<div dir="ltr">Going to try to get the information asked in here,<div><br></div><div>Midpoint 3.0</div><div>Connector 1.4.1.20257</div><div>ConnID Server 1.4.0.76</div><div><br></div><div>From resource:</div><div><br></div><div><div> <attribute></div><div> <ref>icfs:name</ref></div><div> <displayName>Distinguished Name</displayName></div><div> <limitations></div><div> <minOccurs>0</minOccurs></div><div> <access></div><div> <read>true</read></div><div> <add>true</add></div><div> <modify>true</modify></div><div> </access></div><div> </limitations></div><div> <matchingRule>mr:stringIgnoreCase</matchingRule><br></div><div> <outbound></div><div> <source></div><div> <path>$user/givenName</path></div><div> </source></div><div> <source></div><div> <path>$user/familyName</path></div><div> </source></div><div> <source></div><div> <path>$user/organization</path></div><div> </source></div><div> <expression></div><div> <script></div><div> <code></div><div><span class="" style="white-space:pre"> </span>'cn='+givenName+' '+familyName+iterationToken+','+organization+''</div><div> </code></div><div> </script></div><div> </expression></div><div> </outbound></div><div> </attribute></div><div> <iteration></div><div> <maxIterations>999</maxIterations></div><div> </iteration></div></div><div><br></div><div>The logs are below</div><div><br></div><div>Logs from Conn Server:</div><div><div>ConnectorServer.exe Error: 0 : Exception :</div><div>Type: Org.IdentityConnectors.Framework.Common.Exceptions.AlreadyExistsException</div><div>Message: The object already exists.</div><div>: when creating LDAP://dc1.test.local/cn=Tammy Smith ,OU=AAD,OU=SHP Students,DC=TEST,DC=LOCAL</div><div>Source: FrameworkInternal</div><div>Stacktrace: at Org.IdentityConnectors.ActiveDirectory.ActiveDirectoryConnector.Create(ObjectClass oclass, ICollection`1 attributes, OperationOptions options) in d:\midpoint\tgit\openicf\connectors\dotnet\ActiveDirectoryConnector\ActiveDirectoryConnector.cs:line 280</div><div> at Org.IdentityConnectors.Framework.Impl.Api.Local.Operations.CreateImpl.Create(ObjectClass objectClass, ICollection`1 createAttributes, OperationOptions options) in c:\Users\Pavol\Documents\GitHub\ConnId\dotnet\FrameworkInternal\ApiLocalOperations.cs:line 442</div><div> at Org.IdentityConnectors.Framework.Impl.Api.Local.Operations.ConnectorAPIOperationRunnerProxy.Invoke(Object proxy, MethodInfo method, Object[] args) in c:\Users\Pavol\Documents\GitHub\ConnId\dotnet\FrameworkInternal\ApiLocalOperations.cs:line 247</div><div> at ___proxy1.Create(ObjectClass , ICollection`1 , OperationOptions )</div><div> at Org.IdentityConnectors.Framework.Impl.Api.DelegatingTimeoutProxy.Invoke(Object proxy, MethodInfo method, Object[] args) in c:\Users\Pavol\Documents\GitHub\ConnId\dotnet\FrameworkInternal\Api.cs:line 1344</div><div> at ___proxy1.Create(ObjectClass , ICollection`1 , OperationOptions )</div><div> at Org.IdentityConnectors.Framework.Impl.Server.ConnectionProcessor.ProcessOperationRequest(OperationRequest request) in c:\Users\Pavol\Documents\GitHub\ConnId\dotnet\FrameworkInternal\Server.cs:line 626</div><div> Inner Exception :</div><div> Type: System.DirectoryServices.DirectoryServicesCOMException</div><div> Message: The object already exists.</div><div><br></div><div> Source: System.DirectoryServices</div><div> Stacktrace: at System.DirectoryServices.DirectoryEntry.CommitChanges()</div><div> at Org.IdentityConnectors.ActiveDirectory.ActiveDirectoryConnector.Create(ObjectClass oclass, ICollection`1 attributes, OperationOptions options) in d:\midpoint\tgit\openicf\connectors\dotnet\ActiveDirectoryConnector\ActiveDirectoryConnector.cs:line 200</div><div> DateTime=2014-11-18T21:08:43.4291442Z</div><div>ConnectorServer.exe Information: 0 : Creating case insensitive filter</div><div> DateTime=2014-11-18T21:13:30.7504489Z</div></div></div><div class="gmail_extra"><br><div class="gmail_quote">On Wed, Nov 19, 2014 at 3:47 AM, Ivan Noris <span dir="ltr"><<a href="mailto:ivan.noris@evolveum.com" target="_blank">ivan.noris@evolveum.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000">
For the record, this was my OpenDJ mapping (sorry for the
namespaces, this is from debug pages):<br>
<br>
<attribute><br>
<ref
xmlns:icfs=<a href="http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/resource-schema-3" target="_blank">"http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/resource-schema-3"</a>>icfs:name</ref><span class=""><br>
<displayName>Distinguished
Name</displayName><br>
<limitations><br>
<minOccurs>0</minOccurs><br>
<access><br>
<read>true</read><br>
<add>true</add><br>
<modify>true</modify><br>
</access><br>
</limitations><br></span>
<matchingRule
xmlns:mr=<a href="http://prism.evolveum.com/xml/ns/public/matching-rule-3" target="_blank">"http://prism.evolveum.com/xml/ns/public/matching-rule-3"</a>>mr:stringIgnoreCase</matchingRule><br>
<outbound><br>
<source><br>
<c:path
xmlns:c=<a href="http://midpoint.evolveum.com/xml/ns/public/common/common-3" target="_blank">"http://midpoint.evolveum.com/xml/ns/public/common/common-3"</a>>$user/givenName</c:path><br>
</source><br>
<source><br>
<c:path
xmlns:c=<a href="http://midpoint.evolveum.com/xml/ns/public/common/common-3" target="_blank">"http://midpoint.evolveum.com/xml/ns/public/common/common-3"</a>>$user/familyName</c:path><br>
</source><br>
<expression><br>
<script><br>
<code><br>
'uid=' + givenName + ' ' +
familyName + iterationToken + ',ou=people,dc=example,dc=com'<span class=""><br>
</code><br>
</script><br>
</expression><br>
</outbound><br>
</attribute><br></span>
. . .<br>
<iteration><br>
<maxIterations>5</maxIterations><br>
</iteration><br>
. . .<br>
<br>
The users in midPoint are named johnsmith, johnsmith2, johnsmith3
and their account in OpenDJ were:<br>
<br>
uid=John Smith,ou=people,dc=example,dc=com<br>
uid=John Smith1,ou=people,dc=example,dc=com<br>
uid=John Smith2,ou=people,dc=example,dc=com<br>
<br>
(the iterator counts from nothing, then 1, 2 etc.)<span class="HOEnZb"><font color="#888888"><br>
<br>
Ivan</font></span><div><div class="h5"><br>
<br>
<br>
<br>
<div>On 11/19/2014 10:35 AM, Pavol Mederly
wrote:<br>
</div>
<blockquote type="cite">
<div>Hello Jason,<br>
<br>
one possible cause could be if AD connector (in your case) would
not correctly determine "AlreadyExists" situation. The connector
is able to do that (it is implemented in it and we've tested it
many times) but one never knows...<br>
<br>
What version of AD connector do you use?<br>
Could you share all parts of logs of the Connector Server
related to creation of <a>"LDAP://dc1.test.local/cn=Tammy
Smith ,OU=AAD,OU=SHP Students,DC=TEST,DC=LOCAL"</a> ?<br>
<br>
Thank you,<br>
Pavol<br>
<br>
On 18. 11. 2014 22:21, Jason Everling wrote:<br>
</div>
<blockquote type="cite">
<div dir="ltr">I have been doing some other testing and it seems
when the user has the same firstname lastname the account will
fail to create on active directory. I double-checked the code
throughout github and it seems correct but I get the error
which even shows that it is not adding the iterationToken to
the end of the lastname like it should from the code,
<div><br>
</div>
<div>
<div> <attribute></div>
<div> <ref>icfs:name</ref></div>
<div> <displayName>Distinguished
Name</displayName></div>
<div> <limitations></div>
<div>
<minOccurs>0</minOccurs></div>
<div> <access></div>
<div>
<read>true</read></div>
<div> <add>true</add></div>
<div>
<modify>true</modify></div>
<div> </access></div>
<div> </limitations></div>
<div> <outbound></div>
<div> <source></div>
<div>
<path>$user/givenName</path></div>
<div> </source></div>
<div> <source></div>
<div>
<path>$user/familyName</path></div>
<div> </source></div>
<div> <source></div>
<div>
<path>$user/organization</path></div>
<div> </source></div>
<div> <expression></div>
<div> <script></div>
<div> <code></div>
<div><span style="white-space:pre-wrap"> </span>'cn='+givenName+'
'+familyName+iterationToken+' ,'+organization+''</div>
<div> </code></div>
<div> </script></div>
<div> </expression></div>
<div> </outbound></div>
<div> </attribute></div>
</div>
<div><br>
</div>
<div>In there error blow it should be using the persons
iterator which is 2 so it should be trying to create it as <a>LDAP://dc1.test.local/cn=Tammy</a>
Smith2 ,OU=AAD,OU=SHP Students,DC=TEST,DC=LOCAL but it is
not.</div>
<div><br>
</div>
<div>
<div>2014-11-18 15:08:45,314 [MODEL] [http-bio-8080-exec-68]
ERROR
(com.evolveum.midpoint.model.impl.lens.ChangeExecutor):
Error executing changes for (account (default) on <a>resource:ef2bc95b-76e0-48e2-86d6-3d4f02d3eaef(Active</a>
Directory: Office 365, Google Apps, Moodle)): Can't
process shadow: null (OID:null): Generic error in
connector:
org.identityconnectors.framework.impl.api.remote.RemoteWrappedException(The
object already exists.</div>
<div>: when creating <a>LDAP://dc1.test.local/cn=Tammy</a>
Smith ,OU=AAD,OU=SHP Students,DC=TEST,DC=LOCAL)</div>
<div>com.evolveum.midpoint.util.exception.CommunicationException:
Can't process shadow: null (OID:null): Generic error in
connector:
org.identityconnectors.framework.impl.api.remote.RemoteWrappedException(The
object already exists.</div>
<div>: when creating <a>LDAP://dc1.test.local/cn=Tammy</a>
Smith ,OU=AAD,OU=SHP Students,DC=TEST,DC=LOCAL)</div>
<div><br>
</div>
<div>Thanks,</div>
</div>
<div>JASON</div>
</div>
<br>
<font><br>
<br>
CONFIDENTIALITY NOTICE:<br>
This e-mail together with any attachments is proprietary and
confidential; intended for only the recipient(s) named above
and may contain information that is privileged. You should not
retain, copy or use this e-mail or any attachments for any
purpose, or disclose all or any part of the contents to any
person. Any views or opinions expressed in this e-mail are
those of the author and do not represent those of the Baptist
School of Health Professions. If you have received this e-mail
in error, or are not the named recipient(s), you are hereby
notified that any review, dissemination, distribution or
copying of this communication is prohibited by the sender and
to do so might constitute a violation of the Electronic
Communications Privacy Act, 18 U.S.C. section 2510-2521.
Please immediately notify the sender and delete this e-mail
and any attachments from your computer. </font><br>
<br>
<fieldset></fieldset>
<br>
<pre>_______________________________________________
midPoint mailing list
<a href="mailto:midPoint@lists.evolveum.com" target="_blank">midPoint@lists.evolveum.com</a>
<a href="http://lists.evolveum.com/mailman/listinfo/midpoint" target="_blank">http://lists.evolveum.com/mailman/listinfo/midpoint</a>
</pre>
</blockquote>
<br>
<br>
<fieldset></fieldset>
<br>
<pre>_______________________________________________
midPoint mailing list
<a href="mailto:midPoint@lists.evolveum.com" target="_blank">midPoint@lists.evolveum.com</a>
<a href="http://lists.evolveum.com/mailman/listinfo/midpoint" target="_blank">http://lists.evolveum.com/mailman/listinfo/midpoint</a>
</pre>
</blockquote>
<br>
</div></div><span class=""><pre cols="72">--
Ing. Ivan Noris
Senior Identity Management Engineer
<a href="http://evolveum.com">evolveum.com</a>
___________________________________________
"Idem per idem - semper idem Vix."
</pre>
</span></div>
<br>_______________________________________________<br>
midPoint mailing list<br>
<a href="mailto:midPoint@lists.evolveum.com">midPoint@lists.evolveum.com</a><br>
<a href="http://lists.evolveum.com/mailman/listinfo/midpoint">http://lists.evolveum.com/mailman/listinfo/midpoint</a><br>
<br></blockquote></div><br></div>
<br>
<font size="2"><br><br>CONFIDENTIALITY NOTICE:<br>This e-mail together with any attachments is proprietary and confidential; intended for only the recipient(s) named above and may contain information that is privileged. You should not retain, copy or use this e-mail or any attachments for any purpose, or disclose all or any part of the contents to any person. Any views or opinions expressed in this e-mail are those of the author and do not represent those of the Baptist School of Health Professions. If you have received this e-mail in error, or are not the named recipient(s), you are hereby notified that any review, dissemination, distribution or copying of this communication is prohibited by the sender and to do so might constitute a violation of the Electronic Communications Privacy Act, 18 U.S.C. section 2510-2521. Please immediately notify the sender and delete this e-mail and any attachments from your computer. </font><br>