<html>
<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
Sorry, didn't realize there was a screenshot.<br>
Anyway the screenshot seems to be "Administrator" account.<br>
<br>
I'm trying to refresh my latest project with Exchange. So far I
don't remember this issue. We have created user, which is not in
Domain Administrator, but has delegated administration of users,
groups etc. in one part of the directory. Additionaly, user is
member of Organizational Management group to manage Exchange
objects.<br>
<br>
The same user is used for the service (ConnectorServer) and also
configured in midPoint in resource (DirectoryAdminName).<br>
<br>
ExchangeUri points to the <a class="moz-txt-link-freetext" href="http://blabla/PowerShell">http://blabla/PowerShell</a> - you should try
to access it from your connector server/browser, if the Access
Denied error is related to that.<br>
<br>
Ivan<br>
<br>
<div class="moz-cite-prefix">On 06/24/2015 03:55 PM, Ващенков
Алексей wrote:<br>
</div>
<blockquote
cite="mid:23F96C83E30B7E4DA253EBD07C550836014DC95F@EX-MB2.solar.local"
type="cite">
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta name="Generator" content="Microsoft Word 15 (filtered
medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Consolas;
panose-1:2 11 6 9 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri","sans-serif";
color:black;
mso-fareast-language:EN-US;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:#0563C1;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:#954F72;
text-decoration:underline;}
pre
{mso-style-priority:99;
mso-style-link:"Стандартный HTML Знак";
margin:0cm;
margin-bottom:.0001pt;
font-size:10.0pt;
font-family:"Courier New";
color:black;}
span.HTML
{mso-style-name:"Стандартный HTML Знак";
mso-style-priority:99;
mso-style-link:"Стандартный HTML";
font-family:Consolas;
color:black;
mso-fareast-language:EN-US;}
span.EmailStyle19
{mso-style-type:personal;
font-family:"Calibri","sans-serif";
color:windowtext;}
span.EmailStyle20
{mso-style-type:personal;
font-family:"Calibri","sans-serif";
color:#1F497D;}
span.EmailStyle21
{mso-style-type:personal;
font-family:"Calibri","sans-serif";
color:#1F497D;}
span.EmailStyle22
{mso-style-type:personal;
font-family:"Calibri","sans-serif";
color:#1F497D;}
span.EmailStyle23
{mso-style-type:personal-reply;
font-family:"Calibri","sans-serif";
color:#1F497D;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:612.0pt 792.0pt;
margin:2.0cm 42.5pt 2.0cm 3.0cm;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
<div class="WordSection1">
<p class="MsoNormal"><span style="color:#1F497D" lang="EN-US">On
test stand we use our “MEGA-ADMIN” :)<br>
Yes this user in Organisation Management group. You can see
it at the screenshot in previous message.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:#1F497D" lang="EN-US"><o:p> </o:p></span></p>
<div>
<div style="border:none;border-top:solid #E1E1E1
1.0pt;padding:3.0pt 0cm 0cm 0cm">
<p class="MsoNormal"><b><span
style="color:windowtext;mso-fareast-language:RU">From:</span></b><span
style="color:windowtext;mso-fareast-language:RU">
midPoint [<a class="moz-txt-link-freetext" href="mailto:midpoint-bounces@lists.evolveum.com">mailto:midpoint-bounces@lists.evolveum.com</a>]
<b>On Behalf Of </b>Ivan Noris<br>
<b>Sent:</b> Wednesday, June 24, 2015 4:44 PM<br>
<b>To:</b> <a class="moz-txt-link-abbreviated" href="mailto:midpoint@lists.evolveum.com">midpoint@lists.evolveum.com</a><br>
<b>Subject:</b> Re: [midPoint] Self-signed SSL
certificate problem with exchange connector<o:p></o:p></span></p>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal" style="margin-bottom:12.0pt">OK, and what
permissions in AD/Exchange has the account configured for the
connector in midPoint?<br>
<br>
(DirectoryAdminName configurationProperty)<br>
<br>
Is it in Organizational Management group?<br>
<br>
Ivan<span style="font-size:12.0pt;mso-fareast-language:RU"><o:p></o:p></span></p>
<div>
<p class="MsoNormal">On 06/24/2015 02:59 PM, Ващенков Алексей
wrote:<o:p></o:p></p>
</div>
<blockquote style="margin-top:5.0pt;margin-bottom:5.0pt">
<div style="border:none;border-bottom:double windowtext
2.25pt;padding:0cm 0cm 1.0pt 0cm">
<p class="MsoNormal"><span style="color:#1F497D"
lang="EN-US">We are using version 1.4.1.20257 of
connector.
</span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D"
lang="EN-US">Here is the stack from connector host</span><o:p></o:p></p>
</div>
<p class="MsoNormal"><span style="color:#1F497D" lang="EN-US">ExchangeConnector
Error: 1 : Exception while executing Create operation:
Org.IdentityConnectors.Framework.Common.Exceptions.ConnectorException:
[isim.isim.local] Connecting to remote server failed with
the following error message : Access is denied. For more
information, see the about_Remote_Troubleshooting Help
topic.</span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D" lang="EN-US">Cannot
validate argument on parameter 'Session'. The argument is
null. Supply a non-null argument and try the command
again.</span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D" lang="EN-US">--->
System.Management.Automation.Remoting.PSRemotingTransportException:
Connecting to remote server failed with the following
error message : Access is denied. For more information,
see the about_Remote_Troubleshooting Help topic.</span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D" lang="EN-US">
--- End of inner exception stack trace ---</span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D" lang="EN-US">
at
Org.IdentityConnectors.ActiveDirectory.PowerShellSupport.DefaultThrowIcfExceptionImplementation(Exception
e, ErrorRecord error, String message) in
d:\midpoint\tgit\openicf\connectors\dotnet\ActiveDirectoryConnector\PowerShellSupport.cs:line
491</span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D" lang="EN-US">
at
Org.IdentityConnectors.ActiveDirectory.PowerShellSupport.CheckErrors(IList`1
errors, ThrowIcfExceptionDelegate
throwIcfExceptionDelegate) in
d:\midpoint\tgit\openicf\connectors\dotnet\ActiveDirectoryConnector\PowerShellSupport.cs:line
449</span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D" lang="EN-US">
at
Org.IdentityConnectors.ActiveDirectory.PowerShellSupport.InvokeScriptInternal(Runspace
runspace, String script, ICollection`1 parameters) in
d:\midpoint\tgit\openicf\connectors\dotnet\ActiveDirectoryConnector\PowerShellSupport.cs:line
354</span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D" lang="EN-US">
at
Org.IdentityConnectors.Exchange.ExchangePowerShellSupport.InitRunSpace()
in
d:\midpoint\tgit\openicf\connectors\dotnet\ExchangeConnector\ExchangePowerShellSupport.cs:line
162</span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D" lang="EN-US">
at
Org.IdentityConnectors.Exchange.ExchangePowerShellSupport.RunSpaceAsyncInitializer.InitializeInCurrentThread()
in
d:\midpoint\tgit\openicf\connectors\dotnet\ExchangeConnector\ExchangePowerShellSupport.cs:line
134</span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D" lang="EN-US">
at
Org.IdentityConnectors.Exchange.ExchangePowerShellSupport.CreateExchangeRunspace()
in
d:\midpoint\tgit\openicf\connectors\dotnet\ExchangeConnector\ExchangePowerShellSupport.cs:line
103</span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D" lang="EN-US">
at
Org.IdentityConnectors.ActiveDirectory.MyRunspacePool.acquireRunspace()
in
d:\midpoint\tgit\openicf\connectors\dotnet\ActiveDirectoryConnector\PowerShellSupport.cs:line
531</span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D" lang="EN-US">
at
Org.IdentityConnectors.ActiveDirectory.PowerShellSupport.InvokePipeline(Collection`1
commands) in
d:\midpoint\tgit\openicf\connectors\dotnet\ActiveDirectoryConnector\PowerShellSupport.cs:line
185</span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D" lang="EN-US">
at
Org.IdentityConnectors.Exchange.AccountHandler.Create(CreateOpContext
context) in
d:\midpoint\tgit\openicf\connectors\dotnet\ExchangeConnector\Handlers\AccountHandler.cs:line
112</span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D" lang="EN-US">
at
Org.IdentityConnectors.Exchange.ExchangeConnector.CreateMain(CreateOpContext
context) in
d:\midpoint\tgit\openicf\connectors\dotnet\ExchangeConnector\ExchangeConnector.cs:line
185</span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D" lang="EN-US">
at
Org.IdentityConnectors.Exchange.ExchangeConnector.Create(ObjectClass
oclass, ICollection`1 attributes, OperationOptions
options) in
d:\midpoint\tgit\openicf\connectors\dotnet\ExchangeConnector\ExchangeConnector.cs:line
170</span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D" lang="EN-US">
DateTime=2015-06-27T12:40:34.5850885Z</span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D" lang="EN-US">ConnectorServer.exe
Error: 0 : Exception :</span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D" lang="EN-US">Type:
Org.IdentityConnectors.Framework.Common.Exceptions.ConnectorException</span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D" lang="EN-US">Message:
[isim.isim.local] Connecting to remote server failed with
the following error message : Access is denied. For more
information, see the about_Remote_Troubleshooting Help
topic.</span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D" lang="EN-US">Cannot
validate argument on parameter 'Session'. The argument is
null. Supply a non-null argument and try the command
again.</span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D" lang="EN-US"> </span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D" lang="EN-US">Source:
FrameworkInternal</span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D" lang="EN-US">Stacktrace:
at
Org.IdentityConnectors.ActiveDirectory.PowerShellSupport.DefaultThrowIcfExceptionImplementation(Exception
e, ErrorRecord error, String message) in
d:\midpoint\tgit\openicf\connectors\dotnet\ActiveDirectoryConnector\PowerShellSupport.cs:line
491</span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D" lang="EN-US">
at
Org.IdentityConnectors.ActiveDirectory.PowerShellSupport.CheckErrors(IList`1
errors, ThrowIcfExceptionDelegate
throwIcfExceptionDelegate) in
d:\midpoint\tgit\openicf\connectors\dotnet\ActiveDirectoryConnector\PowerShellSupport.cs:line
449</span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D" lang="EN-US">
at
Org.IdentityConnectors.ActiveDirectory.PowerShellSupport.InvokeScriptInternal(Runspace
runspace, String script, ICollection`1 parameters) in
d:\midpoint\tgit\openicf\connectors\dotnet\ActiveDirectoryConnector\PowerShellSupport.cs:line
354</span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D" lang="EN-US">
at
Org.IdentityConnectors.Exchange.ExchangePowerShellSupport.InitRunSpace()
in
d:\midpoint\tgit\openicf\connectors\dotnet\ExchangeConnector\ExchangePowerShellSupport.cs:line
162</span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D" lang="EN-US">
at
Org.IdentityConnectors.Exchange.ExchangePowerShellSupport.RunSpaceAsyncInitializer.InitializeInCurrentThread()
in
d:\midpoint\tgit\openicf\connectors\dotnet\ExchangeConnector\ExchangePowerShellSupport.cs:line
134</span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D" lang="EN-US">
at
Org.IdentityConnectors.Exchange.ExchangePowerShellSupport.CreateExchangeRunspace()
in
d:\midpoint\tgit\openicf\connectors\dotnet\ExchangeConnector\ExchangePowerShellSupport.cs:line
103</span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D" lang="EN-US">
at
Org.IdentityConnectors.ActiveDirectory.MyRunspacePool.acquireRunspace()
in
d:\midpoint\tgit\openicf\connectors\dotnet\ActiveDirectoryConnector\PowerShellSupport.cs:line
531</span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D" lang="EN-US">
at
Org.IdentityConnectors.ActiveDirectory.PowerShellSupport.InvokePipeline(Collection`1
commands) in
d:\midpoint\tgit\openicf\connectors\dotnet\ActiveDirectoryConnector\PowerShellSupport.cs:line
185</span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D" lang="EN-US">
at
Org.IdentityConnectors.Exchange.AccountHandler.Create(CreateOpContext
context) in
d:\midpoint\tgit\openicf\connectors\dotnet\ExchangeConnector\Handlers\AccountHandler.cs:line
112</span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D" lang="EN-US">
at
Org.IdentityConnectors.Exchange.ExchangeConnector.CreateMain(CreateOpContext
context) in
d:\midpoint\tgit\openicf\connectors\dotnet\ExchangeConnector\ExchangeConnector.cs:line
185</span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D" lang="EN-US">
at
Org.IdentityConnectors.Exchange.ExchangeConnector.Create(ObjectClass
oclass, ICollection`1 attributes, OperationOptions
options) in
d:\midpoint\tgit\openicf\connectors\dotnet\ExchangeConnector\ExchangeConnector.cs:line
177</span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D" lang="EN-US">
at
Org.IdentityConnectors.Framework.Impl.Api.Local.Operations.CreateImpl.Create(ObjectClass
objectClass, ICollection`1 createAttributes,
OperationOptions options) in
c:\Users\Pavol\Documents\GitHub\ConnId\dotnet\FrameworkInternal\ApiLocalOperations.cs:line
442</span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D" lang="EN-US">
at
Org.IdentityConnectors.Framework.Impl.Api.Local.Operations.ConnectorAPIOperationRunnerProxy.Invoke(Object
proxy, MethodInfo method, Object[] args) in
c:\Users\Pavol\Documents\GitHub\ConnId\dotnet\FrameworkInternal\ApiLocalOperations.cs:line
247</span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D" lang="EN-US">
at ___proxy1.Create(ObjectClass , ICollection`1 ,
OperationOptions )</span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D" lang="EN-US">
at
Org.IdentityConnectors.Framework.Impl.Api.DelegatingTimeoutProxy.Invoke(Object
proxy, MethodInfo method, Object[] args) in
c:\Users\Pavol\Documents\GitHub\ConnId\dotnet\FrameworkInternal\Api.cs:line
1344</span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D" lang="EN-US">
at ___proxy1.Create(ObjectClass , ICollection`1 ,
OperationOptions )</span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D" lang="EN-US">
at
Org.IdentityConnectors.Framework.Impl.Server.ConnectionProcessor.ProcessOperationRequest(OperationRequest
request) in
c:\Users\Pavol\Documents\GitHub\ConnId\dotnet\FrameworkInternal\Server.cs:line
626</span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D" lang="EN-US">
Inner Exception :</span><o:p></o:p></p>
<div style="border:none;border-bottom:double windowtext
2.25pt;padding:0cm 0cm 1.0pt 0cm">
<p class="MsoNormal"><span style="color:#1F497D"
lang="EN-US"> Type:
System.Management.Automation.Remoting.PSRemotingTransportException</span><o:p></o:p></p>
</div>
<p class="MsoNormal"><span style="color:#1F497D" lang="EN-US"> </span><o:p></o:p></p>
<div>
<div style="border:none;border-top:solid #E1E1E1
1.0pt;padding:3.0pt 0cm 0cm 0cm">
<p class="MsoNormal"><b><span
style="color:windowtext;mso-fareast-language:RU"
lang="EN-US">From:</span></b><span
style="color:windowtext;mso-fareast-language:RU"
lang="EN-US"> midPoint [<a moz-do-not-send="true"
href="mailto:midpoint-bounces@lists.evolveum.com">mailto:midpoint-bounces@lists.evolveum.com</a>]
<b>On Behalf Of </b>Ivan Noris<br>
<b>Sent:</b> Wednesday, June 24, 2015 3:42 PM<br>
<b>To:</b> <a moz-do-not-send="true"
href="mailto:midpoint@lists.evolveum.com">midpoint@lists.evolveum.com</a><br>
<b>Subject:</b> Re: [midPoint] Self-signed SSL
certificate problem with exchange connector</span><o:p></o:p></p>
</div>
</div>
<p class="MsoNormal"><span lang="EN-US"> </span><o:p></o:p></p>
<p class="MsoNormal" style="margin-bottom:12.0pt">No; but in
my scenario I had to be in local Administrators group to be
able to access the certificate store on the machine where
Connector Server runs.<br>
<br>
Can you be more precise about the Access Denied exception?<br>
<br>
Ivan<o:p></o:p></p>
<div>
<p class="MsoNormal">On 06/24/2015 02:04 PM, Ващенков
Алексей wrote:<o:p></o:p></p>
</div>
<blockquote style="margin-top:5.0pt;margin-bottom:5.0pt">
<p class="MsoNormal"><span style="color:#1F497D"
lang="EN-US">The user is in both groups local and domain
administrators.
</span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D"
lang="EN-US">Do you suppose that user must be only in
local administrator group?</span><o:p></o:p></p>
<p class="MsoNormal"><b><span
style="color:windowtext;mso-fareast-language:RU"
lang="EN-US"> </span></b><o:p></o:p></p>
<div>
<div style="border:none;border-top:solid #E1E1E1
1.0pt;padding:3.0pt 0cm 0cm 0cm">
<p class="MsoNormal"><b><span
style="color:windowtext;mso-fareast-language:RU"
lang="EN-US">Sent:</span></b><span
style="color:windowtext;mso-fareast-language:RU"
lang="EN-US"> Wednesday, June 24, 2015 2:55 PM<br>
<b>To:</b> <a moz-do-not-send="true"
href="mailto:midpoint@lists.evolveum.com">midpoint@lists.evolveum.com</a><br>
<b>Subject:</b> Re: [midPoint] Self-signed SSL
certificate problem with exchange connector</span><o:p></o:p></p>
</div>
</div>
<p class="MsoNormal"><span lang="EN-US"> </span><o:p></o:p></p>
<p class="MsoNormal" style="margin-bottom:12.0pt"><span
lang="EN-US">Please try to add that account to local
Administrators on that computer (not Domain
Administators). I remember situation where this helped.
I also remember to have written it somewhere :-(<br>
<br>
Ivan</span><o:p></o:p></p>
<div>
<p class="MsoNormal">On 06/24/2015 01:50 PM, Ващенков
Алексей wrote:<o:p></o:p></p>
</div>
<blockquote style="margin-top:5.0pt;margin-bottom:5.0pt">
<p class="MsoNormal"><span style="color:#1F497D"
lang="EN-US">Thanks.</span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D"
lang="EN-US">I helped a little bit. The documentation
doesn’t pointed that also I need to add the
certificate to trusted roots using mmc.</span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D"
lang="EN-US">After we imported certificate and add it
ti trusted roots I’ve got an access denied exception.
We try to start connector as System and as
Administrator but in both cases access exception
throws.
</span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D"
lang="EN-US">May be I miss some preferences?</span><o:p></o:p></p>
<p class="MsoNormal"><span style="color:#1F497D"
lang="EN-US"> </span><o:p></o:p></p>
<div>
<div style="border:none;border-top:solid #E1E1E1
1.0pt;padding:3.0pt 0cm 0cm 0cm">
<p class="MsoNormal"><b><span
style="color:windowtext;mso-fareast-language:RU"
lang="EN-US">From:</span></b><span
style="color:windowtext;mso-fareast-language:RU"
lang="EN-US"> midPoint [</span><a
moz-do-not-send="true"
href="mailto:midpoint-bounces@lists.evolveum.com"><span
style="mso-fareast-language:RU" lang="EN-US">mailto:midpoint-bounces@lists.evolveum.com</span></a><span
style="color:windowtext;mso-fareast-language:RU"
lang="EN-US">]
<b>On Behalf Of </b>Ivan Noris<br>
<b>Sent:</b> Wednesday, June 24, 2015 10:54 AM<br>
<b>To:</b> </span><a moz-do-not-send="true"
href="mailto:midpoint@lists.evolveum.com"><span
style="mso-fareast-language:RU" lang="EN-US">midpoint@lists.evolveum.com</span></a><span
style="color:windowtext;mso-fareast-language:RU"
lang="EN-US"><br>
<b>Subject:</b> Re: [midPoint] Self-signed SSL
certificate problem with exchange connector</span><o:p></o:p></p>
</div>
</div>
<p class="MsoNormal"><span lang="EN-US"> </span><o:p></o:p></p>
<p class="MsoNormal" style="margin-bottom:12.0pt"><span
lang="EN-US">Hi </span>Алексей<span lang="EN-US">,<br>
<br>
please check your steps with </span><a
moz-do-not-send="true"
href="https://wiki.evolveum.com/display/midPoint/.NET+Connector+Server"><span
lang="EN-US">https://wiki.evolveum.com/display/midPoint/.NET+Connector+Server</span></a><span
lang="EN-US"><br>
<br>
Last time I was connecting AD through SSL, it helped
me.<br>
<br>
Regards,<br>
Ivan</span><o:p></o:p></p>
<div>
<p class="MsoNormal"><span lang="EN-US">On 06/24/2015
09:42 AM, </span>Ващенков Алексей<span lang="EN-US">
wrote:</span><o:p></o:p></p>
</div>
<blockquote style="margin-top:5.0pt;margin-bottom:5.0pt">
<p class="MsoNormal"><span lang="EN-US">Hi. </span><o:p></o:p></p>
<p class="MsoNormal"><span lang="EN-US">We use
self-signed certificate for connection to
powershell. In process to add account using Exchange
connector throws an exception
</span><o:p></o:p></p>
<p class="MsoNormal"><span lang="EN-US">====</span><o:p></o:p></p>
<div style="border:none;border-bottom:double windowtext
2.25pt;padding:0cm 0cm 1.0pt 0cm">
<p class="MsoNormal"><span lang="EN-US">The SSL
certificate is signed by an unknown certificate
authority. For more information, see the
about_Remote_Troubleshooting Help topic. Cannot
validate argument on parameter 'Session'. The
argument is null. Supply a non-null argument and
try the command again.</span><o:p></o:p></p>
</div>
<p class="MsoNormal"><span lang="EN-US">We have added
certificate to trusted roots in internet settings.
But it doesn’t take any effect.</span><o:p></o:p></p>
<p class="MsoNormal"><span lang="EN-US">What should we
do to prevent this exception throwning?</span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:12.0pt"
lang="EN-US"><br>
<br>
<br>
<br>
<br>
<br>
</span><o:p></o:p></p>
<pre><span lang="EN-US">_______________________________________________</span><o:p></o:p></pre>
<pre><span lang="EN-US">midPoint mailing list</span><o:p></o:p></pre>
<pre><a moz-do-not-send="true" href="mailto:midPoint@lists.evolveum.com"><span lang="EN-US">midPoint@lists.evolveum.com</span></a><o:p></o:p></pre>
<pre><a moz-do-not-send="true" href="http://lists.evolveum.com/mailman/listinfo/midpoint"><span lang="EN-US">http://lists.evolveum.com/mailman/listinfo/midpoint</span></a><o:p></o:p></pre>
</blockquote>
<p class="MsoNormal"><span style="font-size:12.0pt"
lang="EN-US"><br>
<br>
<br>
<br>
<br>
</span><o:p></o:p></p>
<pre><span lang="EN-US">-- </span><o:p></o:p></pre>
<pre><span lang="EN-US"> Ing. Ivan Noris</span><o:p></o:p></pre>
<pre><span lang="EN-US"> Senior Identity Management Engineer & IDM Architect</span><o:p></o:p></pre>
<pre><span lang="EN-US"> evolveum.com evolveum.com/blog/</span><o:p></o:p></pre>
<pre><span lang="EN-US"> ___________________________________________________</span><o:p></o:p></pre>
<pre><span lang="EN-US"> "Semper Id(e)M Vix."</span><o:p></o:p></pre>
<p class="MsoNormal"><span style="font-size:12.0pt"
lang="EN-US"><br>
<br>
<br>
<br>
<br>
</span><o:p></o:p></p>
<pre><span lang="EN-US">_______________________________________________</span><o:p></o:p></pre>
<pre><span lang="EN-US">midPoint mailing list</span><o:p></o:p></pre>
<pre><a moz-do-not-send="true" href="mailto:midPoint@lists.evolveum.com"><span lang="EN-US">midPoint@lists.evolveum.com</span></a><o:p></o:p></pre>
<pre><a moz-do-not-send="true" href="http://lists.evolveum.com/mailman/listinfo/midpoint"><span lang="EN-US">http://lists.evolveum.com/mailman/listinfo/midpoint</span></a><o:p></o:p></pre>
</blockquote>
<p class="MsoNormal"><span style="font-size:12.0pt"
lang="EN-US"><br>
<br>
<br>
<br>
</span><o:p></o:p></p>
<pre><span lang="EN-US">-- </span><o:p></o:p></pre>
<pre><span lang="EN-US"> Ing. Ivan Noris</span><o:p></o:p></pre>
<pre><span lang="EN-US"> Senior Identity Management Engineer & IDM Architect</span><o:p></o:p></pre>
<pre><span lang="EN-US"> evolveum.com evolveum.com/blog/</span><o:p></o:p></pre>
<pre><span lang="EN-US"> ___________________________________________________</span><o:p></o:p></pre>
<pre><span lang="EN-US"> "Semper Id(e)M Vix."</span><o:p></o:p></pre>
<p class="MsoNormal"><span style="font-size:12.0pt"><br>
<br>
<br>
<br>
</span><o:p></o:p></p>
<pre>_______________________________________________<o:p></o:p></pre>
<pre>midPoint mailing list<o:p></o:p></pre>
<pre><a moz-do-not-send="true" href="mailto:midPoint@lists.evolveum.com">midPoint@lists.evolveum.com</a><o:p></o:p></pre>
<pre><a moz-do-not-send="true" href="http://lists.evolveum.com/mailman/listinfo/midpoint">http://lists.evolveum.com/mailman/listinfo/midpoint</a><o:p></o:p></pre>
</blockquote>
<p class="MsoNormal"><span style="font-size:12.0pt"><br>
<br>
<br>
</span><o:p></o:p></p>
<pre>-- <o:p></o:p></pre>
<pre> Ing. Ivan Noris<o:p></o:p></pre>
<pre> Senior Identity Management Engineer & IDM Architect<o:p></o:p></pre>
<pre> evolveum.com evolveum.com/blog/<o:p></o:p></pre>
<pre> ___________________________________________________<o:p></o:p></pre>
<pre> "Semper Id(e)M Vix."<o:p></o:p></pre>
<p class="MsoNormal"><span
style="font-size:12.0pt;font-family:"Times New
Roman","serif";mso-fareast-language:RU"><br>
<br>
<br>
<o:p></o:p></span></p>
<pre>_______________________________________________<o:p></o:p></pre>
<pre>midPoint mailing list<o:p></o:p></pre>
<pre><a moz-do-not-send="true" href="mailto:midPoint@lists.evolveum.com">midPoint@lists.evolveum.com</a><o:p></o:p></pre>
<pre><a moz-do-not-send="true" href="http://lists.evolveum.com/mailman/listinfo/midpoint">http://lists.evolveum.com/mailman/listinfo/midpoint</a><o:p></o:p></pre>
</blockquote>
<p class="MsoNormal"><span
style="font-size:12.0pt;font-family:"Times New
Roman","serif";mso-fareast-language:RU"><br>
<br>
<o:p></o:p></span></p>
<pre>-- <o:p></o:p></pre>
<pre> Ing. Ivan Noris<o:p></o:p></pre>
<pre> Senior Identity Management Engineer & IDM Architect<o:p></o:p></pre>
<pre> evolveum.com evolveum.com/blog/<o:p></o:p></pre>
<pre> ___________________________________________________<o:p></o:p></pre>
<pre> "Semper Id(e)M Vix."<o:p></o:p></pre>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
midPoint mailing list
<a class="moz-txt-link-abbreviated" href="mailto:midPoint@lists.evolveum.com">midPoint@lists.evolveum.com</a>
<a class="moz-txt-link-freetext" href="http://lists.evolveum.com/mailman/listinfo/midpoint">http://lists.evolveum.com/mailman/listinfo/midpoint</a>
</pre>
</blockquote>
<br>
<pre class="moz-signature" cols="72">--
Ing. Ivan Noris
Senior Identity Management Engineer & IDM Architect
evolveum.com evolveum.com/blog/
___________________________________________________
"Semper Id(e)M Vix."
</pre>
</body>
</html>