<html>
  <head>
    <meta content="text/html; charset=utf-8" http-equiv="Content-Type">
  </head>
  <body bgcolor="#FFFFFF" text="#000000">
    Sorry, didn't realize there was a screenshot.<br>
    Anyway the screenshot seems to be "Administrator" account.<br>
    <br>
    I'm trying to refresh my latest project with Exchange. So far I
    don't remember this issue. We have created user, which is not in
    Domain Administrator, but has delegated administration of users,
    groups etc. in one part of the directory. Additionaly, user is
    member of Organizational Management group to manage Exchange
    objects.<br>
    <br>
    The same user is used for the service (ConnectorServer) and also
    configured in midPoint in resource (DirectoryAdminName).<br>
    <br>
    ExchangeUri points to the <a class="moz-txt-link-freetext" href="http://blabla/PowerShell">http://blabla/PowerShell</a> - you should try
    to access it from your connector server/browser, if the Access
    Denied error is related to that.<br>
    <br>
    Ivan<br>
    <br>
    <div class="moz-cite-prefix">On 06/24/2015 03:55 PM, Ващенков
      Алексей wrote:<br>
    </div>
    <blockquote
      cite="mid:23F96C83E30B7E4DA253EBD07C550836014DC95F@EX-MB2.solar.local"
      type="cite">
      <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
      <meta name="Generator" content="Microsoft Word 15 (filtered
        medium)">
      <style><!--
/* Font Definitions */
@font-face
        {font-family:"Cambria Math";
        panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
        {font-family:Calibri;
        panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
        {font-family:Consolas;
        panose-1:2 11 6 9 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
        {margin:0cm;
        margin-bottom:.0001pt;
        font-size:11.0pt;
        font-family:"Calibri","sans-serif";
        color:black;
        mso-fareast-language:EN-US;}
a:link, span.MsoHyperlink
        {mso-style-priority:99;
        color:#0563C1;
        text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
        {mso-style-priority:99;
        color:#954F72;
        text-decoration:underline;}
pre
        {mso-style-priority:99;
        mso-style-link:"Стандартный HTML Знак";
        margin:0cm;
        margin-bottom:.0001pt;
        font-size:10.0pt;
        font-family:"Courier New";
        color:black;}
span.HTML
        {mso-style-name:"Стандартный HTML Знак";
        mso-style-priority:99;
        mso-style-link:"Стандартный HTML";
        font-family:Consolas;
        color:black;
        mso-fareast-language:EN-US;}
span.EmailStyle19
        {mso-style-type:personal;
        font-family:"Calibri","sans-serif";
        color:windowtext;}
span.EmailStyle20
        {mso-style-type:personal;
        font-family:"Calibri","sans-serif";
        color:#1F497D;}
span.EmailStyle21
        {mso-style-type:personal;
        font-family:"Calibri","sans-serif";
        color:#1F497D;}
span.EmailStyle22
        {mso-style-type:personal;
        font-family:"Calibri","sans-serif";
        color:#1F497D;}
span.EmailStyle23
        {mso-style-type:personal-reply;
        font-family:"Calibri","sans-serif";
        color:#1F497D;}
.MsoChpDefault
        {mso-style-type:export-only;
        font-size:10.0pt;}
@page WordSection1
        {size:612.0pt 792.0pt;
        margin:2.0cm 42.5pt 2.0cm 3.0cm;}
div.WordSection1
        {page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
      <div class="WordSection1">
        <p class="MsoNormal"><span style="color:#1F497D" lang="EN-US">On
            test stand we use our “MEGA-ADMIN” :)<br>
            Yes this user in Organisation Management group. You can see
            it at the screenshot in previous message.<o:p></o:p></span></p>
        <p class="MsoNormal"><span style="color:#1F497D" lang="EN-US"><o:p> </o:p></span></p>
        <div>
          <div style="border:none;border-top:solid #E1E1E1
            1.0pt;padding:3.0pt 0cm 0cm 0cm">
            <p class="MsoNormal"><b><span
                  style="color:windowtext;mso-fareast-language:RU">From:</span></b><span
                style="color:windowtext;mso-fareast-language:RU">
                midPoint [<a class="moz-txt-link-freetext" href="mailto:midpoint-bounces@lists.evolveum.com">mailto:midpoint-bounces@lists.evolveum.com</a>]
                <b>On Behalf Of </b>Ivan Noris<br>
                <b>Sent:</b> Wednesday, June 24, 2015 4:44 PM<br>
                <b>To:</b> <a class="moz-txt-link-abbreviated" href="mailto:midpoint@lists.evolveum.com">midpoint@lists.evolveum.com</a><br>
                <b>Subject:</b> Re: [midPoint] Self-signed SSL
                certificate problem with exchange connector<o:p></o:p></span></p>
          </div>
        </div>
        <p class="MsoNormal"><o:p> </o:p></p>
        <p class="MsoNormal" style="margin-bottom:12.0pt">OK, and what
          permissions in AD/Exchange has the account configured for the
          connector in midPoint?<br>
          <br>
          (DirectoryAdminName configurationProperty)<br>
          <br>
          Is it in Organizational Management group?<br>
          <br>
          Ivan<span style="font-size:12.0pt;mso-fareast-language:RU"><o:p></o:p></span></p>
        <div>
          <p class="MsoNormal">On 06/24/2015 02:59 PM, Ващенков Алексей
            wrote:<o:p></o:p></p>
        </div>
        <blockquote style="margin-top:5.0pt;margin-bottom:5.0pt">
          <div style="border:none;border-bottom:double windowtext
            2.25pt;padding:0cm 0cm 1.0pt 0cm">
            <p class="MsoNormal"><span style="color:#1F497D"
                lang="EN-US">We are using version 1.4.1.20257 of
                connector.
              </span><o:p></o:p></p>
            <p class="MsoNormal"><span style="color:#1F497D"
                lang="EN-US">Here is the stack from connector host</span><o:p></o:p></p>
          </div>
          <p class="MsoNormal"><span style="color:#1F497D" lang="EN-US">ExchangeConnector
              Error: 1 : Exception while executing Create operation:
              Org.IdentityConnectors.Framework.Common.Exceptions.ConnectorException:
              [isim.isim.local] Connecting to remote server failed with
              the following error message : Access is denied. For more
              information, see the about_Remote_Troubleshooting Help
              topic.</span><o:p></o:p></p>
          <p class="MsoNormal"><span style="color:#1F497D" lang="EN-US">Cannot
              validate argument on parameter 'Session'. The argument is
              null. Supply a non-null argument and try the command
              again.</span><o:p></o:p></p>
          <p class="MsoNormal"><span style="color:#1F497D" lang="EN-US">--->
              System.Management.Automation.Remoting.PSRemotingTransportException:
              Connecting to remote server failed with the following
              error message : Access is denied. For more information,
              see the about_Remote_Troubleshooting Help topic.</span><o:p></o:p></p>
          <p class="MsoNormal"><span style="color:#1F497D" lang="EN-US">  
              --- End of inner exception stack trace ---</span><o:p></o:p></p>
          <p class="MsoNormal"><span style="color:#1F497D" lang="EN-US">  
              at
              Org.IdentityConnectors.ActiveDirectory.PowerShellSupport.DefaultThrowIcfExceptionImplementation(Exception
              e, ErrorRecord error, String message) in
              d:\midpoint\tgit\openicf\connectors\dotnet\ActiveDirectoryConnector\PowerShellSupport.cs:line

              491</span><o:p></o:p></p>
          <p class="MsoNormal"><span style="color:#1F497D" lang="EN-US">  
              at
              Org.IdentityConnectors.ActiveDirectory.PowerShellSupport.CheckErrors(IList`1
              errors, ThrowIcfExceptionDelegate
              throwIcfExceptionDelegate) in
              d:\midpoint\tgit\openicf\connectors\dotnet\ActiveDirectoryConnector\PowerShellSupport.cs:line

              449</span><o:p></o:p></p>
          <p class="MsoNormal"><span style="color:#1F497D" lang="EN-US">  
              at
              Org.IdentityConnectors.ActiveDirectory.PowerShellSupport.InvokeScriptInternal(Runspace
              runspace, String script, ICollection`1 parameters) in
              d:\midpoint\tgit\openicf\connectors\dotnet\ActiveDirectoryConnector\PowerShellSupport.cs:line

              354</span><o:p></o:p></p>
          <p class="MsoNormal"><span style="color:#1F497D" lang="EN-US">  
              at
              Org.IdentityConnectors.Exchange.ExchangePowerShellSupport.InitRunSpace()
              in
              d:\midpoint\tgit\openicf\connectors\dotnet\ExchangeConnector\ExchangePowerShellSupport.cs:line
              162</span><o:p></o:p></p>
          <p class="MsoNormal"><span style="color:#1F497D" lang="EN-US">  
              at
              Org.IdentityConnectors.Exchange.ExchangePowerShellSupport.RunSpaceAsyncInitializer.InitializeInCurrentThread()
              in
              d:\midpoint\tgit\openicf\connectors\dotnet\ExchangeConnector\ExchangePowerShellSupport.cs:line

              134</span><o:p></o:p></p>
          <p class="MsoNormal"><span style="color:#1F497D" lang="EN-US">  
              at
              Org.IdentityConnectors.Exchange.ExchangePowerShellSupport.CreateExchangeRunspace()
              in
              d:\midpoint\tgit\openicf\connectors\dotnet\ExchangeConnector\ExchangePowerShellSupport.cs:line
              103</span><o:p></o:p></p>
          <p class="MsoNormal"><span style="color:#1F497D" lang="EN-US">  
              at
              Org.IdentityConnectors.ActiveDirectory.MyRunspacePool.acquireRunspace()
              in
              d:\midpoint\tgit\openicf\connectors\dotnet\ActiveDirectoryConnector\PowerShellSupport.cs:line
              531</span><o:p></o:p></p>
          <p class="MsoNormal"><span style="color:#1F497D" lang="EN-US">  
              at
              Org.IdentityConnectors.ActiveDirectory.PowerShellSupport.InvokePipeline(Collection`1
              commands) in
              d:\midpoint\tgit\openicf\connectors\dotnet\ActiveDirectoryConnector\PowerShellSupport.cs:line

              185</span><o:p></o:p></p>
          <p class="MsoNormal"><span style="color:#1F497D" lang="EN-US">  
              at
              Org.IdentityConnectors.Exchange.AccountHandler.Create(CreateOpContext
              context) in
              d:\midpoint\tgit\openicf\connectors\dotnet\ExchangeConnector\Handlers\AccountHandler.cs:line
              112</span><o:p></o:p></p>
          <p class="MsoNormal"><span style="color:#1F497D" lang="EN-US">  
              at
              Org.IdentityConnectors.Exchange.ExchangeConnector.CreateMain(CreateOpContext
              context) in
              d:\midpoint\tgit\openicf\connectors\dotnet\ExchangeConnector\ExchangeConnector.cs:line
              185</span><o:p></o:p></p>
          <p class="MsoNormal"><span style="color:#1F497D" lang="EN-US">  
              at
              Org.IdentityConnectors.Exchange.ExchangeConnector.Create(ObjectClass
              oclass, ICollection`1 attributes, OperationOptions
              options) in
              d:\midpoint\tgit\openicf\connectors\dotnet\ExchangeConnector\ExchangeConnector.cs:line

              170</span><o:p></o:p></p>
          <p class="MsoNormal"><span style="color:#1F497D" lang="EN-US">   
              DateTime=2015-06-27T12:40:34.5850885Z</span><o:p></o:p></p>
          <p class="MsoNormal"><span style="color:#1F497D" lang="EN-US">ConnectorServer.exe
              Error: 0 : Exception :</span><o:p></o:p></p>
          <p class="MsoNormal"><span style="color:#1F497D" lang="EN-US">Type:
Org.IdentityConnectors.Framework.Common.Exceptions.ConnectorException</span><o:p></o:p></p>
          <p class="MsoNormal"><span style="color:#1F497D" lang="EN-US">Message:
              [isim.isim.local] Connecting to remote server failed with
              the following error message : Access is denied. For more
              information, see the about_Remote_Troubleshooting Help
              topic.</span><o:p></o:p></p>
          <p class="MsoNormal"><span style="color:#1F497D" lang="EN-US">Cannot
              validate argument on parameter 'Session'. The argument is
              null. Supply a non-null argument and try the command
              again.</span><o:p></o:p></p>
          <p class="MsoNormal"><span style="color:#1F497D" lang="EN-US"> </span><o:p></o:p></p>
          <p class="MsoNormal"><span style="color:#1F497D" lang="EN-US">Source:
              FrameworkInternal</span><o:p></o:p></p>
          <p class="MsoNormal"><span style="color:#1F497D" lang="EN-US">Stacktrace:   
              at
              Org.IdentityConnectors.ActiveDirectory.PowerShellSupport.DefaultThrowIcfExceptionImplementation(Exception
              e, ErrorRecord error, String message) in
              d:\midpoint\tgit\openicf\connectors\dotnet\ActiveDirectoryConnector\PowerShellSupport.cs:line

              491</span><o:p></o:p></p>
          <p class="MsoNormal"><span style="color:#1F497D" lang="EN-US">  
              at
              Org.IdentityConnectors.ActiveDirectory.PowerShellSupport.CheckErrors(IList`1
              errors, ThrowIcfExceptionDelegate
              throwIcfExceptionDelegate) in
              d:\midpoint\tgit\openicf\connectors\dotnet\ActiveDirectoryConnector\PowerShellSupport.cs:line

              449</span><o:p></o:p></p>
          <p class="MsoNormal"><span style="color:#1F497D" lang="EN-US">  
              at
              Org.IdentityConnectors.ActiveDirectory.PowerShellSupport.InvokeScriptInternal(Runspace
              runspace, String script, ICollection`1 parameters) in
              d:\midpoint\tgit\openicf\connectors\dotnet\ActiveDirectoryConnector\PowerShellSupport.cs:line

              354</span><o:p></o:p></p>
          <p class="MsoNormal"><span style="color:#1F497D" lang="EN-US">  
              at
              Org.IdentityConnectors.Exchange.ExchangePowerShellSupport.InitRunSpace()
              in
              d:\midpoint\tgit\openicf\connectors\dotnet\ExchangeConnector\ExchangePowerShellSupport.cs:line
              162</span><o:p></o:p></p>
          <p class="MsoNormal"><span style="color:#1F497D" lang="EN-US">  
              at
              Org.IdentityConnectors.Exchange.ExchangePowerShellSupport.RunSpaceAsyncInitializer.InitializeInCurrentThread()
              in
              d:\midpoint\tgit\openicf\connectors\dotnet\ExchangeConnector\ExchangePowerShellSupport.cs:line

              134</span><o:p></o:p></p>
          <p class="MsoNormal"><span style="color:#1F497D" lang="EN-US">  
              at
              Org.IdentityConnectors.Exchange.ExchangePowerShellSupport.CreateExchangeRunspace()
              in
              d:\midpoint\tgit\openicf\connectors\dotnet\ExchangeConnector\ExchangePowerShellSupport.cs:line
              103</span><o:p></o:p></p>
          <p class="MsoNormal"><span style="color:#1F497D" lang="EN-US">  
              at
              Org.IdentityConnectors.ActiveDirectory.MyRunspacePool.acquireRunspace()
              in
              d:\midpoint\tgit\openicf\connectors\dotnet\ActiveDirectoryConnector\PowerShellSupport.cs:line
              531</span><o:p></o:p></p>
          <p class="MsoNormal"><span style="color:#1F497D" lang="EN-US">  
              at
              Org.IdentityConnectors.ActiveDirectory.PowerShellSupport.InvokePipeline(Collection`1
              commands) in
              d:\midpoint\tgit\openicf\connectors\dotnet\ActiveDirectoryConnector\PowerShellSupport.cs:line

              185</span><o:p></o:p></p>
          <p class="MsoNormal"><span style="color:#1F497D" lang="EN-US">  
              at
              Org.IdentityConnectors.Exchange.AccountHandler.Create(CreateOpContext
              context) in
              d:\midpoint\tgit\openicf\connectors\dotnet\ExchangeConnector\Handlers\AccountHandler.cs:line
              112</span><o:p></o:p></p>
          <p class="MsoNormal"><span style="color:#1F497D" lang="EN-US">  
              at
              Org.IdentityConnectors.Exchange.ExchangeConnector.CreateMain(CreateOpContext
              context) in
              d:\midpoint\tgit\openicf\connectors\dotnet\ExchangeConnector\ExchangeConnector.cs:line
              185</span><o:p></o:p></p>
          <p class="MsoNormal"><span style="color:#1F497D" lang="EN-US">  
              at
              Org.IdentityConnectors.Exchange.ExchangeConnector.Create(ObjectClass
              oclass, ICollection`1 attributes, OperationOptions
              options) in
              d:\midpoint\tgit\openicf\connectors\dotnet\ExchangeConnector\ExchangeConnector.cs:line

              177</span><o:p></o:p></p>
          <p class="MsoNormal"><span style="color:#1F497D" lang="EN-US">  
              at
              Org.IdentityConnectors.Framework.Impl.Api.Local.Operations.CreateImpl.Create(ObjectClass
              objectClass, ICollection`1 createAttributes,
              OperationOptions options) in
              c:\Users\Pavol\Documents\GitHub\ConnId\dotnet\FrameworkInternal\ApiLocalOperations.cs:line

              442</span><o:p></o:p></p>
          <p class="MsoNormal"><span style="color:#1F497D" lang="EN-US">  
              at
              Org.IdentityConnectors.Framework.Impl.Api.Local.Operations.ConnectorAPIOperationRunnerProxy.Invoke(Object
              proxy, MethodInfo method, Object[] args) in
              c:\Users\Pavol\Documents\GitHub\ConnId\dotnet\FrameworkInternal\ApiLocalOperations.cs:line

              247</span><o:p></o:p></p>
          <p class="MsoNormal"><span style="color:#1F497D" lang="EN-US">  
              at ___proxy1.Create(ObjectClass , ICollection`1 ,
              OperationOptions )</span><o:p></o:p></p>
          <p class="MsoNormal"><span style="color:#1F497D" lang="EN-US"> 
               at
              Org.IdentityConnectors.Framework.Impl.Api.DelegatingTimeoutProxy.Invoke(Object
              proxy, MethodInfo method, Object[] args) in
              c:\Users\Pavol\Documents\GitHub\ConnId\dotnet\FrameworkInternal\Api.cs:line

              1344</span><o:p></o:p></p>
          <p class="MsoNormal"><span style="color:#1F497D" lang="EN-US">  
              at ___proxy1.Create(ObjectClass , ICollection`1 ,
              OperationOptions )</span><o:p></o:p></p>
          <p class="MsoNormal"><span style="color:#1F497D" lang="EN-US">  
              at
              Org.IdentityConnectors.Framework.Impl.Server.ConnectionProcessor.ProcessOperationRequest(OperationRequest
              request) in
              c:\Users\Pavol\Documents\GitHub\ConnId\dotnet\FrameworkInternal\Server.cs:line

              626</span><o:p></o:p></p>
          <p class="MsoNormal"><span style="color:#1F497D" lang="EN-US"> 
              Inner Exception :</span><o:p></o:p></p>
          <div style="border:none;border-bottom:double windowtext
            2.25pt;padding:0cm 0cm 1.0pt 0cm">
            <p class="MsoNormal"><span style="color:#1F497D"
                lang="EN-US">  Type:
                System.Management.Automation.Remoting.PSRemotingTransportException</span><o:p></o:p></p>
          </div>
          <p class="MsoNormal"><span style="color:#1F497D" lang="EN-US"> </span><o:p></o:p></p>
          <div>
            <div style="border:none;border-top:solid #E1E1E1
              1.0pt;padding:3.0pt 0cm 0cm 0cm">
              <p class="MsoNormal"><b><span
                    style="color:windowtext;mso-fareast-language:RU"
                    lang="EN-US">From:</span></b><span
                  style="color:windowtext;mso-fareast-language:RU"
                  lang="EN-US"> midPoint [<a moz-do-not-send="true"
                    href="mailto:midpoint-bounces@lists.evolveum.com">mailto:midpoint-bounces@lists.evolveum.com</a>]
                  <b>On Behalf Of </b>Ivan Noris<br>
                  <b>Sent:</b> Wednesday, June 24, 2015 3:42 PM<br>
                  <b>To:</b> <a moz-do-not-send="true"
                    href="mailto:midpoint@lists.evolveum.com">midpoint@lists.evolveum.com</a><br>
                  <b>Subject:</b> Re: [midPoint] Self-signed SSL
                  certificate problem with exchange connector</span><o:p></o:p></p>
            </div>
          </div>
          <p class="MsoNormal"><span lang="EN-US"> </span><o:p></o:p></p>
          <p class="MsoNormal" style="margin-bottom:12.0pt">No; but in
            my scenario I had to be in local Administrators group to be
            able to access the certificate store on the machine where
            Connector Server runs.<br>
            <br>
            Can you be more precise about the Access Denied exception?<br>
            <br>
            Ivan<o:p></o:p></p>
          <div>
            <p class="MsoNormal">On 06/24/2015 02:04 PM, Ващенков
              Алексей wrote:<o:p></o:p></p>
          </div>
          <blockquote style="margin-top:5.0pt;margin-bottom:5.0pt">
            <p class="MsoNormal"><span style="color:#1F497D"
                lang="EN-US">The user is in both groups local and domain
                administrators.
              </span><o:p></o:p></p>
            <p class="MsoNormal"><span style="color:#1F497D"
                lang="EN-US">Do you suppose that user must be only in
                local administrator group?</span><o:p></o:p></p>
            <p class="MsoNormal"><b><span
                  style="color:windowtext;mso-fareast-language:RU"
                  lang="EN-US"> </span></b><o:p></o:p></p>
            <div>
              <div style="border:none;border-top:solid #E1E1E1
                1.0pt;padding:3.0pt 0cm 0cm 0cm">
                <p class="MsoNormal"><b><span
                      style="color:windowtext;mso-fareast-language:RU"
                      lang="EN-US">Sent:</span></b><span
                    style="color:windowtext;mso-fareast-language:RU"
                    lang="EN-US"> Wednesday, June 24, 2015 2:55 PM<br>
                    <b>To:</b> <a moz-do-not-send="true"
                      href="mailto:midpoint@lists.evolveum.com">midpoint@lists.evolveum.com</a><br>
                    <b>Subject:</b> Re: [midPoint] Self-signed SSL
                    certificate problem with exchange connector</span><o:p></o:p></p>
              </div>
            </div>
            <p class="MsoNormal"><span lang="EN-US"> </span><o:p></o:p></p>
            <p class="MsoNormal" style="margin-bottom:12.0pt"><span
                lang="EN-US">Please try to add that account to local
                Administrators on that computer (not Domain
                Administators). I remember situation where this helped.
                I also remember to have written it somewhere :-(<br>
                <br>
                Ivan</span><o:p></o:p></p>
            <div>
              <p class="MsoNormal">On 06/24/2015 01:50 PM, Ващенков
                Алексей wrote:<o:p></o:p></p>
            </div>
            <blockquote style="margin-top:5.0pt;margin-bottom:5.0pt">
              <p class="MsoNormal"><span style="color:#1F497D"
                  lang="EN-US">Thanks.</span><o:p></o:p></p>
              <p class="MsoNormal"><span style="color:#1F497D"
                  lang="EN-US">I helped a little bit. The documentation
                  doesn’t pointed that also I need to add the
                  certificate to trusted roots using mmc.</span><o:p></o:p></p>
              <p class="MsoNormal"><span style="color:#1F497D"
                  lang="EN-US">After we imported certificate and add it
                  ti trusted roots I’ve got an access denied exception.
                  We try to start connector as System and as
                  Administrator but in both cases access exception
                  throws.
                </span><o:p></o:p></p>
              <p class="MsoNormal"><span style="color:#1F497D"
                  lang="EN-US">May be I miss some preferences?</span><o:p></o:p></p>
              <p class="MsoNormal"><span style="color:#1F497D"
                  lang="EN-US"> </span><o:p></o:p></p>
              <div>
                <div style="border:none;border-top:solid #E1E1E1
                  1.0pt;padding:3.0pt 0cm 0cm 0cm">
                  <p class="MsoNormal"><b><span
                        style="color:windowtext;mso-fareast-language:RU"
                        lang="EN-US">From:</span></b><span
                      style="color:windowtext;mso-fareast-language:RU"
                      lang="EN-US"> midPoint [</span><a
                      moz-do-not-send="true"
                      href="mailto:midpoint-bounces@lists.evolveum.com"><span
                        style="mso-fareast-language:RU" lang="EN-US">mailto:midpoint-bounces@lists.evolveum.com</span></a><span
                      style="color:windowtext;mso-fareast-language:RU"
                      lang="EN-US">]
                      <b>On Behalf Of </b>Ivan Noris<br>
                      <b>Sent:</b> Wednesday, June 24, 2015 10:54 AM<br>
                      <b>To:</b> </span><a moz-do-not-send="true"
                      href="mailto:midpoint@lists.evolveum.com"><span
                        style="mso-fareast-language:RU" lang="EN-US">midpoint@lists.evolveum.com</span></a><span
                      style="color:windowtext;mso-fareast-language:RU"
                      lang="EN-US"><br>
                      <b>Subject:</b> Re: [midPoint] Self-signed SSL
                      certificate problem with exchange connector</span><o:p></o:p></p>
                </div>
              </div>
              <p class="MsoNormal"><span lang="EN-US"> </span><o:p></o:p></p>
              <p class="MsoNormal" style="margin-bottom:12.0pt"><span
                  lang="EN-US">Hi </span>Алексей<span lang="EN-US">,<br>
                  <br>
                  please check your steps with </span><a
                  moz-do-not-send="true"
                  href="https://wiki.evolveum.com/display/midPoint/.NET+Connector+Server"><span
                    lang="EN-US">https://wiki.evolveum.com/display/midPoint/.NET+Connector+Server</span></a><span
                  lang="EN-US"><br>
                  <br>
                  Last time I was connecting AD through SSL, it helped
                  me.<br>
                  <br>
                  Regards,<br>
                  Ivan</span><o:p></o:p></p>
              <div>
                <p class="MsoNormal"><span lang="EN-US">On 06/24/2015
                    09:42 AM, </span>Ващенков Алексей<span lang="EN-US">
                    wrote:</span><o:p></o:p></p>
              </div>
              <blockquote style="margin-top:5.0pt;margin-bottom:5.0pt">
                <p class="MsoNormal"><span lang="EN-US">Hi. </span><o:p></o:p></p>
                <p class="MsoNormal"><span lang="EN-US">We use
                    self-signed certificate for connection to
                    powershell. In process to add account using Exchange
                    connector throws an exception
                  </span><o:p></o:p></p>
                <p class="MsoNormal"><span lang="EN-US">====</span><o:p></o:p></p>
                <div style="border:none;border-bottom:double windowtext
                  2.25pt;padding:0cm 0cm 1.0pt 0cm">
                  <p class="MsoNormal"><span lang="EN-US">The SSL
                      certificate is signed by an unknown certificate
                      authority. For more information, see the
                      about_Remote_Troubleshooting Help topic. Cannot
                      validate argument on parameter 'Session'. The
                      argument is null. Supply a non-null argument and
                      try the command again.</span><o:p></o:p></p>
                </div>
                <p class="MsoNormal"><span lang="EN-US">We have added
                    certificate to trusted roots in internet settings.
                    But it doesn’t take any effect.</span><o:p></o:p></p>
                <p class="MsoNormal"><span lang="EN-US">What should we
                    do to prevent this exception throwning?</span><o:p></o:p></p>
                <p class="MsoNormal"><span style="font-size:12.0pt"
                    lang="EN-US"><br>
                    <br>
                    <br>
                    <br>
                    <br>
                    <br>
                  </span><o:p></o:p></p>
                <pre><span lang="EN-US">_______________________________________________</span><o:p></o:p></pre>
                <pre><span lang="EN-US">midPoint mailing list</span><o:p></o:p></pre>
                <pre><a moz-do-not-send="true" href="mailto:midPoint@lists.evolveum.com"><span lang="EN-US">midPoint@lists.evolveum.com</span></a><o:p></o:p></pre>
                <pre><a moz-do-not-send="true" href="http://lists.evolveum.com/mailman/listinfo/midpoint"><span lang="EN-US">http://lists.evolveum.com/mailman/listinfo/midpoint</span></a><o:p></o:p></pre>
              </blockquote>
              <p class="MsoNormal"><span style="font-size:12.0pt"
                  lang="EN-US"><br>
                  <br>
                  <br>
                  <br>
                  <br>
                </span><o:p></o:p></p>
              <pre><span lang="EN-US">-- </span><o:p></o:p></pre>
              <pre><span lang="EN-US">  Ing. Ivan Noris</span><o:p></o:p></pre>
              <pre><span lang="EN-US">  Senior Identity Management Engineer & IDM Architect</span><o:p></o:p></pre>
              <pre><span lang="EN-US">  evolveum.com                     evolveum.com/blog/</span><o:p></o:p></pre>
              <pre><span lang="EN-US">  ___________________________________________________</span><o:p></o:p></pre>
              <pre><span lang="EN-US">  "Semper Id(e)M Vix."</span><o:p></o:p></pre>
              <p class="MsoNormal"><span style="font-size:12.0pt"
                  lang="EN-US"><br>
                  <br>
                  <br>
                  <br>
                  <br>
                </span><o:p></o:p></p>
              <pre><span lang="EN-US">_______________________________________________</span><o:p></o:p></pre>
              <pre><span lang="EN-US">midPoint mailing list</span><o:p></o:p></pre>
              <pre><a moz-do-not-send="true" href="mailto:midPoint@lists.evolveum.com"><span lang="EN-US">midPoint@lists.evolveum.com</span></a><o:p></o:p></pre>
              <pre><a moz-do-not-send="true" href="http://lists.evolveum.com/mailman/listinfo/midpoint"><span lang="EN-US">http://lists.evolveum.com/mailman/listinfo/midpoint</span></a><o:p></o:p></pre>
            </blockquote>
            <p class="MsoNormal"><span style="font-size:12.0pt"
                lang="EN-US"><br>
                <br>
                <br>
                <br>
              </span><o:p></o:p></p>
            <pre><span lang="EN-US">-- </span><o:p></o:p></pre>
            <pre><span lang="EN-US">  Ing. Ivan Noris</span><o:p></o:p></pre>
            <pre><span lang="EN-US">  Senior Identity Management Engineer & IDM Architect</span><o:p></o:p></pre>
            <pre><span lang="EN-US">  evolveum.com                     evolveum.com/blog/</span><o:p></o:p></pre>
            <pre><span lang="EN-US">  ___________________________________________________</span><o:p></o:p></pre>
            <pre><span lang="EN-US">  "Semper Id(e)M Vix."</span><o:p></o:p></pre>
            <p class="MsoNormal"><span style="font-size:12.0pt"><br>
                <br>
                <br>
                <br>
              </span><o:p></o:p></p>
            <pre>_______________________________________________<o:p></o:p></pre>
            <pre>midPoint mailing list<o:p></o:p></pre>
            <pre><a moz-do-not-send="true" href="mailto:midPoint@lists.evolveum.com">midPoint@lists.evolveum.com</a><o:p></o:p></pre>
            <pre><a moz-do-not-send="true" href="http://lists.evolveum.com/mailman/listinfo/midpoint">http://lists.evolveum.com/mailman/listinfo/midpoint</a><o:p></o:p></pre>
          </blockquote>
          <p class="MsoNormal"><span style="font-size:12.0pt"><br>
              <br>
              <br>
            </span><o:p></o:p></p>
          <pre>-- <o:p></o:p></pre>
          <pre>  Ing. Ivan Noris<o:p></o:p></pre>
          <pre>  Senior Identity Management Engineer & IDM Architect<o:p></o:p></pre>
          <pre>  evolveum.com                     evolveum.com/blog/<o:p></o:p></pre>
          <pre>  ___________________________________________________<o:p></o:p></pre>
          <pre>  "Semper Id(e)M Vix."<o:p></o:p></pre>
          <p class="MsoNormal"><span
              style="font-size:12.0pt;font-family:"Times New
              Roman","serif";mso-fareast-language:RU"><br>
              <br>
              <br>
              <o:p></o:p></span></p>
          <pre>_______________________________________________<o:p></o:p></pre>
          <pre>midPoint mailing list<o:p></o:p></pre>
          <pre><a moz-do-not-send="true" href="mailto:midPoint@lists.evolveum.com">midPoint@lists.evolveum.com</a><o:p></o:p></pre>
          <pre><a moz-do-not-send="true" href="http://lists.evolveum.com/mailman/listinfo/midpoint">http://lists.evolveum.com/mailman/listinfo/midpoint</a><o:p></o:p></pre>
        </blockquote>
        <p class="MsoNormal"><span
            style="font-size:12.0pt;font-family:"Times New
            Roman","serif";mso-fareast-language:RU"><br>
            <br>
            <o:p></o:p></span></p>
        <pre>-- <o:p></o:p></pre>
        <pre>  Ing. Ivan Noris<o:p></o:p></pre>
        <pre>  Senior Identity Management Engineer & IDM Architect<o:p></o:p></pre>
        <pre>  evolveum.com                     evolveum.com/blog/<o:p></o:p></pre>
        <pre>  ___________________________________________________<o:p></o:p></pre>
        <pre>  "Semper Id(e)M Vix."<o:p></o:p></pre>
      </div>
      <br>
      <fieldset class="mimeAttachmentHeader"></fieldset>
      <br>
      <pre wrap="">_______________________________________________
midPoint mailing list
<a class="moz-txt-link-abbreviated" href="mailto:midPoint@lists.evolveum.com">midPoint@lists.evolveum.com</a>
<a class="moz-txt-link-freetext" href="http://lists.evolveum.com/mailman/listinfo/midpoint">http://lists.evolveum.com/mailman/listinfo/midpoint</a>
</pre>
    </blockquote>
    <br>
    <pre class="moz-signature" cols="72">-- 
  Ing. Ivan Noris
  Senior Identity Management Engineer & IDM Architect
  evolveum.com                     evolveum.com/blog/
  ___________________________________________________
  "Semper Id(e)M Vix."
</pre>
  </body>
</html>