<html>
<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
Please try to add that account to local Administrators on that
computer (not Domain Administators). I remember situation where this
helped. I also remember to have written it somewhere :-(<br>
<br>
Ivan<br>
<br>
<div class="moz-cite-prefix">On 06/24/2015 01:50 PM, Ващенков
Алексей wrote:<br>
</div>
<blockquote
cite="mid:23F96C83E30B7E4DA253EBD07C550836014DC8AC@EX-MB2.solar.local"
type="cite">
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta name="Generator" content="Microsoft Word 15 (filtered
medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Consolas;
panose-1:2 11 6 9 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri","sans-serif";
color:black;
mso-fareast-language:EN-US;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:#0563C1;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:#954F72;
text-decoration:underline;}
pre
{mso-style-priority:99;
mso-style-link:"Стандартный HTML Знак";
margin:0cm;
margin-bottom:.0001pt;
font-size:10.0pt;
font-family:"Courier New";
color:black;}
span.EmailStyle17
{mso-style-type:personal;
font-family:"Calibri","sans-serif";
color:windowtext;}
span.HTML
{mso-style-name:"Стандартный HTML Знак";
mso-style-priority:99;
mso-style-link:"Стандартный HTML";
font-family:"Consolas","serif";
color:black;
mso-fareast-language:EN-US;}
span.EmailStyle20
{mso-style-type:personal-reply;
font-family:"Calibri","sans-serif";
color:#1F497D;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:612.0pt 792.0pt;
margin:2.0cm 42.5pt 2.0cm 3.0cm;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
<div class="WordSection1">
<p class="MsoNormal"><span style="color:#1F497D" lang="EN-US">Thanks.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D" lang="EN-US">I
helped a little bit. The documentation doesn’t pointed that
also I need to add the certificate to trusted roots using
mmc.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D" lang="EN-US">After
we imported certificate and add it ti trusted roots I’ve got
an access denied exception. We try to start connector as
System and as Administrator but in both cases access
exception throws.
<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D" lang="EN-US">May
be I miss some preferences?<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D" lang="EN-US"><o:p> </o:p></span></p>
<div>
<div style="border:none;border-top:solid #E1E1E1
1.0pt;padding:3.0pt 0cm 0cm 0cm">
<p class="MsoNormal"><b><span
style="color:windowtext;mso-fareast-language:RU"
lang="EN-US">From:</span></b><span
style="color:windowtext;mso-fareast-language:RU"
lang="EN-US"> midPoint
[<a class="moz-txt-link-freetext" href="mailto:midpoint-bounces@lists.evolveum.com">mailto:midpoint-bounces@lists.evolveum.com</a>]
<b>On Behalf Of </b>Ivan Noris<br>
<b>Sent:</b> Wednesday, June 24, 20</span><span
style="color:windowtext;mso-fareast-language:RU">15
10:54 AM<br>
<b>To:</b> <a class="moz-txt-link-abbreviated" href="mailto:midpoint@lists.evolveum.com">midpoint@lists.evolveum.com</a><br>
<b>Subject:</b> Re: [midPoint] Self-signed SSL
certificate problem with exchange connector<o:p></o:p></span></p>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal" style="margin-bottom:12.0pt">Hi Алексей,<br>
<br>
please check your steps with <a moz-do-not-send="true"
href="https://wiki.evolveum.com/display/midPoint/.NET+Connector+Server">
https://wiki.evolveum.com/display/midPoint/.NET+Connector+Server</a><br>
<br>
Last time I was connecting AD through SSL, it helped me.<br>
<br>
Regards,<br>
Ivan<span style="font-size:12.0pt;mso-fareast-language:RU"><o:p></o:p></span></p>
<div>
<p class="MsoNormal">On 06/24/2015 09:42 AM, Ващенков Алексей
wrote:<o:p></o:p></p>
</div>
<blockquote style="margin-top:5.0pt;margin-bottom:5.0pt">
<p class="MsoNormal"><span lang="EN-US">Hi. </span><o:p></o:p></p>
<p class="MsoNormal"><span lang="EN-US">We use self-signed
certificate for connection to powershell. In process to
add account using Exchange connector throws an exception
</span><o:p></o:p></p>
<p class="MsoNormal"><span lang="EN-US">====</span><o:p></o:p></p>
<div style="border:none;border-bottom:double windowtext
2.25pt;padding:0cm 0cm 1.0pt 0cm">
<p class="MsoNormal"><span lang="EN-US">The SSL certificate
is signed by an unknown certificate authority. For more
information, see the about_Remote_Troubleshooting Help
topic. Cannot validate argument on parameter 'Session'.
The argument is null. Supply a non-null argument and try
the command again.</span><o:p></o:p></p>
</div>
<p class="MsoNormal"><span lang="EN-US">We have added
certificate to trusted roots in internet settings. But it
doesn’t take any effect.</span><o:p></o:p></p>
<p class="MsoNormal"><span lang="EN-US">What should we do to
prevent this exception throwning?</span><o:p></o:p></p>
<p class="MsoNormal"><span
style="font-size:12.0pt;font-family:"Times New
Roman","serif";mso-fareast-language:RU"><br>
<br>
<br>
<o:p></o:p></span></p>
<pre>_______________________________________________<o:p></o:p></pre>
<pre>midPoint mailing list<o:p></o:p></pre>
<pre><a moz-do-not-send="true" href="mailto:midPoint@lists.evolveum.com">midPoint@lists.evolveum.com</a><o:p></o:p></pre>
<pre><a moz-do-not-send="true" href="http://lists.evolveum.com/mailman/listinfo/midpoint">http://lists.evolveum.com/mailman/listinfo/midpoint</a><o:p></o:p></pre>
</blockquote>
<p class="MsoNormal"><span
style="font-size:12.0pt;font-family:"Times New
Roman","serif";mso-fareast-language:RU"><br>
<br>
<o:p></o:p></span></p>
<pre>-- <o:p></o:p></pre>
<pre> Ing. Ivan Noris<o:p></o:p></pre>
<pre> Senior Identity Management Engineer & IDM Architect<o:p></o:p></pre>
<pre> evolveum.com evolveum.com/blog/<o:p></o:p></pre>
<pre> ___________________________________________________<o:p></o:p></pre>
<pre> "Semper Id(e)M Vix."<o:p></o:p></pre>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
midPoint mailing list
<a class="moz-txt-link-abbreviated" href="mailto:midPoint@lists.evolveum.com">midPoint@lists.evolveum.com</a>
<a class="moz-txt-link-freetext" href="http://lists.evolveum.com/mailman/listinfo/midpoint">http://lists.evolveum.com/mailman/listinfo/midpoint</a>
</pre>
</blockquote>
<br>
<pre class="moz-signature" cols="72">--
Ing. Ivan Noris
Senior Identity Management Engineer & IDM Architect
evolveum.com evolveum.com/blog/
___________________________________________________
"Semper Id(e)M Vix."
</pre>
</body>
</html>