test'
> filter : '(objectClass=*)'
> scope : base object
> typesOnly : false
> Size Limit : no limit
> Time Limit : no limit
> Deref Aliases : deref Always
> attributes : 'member;range=1500-*'
> org.apache.directory.api.ldap.model.message.SearchRequestImpl at 71eff6b7)
> 2023-06-06 13:44:02,688 [] [pool-3-thread-134] DEBUG (org.apache.directory.ldap.client.api.LdapNetworkConnection): MSG_04106_ADDING (15,org.apache.directory.ldap.client.api.future.SearchFuture)
> 2023-06-06 13:44:02,696 [] [NioProcessor-107] DEBUG (org.apache.directory.ldap.client.api.LdapNetworkConnection): MSG_04142_MESSAGE_RECEIVED (MessageType : SEARCH_RESULT_ENTRY
> Message ID : 15
> Search Result Entry
> Entry
> dn: CN=Test-Group-1,OU=OU_Groups,OU=midpoint-ad-test,OU=MidPointTest,OU=OU_Users,DC=domain,DC=test
>
> member;range=1500-*: CN=User New,OU=Users and Groups,OU=Branches,OU=midpoint-ad-test,OU=MidPointTest,OU=OU_Users,DC=domain,DC=test
> member;range=1500-*: CN=User 1502,OU=Users and Groups,OU=Branches,DC=domain,DC=test
> ...
> ...
> ...
> member;range=1500-*: CN=User X,OU=Users and Groups,OU=Branches,DC=domain,DC=test
> )
> 2023-06-06 13:44:02,696 [] [NioProcessor-107] DEBUG (org.apache.directory.ldap.client.api.LdapNetworkConnection): MSG_04119_GETTING (15,org.apache.directory.ldap.client.api.future.SearchFuture)
> 2023-06-06 13:44:02,697 [] [NioProcessor-107] DEBUG (org.apache.directory.ldap.client.api.LdapNetworkConnection): MSG_04128_SEARCH_ENTRY_FOUND (MessageType : SEARCH_RESULT_ENTRY
> Message ID : 15
> Search Result Entry
> Entry
> dn: CN=Test-Group-1,OU=OU_Groups,OU=midpoint-ad-test,OU=MidPointTest,OU=OU_Users,DC=domain,DC=test
>
> member;range=1500-*: CN=User New,OU=Users and Groups,OU=Branches,OU=midpoint-ad-test,OU=MidPointTest,OU=OU_Users,DC=domain,DC=test
> member;range=1500-*: CN=User 1502,OU=Users and Groups,OU=Branches,DC=domain,DC=test
> ...
> ...
> ...
> member;range=1500-*: CN=User X,OU=Users and Groups,OU=Branches,DC=domain,DC=test
>
> 2023-06-06 13:44:02,717 [] [pool-3-thread-134] DEBUG (com.evolveum.polygon.connector.ldap.OperationLog): method: null msg:ldaps://controller1.domain.test/ Search REQ base=<GUID=30301b28-b162-4b26-b563-a4cc0b48e140>, filter=(objectClass=*), scope=base, attributes=[dn], controls=null, dnHint=cn=Test-Group-1,ou=ou_groups,ou=midpoint-ad-test,ou=midpointtest,ou=ou_users,DC=domain,DC=test
> 2023-06-06 13:44:02,717 [] [pool-3-thread-134] DEBUG (org.apache.directory.ldap.client.api.LdapNetworkConnection): MSG_04104_SENDING_REQUEST (MessageType : SEARCH_REQUEST
> Message ID : 16
> SearchRequest
> baseDn : '<GUID=30301b28-b162-4b26-b563-a4cc0b48e140>'
> filter : '(objectClass=*)'
> scope : base object
> typesOnly : false
> Size Limit : no limit
> Time Limit : no limit
> Deref Aliases : never Deref Aliases
> attributes : 'dn'
> org.apache.directory.api.ldap.model.message.SearchRequestImpl at 23ee96a0)
> 2023-06-06 13:44:02,717 [] [pool-3-thread-134] DEBUG (org.apache.directory.ldap.client.api.LdapNetworkConnection): MSG_04106_ADDING (16,org.apache.directory.ldap.client.api.future.SearchFuture)
> 2023-06-06 13:44:02,719 [] [NioProcessor-107] DEBUG (org.apache.directory.ldap.client.api.LdapNetworkConnection): MSG_04142_MESSAGE_RECEIVED (MessageType : SEARCH_RESULT_ENTRY
> Message ID : 16
> Search Result Entry
> Entry
> dn: CN=Test-Group-1,OU=OU_Groups,OU=midpoint-ad-test,OU=MidPointTest,OU=OU_Users,DC=domain,DC=test
>
> )
> 2023-06-06 13:44:02,719 [] [NioProcessor-107] DEBUG (org.apache.directory.ldap.client.api.LdapNetworkConnection): MSG_04119_GETTING (16,org.apache.directory.ldap.client.api.future.SearchFuture)
> 2023-06-06 13:44:02,719 [] [NioProcessor-107] DEBUG (org.apache.directory.ldap.client.api.LdapNetworkConnection): MSG_04128_SEARCH_ENTRY_FOUND (MessageType : SEARCH_RESULT_ENTRY
> Message ID : 16
> Search Result Entry
> Entry
> dn: CN=Test-Group-1,OU=OU_Groups,OU=midpoint-ad-test,OU=MidPointTest,OU=OU_Users,DC=domain,DC=test
>
> )
> 2023-06-06 13:44:02,719 [] [NioProcessor-107] DEBUG (org.apache.directory.ldap.client.api.LdapNetworkConnection): MSG_04142_MESSAGE_RECEIVED (MessageType : SEARCH_RESULT_DONE
> Message ID : 16
> Search Result Done
> Ldap Result
> Result code : (SUCCESS) success
> Matched Dn : ''
> Diagnostic message : ''
> )
> 2023-06-06 13:44:02,719 [] [pool-3-thread-134] DEBUG (com.evolveum.polygon.connector.ldap.OperationLog): method: null msg:ldaps://controller1.domain.test/ Search RES Entry
> dn: CN=Test-Group-1,OU=OU_Groups,OU=midpoint-ad-test,OU=MidPointTest,OU=OU_Users,DC=domain,DC=test
>
>
> 2023-06-06 13:44:02,719 [] [NioProcessor-107] DEBUG (org.apache.directory.ldap.client.api.LdapNetworkConnection): MSG_04119_GETTING (16,org.apache.directory.ldap.client.api.future.SearchFuture)
> 2023-06-06 13:44:02,719 [] [NioProcessor-107] DEBUG (org.apache.directory.ldap.client.api.LdapNetworkConnection): MSG_04131_SEARCH_SUCCESSFUL (MessageType : SEARCH_RESULT_DONE
> Message ID : 16
> Search Result Done
> Ldap Result
> Result code : (SUCCESS) success
> Matched Dn : ''
> Diagnostic message : ''
> )
> 2023-06-06 13:44:02,719 [] [pool-3-thread-134] DEBUG (org.apache.directory.ldap.client.api.LdapNetworkConnection): MSG_04104_SENDING_REQUEST ( Abandon Request :
> Message Id : 16org.apache.directory.api.ldap.model.message.AbandonRequestImpl at 9bed323e)
> 2023-06-06 13:44:02,719 [] [NioProcessor-107] DEBUG (org.apache.directory.ldap.client.api.LdapNetworkConnection): MSG_04126_REMOVING (16,org.apache.directory.ldap.client.api.future.SearchFuture)
> 2023-06-06 13:44:02,719 [] [pool-3-thread-134] WARN (org.apache.directory.ldap.client.api.LdapNetworkConnection): MSG_04165_NO_FUTURE_ASSOCIATED_TO_MSG_ID_COMPLETED (16)
> 2023-06-06 13:44:02,722 [] [pool-3-thread-134] DEBUG (com.evolveum.polygon.connector.ldap.OperationLog): method: null msg:ldaps://controller1.domain.test/ Modify REQ CN=Test-Group-1,OU=OU_Groups,OU=midpoint-ad-test,OU=MidPointTest,OU=OU_Users,DC=domain,DC=test: [replace:member=CN=User 1,OU=OU_Users,DC=domain,DC=test,], control=PermissiveModify
> 2023-06-06 13:44:02,722 [] [pool-3-thread-134] DEBUG (org.apache.directory.ldap.client.api.LdapNetworkConnection): MSG_04106_ADDING (18,org.apache.directory.ldap.client.api.future.ModifyFuture)
> 2023-06-06 13:44:22,242 [] [NioProcessor-107] DEBUG (org.apache.directory.ldap.client.api.LdapNetworkConnection): MSG_04142_MESSAGE_RECEIVED (MessageType : MODIFY_RESPONSE
> Message ID : 18
> Modify Response
> Ldap Result
> Result code : (SUCCESS) success
> Matched Dn : ''
> Diagnostic message : ''
> )
> 2023-06-06 13:44:22,242 [] [NioProcessor-107] DEBUG (org.apache.directory.ldap.client.api.LdapNetworkConnection): MSG_04119_GETTING (18,org.apache.directory.ldap.client.api.future.ModifyFuture)
> 2023-06-06 13:44:22,243 [] [NioProcessor-107] DEBUG (org.apache.directory.ldap.client.api.LdapNetworkConnection): MSG_04123_MODIFY_SUCCESSFUL (MessageType : MODIFY_RESPONSE
> Message ID : 18
> Modify Response
> Ldap Result
> Result code : (SUCCESS) success
> Matched Dn : ''
> Diagnostic message : ''
> )
> 2023-06-06 13:44:22,243 [] [NioProcessor-107] DEBUG (org.apache.directory.ldap.client.api.LdapNetworkConnection): MSG_04126_REMOVING (18,org.apache.directory.ldap.client.api.future.ModifyFuture)
> 2023-06-06 13:44:22,243 [] [pool-3-thread-134] DEBUG (org.apache.directory.ldap.client.api.LdapNetworkConnection): MSG_04123_MODIFY_SUCCESSFUL (MessageType : MODIFY_RESPONSE
> Message ID : 18
> Modify Response
> Ldap Result
> Result code : (SUCCESS) success
> Matched Dn : ''
> Diagnostic message : ''
> )
> 2023-06-06 13:44:22,243 [] [pool-3-thread-134] DEBUG (com.evolveum.polygon.connector.ldap.OperationLog): method: null msg:ldaps://controller1.domain.test/ Modify RES CN=Test-Group-1,OU=OU_Groups,OU=midpoint-ad-test,OU=MidPointTest,OU=OU_Users,DC=domain,DC=test: Ldap Result
> Result code : (SUCCESS) success
> Matched Dn : ''
> Diagnostic message : ''
–––
Dmitry Berezkin
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20230606/58b4df2f/attachment-0001.htm>
More information about the midPoint
mailing list