<html><body><div style="font-family: times new roman, new york, times, serif; font-size: 12pt; color: #000000"><div>Hi Fabio,<br></div><div><br></div><div>that was my guess. Glad it works now.<br></div><div><br></div><div>Regards,<br></div><div>Ivan<br></div><div><br></div><hr id="zwchr"><blockquote style="border-left:2px solid #1010FF;margin-left:5px;padding-left:5px;color:#000;font-weight:normal;font-style:normal;text-decoration:none;font-family:Helvetica,Arial,sans-serif;font-size:12pt;" data-mce-style="border-left: 2px solid #1010FF; margin-left: 5px; padding-left: 5px; color: #000; font-weight: normal; font-style: normal; text-decoration: none; font-family: Helvetica,Arial,sans-serif; font-size: 12pt;"><b>From: </b>"Fabio Contessi" <f.contessi@nsr.it><br><b>To: </b>"midPoint General Discussion" <midpoint@lists.evolveum.com><br><b>Sent: </b>Friday, August 28, 2015 11:54:42 AM<br><b>Subject: </b>Re: [midPoint] Issue with AD Synchronization process<br><div><br></div>Ok Ivan, I have a Connector Server host different from Domain Controller host. I have resolved the issue: there were issues about DNS and Global Catalog configuration.<div class=""><br class=""></div><div class="">Thanks and regards.</div><div class=""><br class=""></div><div class=""> Fabio<br class=""><div class=""><div class=""><br class=""></div><div class=""><div class=""><div class=""><div class=""><span class="" style="orphans: 2; widows: 2; color: rgb(17, 52, 80);" data-mce-style="orphans: 2; widows: 2; color: #113450;"><span style="font-family: Lucida Sans; font-size: xx-small;" data-mce-style="font-family: Lucida Sans; font-size: xx-small;" face="Lucida Sans" size="1"><br class=""></span></span></div></div></div><br class=""><div><blockquote class=""><div class="">Il giorno 27/ago/2015, alle ore 18:01, Ivan Noris <<a href="mailto:ivan.noris@evolveum.com" class="" target="_blank" data-mce-href="mailto:ivan.noris@evolveum.com">ivan.noris@evolveum.com</a>> ha scritto:</div><br class="Apple-interchange-newline"><div class=""><div class="">Hi Fabio,<br class=""> <br class=""> I haven't tried LiveSync with AD for quite a long time, but I remember one setup, where, running the Connector Server on DC, I had to have both set to "localhost" for LiveSync.<br class=""> <br class=""> For provisioning I don't set these at all.<br class=""> <br class=""> I.<br class=""> <br class=""><div class="moz-cite-prefix">On 08/27/2015 04:22 PM, Fabio Contessi wrote:<br class=""></div><blockquote cite="mid:9AA1AAE8-FF27-47C9-9EF3-6CE95272EFFE@nsr.it" class="">Ok, for the Sync* attributes I have put IP address and not the DNS name of the domain controller. Do you think this might be a problem?<div class=""><div class=""><br class=""></div><div class=""> Fabio</div><div class=""><br class=""></div><div class=""><br class=""><div class=""><blockquote class=""><div class="">Il giorno 27/ago/2015, alle ore 16:18, Ivan Noris <<a href="mailto:Ivan.Noris@evolveum.com" class="" target="_blank" data-mce-href="mailto:Ivan.Noris@evolveum.com">Ivan.Noris@evolveum.com</a>> ha scritto:</div><br class="Apple-interchange-newline"><div class=""><div class=""><div style="font-family: 'times new roman', 'new
york', times, serif; font-size: 12pt;" class="" data-mce-style="font-family: 'times new roman', 'new
york', times, serif; font-size: 12pt;"><div class="">So far no idea, but can you please check your values for:<br class=""></div><div class=""><br class=""></div><div class=""><gen927:LDAPHostName>xxx.xxx.xxx.x</gen927:LDAPHostName></div><div class=""><gen927:SearchChildDomains>false</gen927:SearchChildDomains></div><div class=""><gen927:DomainName>xxxx.xxxx.xxxx</gen927:DomainName></div><div class=""><gen927:SyncGlobalCatalogServer>xxx.xxx.xxx.x</gen927:SyncGlobalCatalogServer></div><div class=""><gen927:SyncDomainController>xxx.xxx.xxx.x</gen927:SyncDomainController></div><div class=""><br class=""></div><div class="">If LDAPHostName/DomainName is problem, I assume normal provisioning would cause problems too.<br class=""></div><div class=""><br class=""></div><div class="">Sync* attributes can cause problems only with synchronization. Can you please check if those are resolvable from the machine where connector server runs?<br class=""></div><div class=""><br class=""></div><div class="">Regards,<br class=""></div><div class="">Ivan<br class=""></div><div class=""><br class=""></div><hr id="zwchr" class=""><blockquote style="border-left-width: 2px;
border-left-style: solid; border-left-color:
rgb(16, 16, 255); margin-left: 5px; padding-left:
5px; font-weight: normal; font-style: normal;
text-decoration: none; font-family: Helvetica,
Arial, sans-serif; font-size: 12pt;" class="" data-mce-style="border-left-width: 2px; border-left-style: solid; border-left-color: #1010ff; margin-left: 5px; padding-left: 5px; font-weight: normal; font-style: normal; text-decoration: none; font-family: Helvetica,
Arial, sans-serif; font-size: 12pt;"><b class="">From: </b>"Fabio Contessi" <<a href="mailto:f.contessi@nsr.it" class="" target="_blank" data-mce-href="mailto:f.contessi@nsr.it"></a><a class="moz-txt-link-abbreviated" href="mailto:f.contessi@nsr.it" target="_blank" data-mce-href="mailto:f.contessi@nsr.it">f.contessi@nsr.it</a>><br class=""> <b class="">To: </b>"midPoint General Discussion" <<a href="mailto:midpoint@lists.evolveum.com" class="" target="_blank" data-mce-href="mailto:midpoint@lists.evolveum.com">midpoint@lists.evolveum.com</a>><br class=""> <b class="">Sent: </b>Thursday, August 27, 2015 1:57:17 PM<br class=""> <b class="">Subject: </b>Re: [midPoint] Issue with AD Synchronization process<br class=""><div class=""><br class=""></div>Hi Ivan,<div class=""><br class=""></div><div class="">the zip attached file contains:</div><div class=""><br class=""></div><div class="">- Resource-ActiveDirectorySyncOnly.xml: resource AD as configured in the environment;</div><div class=""><br class=""></div><div class="">- ObjectTemplate-CreateFromAD.xml: the (empty) object template referenced in the resource;</div><div class=""><br class=""></div><div class="">- TaskType-ADSync.xml: the task configured for starting the synchronization.</div><div class=""><br class=""></div><div class=""><div class="">Regards.</div><div class=""><br class=""></div><div class=""> Fabio</div><br class=""><div class=""><br></div></div><br class=""><div class=""><div class=""><div class=""><br class=""></div></div><div class=""><blockquote class=""><div class="">Il giorno 27/ago/2015, alle ore 13:12, Ivan Noris <<a href="mailto:ivan.noris@evolveum.com" class="" target="_blank" data-mce-href="mailto:ivan.noris@evolveum.com"></a><a class="moz-txt-link-abbreviated" href="mailto:ivan.noris@evolveum.com" target="_blank" data-mce-href="mailto:ivan.noris@evolveum.com">ivan.noris@evolveum.com</a>> ha scritto:</div><br class="Apple-interchange-newline"><div class=""><div class=""><div style="font-family: 'times new
roman', 'new york', times, serif;
font-size: 12pt;" class="" data-mce-style="font-family: 'times new
roman', 'new york', times, serif; font-size: 12pt;"><div class="">Hi,<br class=""></div><div class=""><br class=""></div><div class="">can you please send the resource (anonymized if needed) to see the connector configuration properties?<br class=""></div><div class=""><br class=""></div><div class="">Regards,<br class=""></div><div class="">Ivan<br class=""></div><div class=""><br class=""></div><hr id="zwchr" class=""><blockquote style="border-left-width:
2px; border-left-style: solid;
border-left-color: rgb(16, 16, 255);
margin-left: 5px; padding-left: 5px;
font-weight: normal; font-style:
normal; text-decoration: none;
font-family: Helvetica, Arial,
sans-serif; font-size: 12pt;" class="" data-mce-style="border-left-width: 2px; border-left-style: solid; border-left-color: #1010ff; margin-left: 5px; padding-left: 5px; font-weight: normal; font-style: normal; text-decoration: none; font-family: Helvetica, Arial,
sans-serif; font-size: 12pt;"><b class="">From: </b>"Fabio Contessi" <<a href="mailto:f.contessi@nsr.it" class="" target="_blank" data-mce-href="mailto:f.contessi@nsr.it"></a><a class="moz-txt-link-abbreviated" href="mailto:f.contessi@nsr.it" target="_blank" data-mce-href="mailto:f.contessi@nsr.it">f.contessi@nsr.it</a>><br class=""> <b class="">To: </b><a href="mailto:midpoint@lists.evolveum.com" class="" target="_blank" data-mce-href="mailto:midpoint@lists.evolveum.com"></a><a class="moz-txt-link-abbreviated" href="mailto:midpoint@lists.evolveum.com" target="_blank" data-mce-href="mailto:midpoint@lists.evolveum.com">midpoint@lists.evolveum.com</a><br class=""> <b class="">Sent: </b>Thursday, August 27, 2015 12:29:58 PM<br class=""> <b class="">Subject: </b>[midPoint] Issue with AD Synchronization process<br class=""><div class=""><br class=""></div>Hi,<div class="">I have a problem in executing synchronization process using an Active Directory as resource. I’m using:</div><div class=""><br class=""></div><div class="">- midpoint 3.2;</div><div class=""><br class=""></div><div class="">- Active Directory on Windows Server 2008 R2 Enterprise;</div><div class=""><br class=""></div><div class="">- Active Directory Connector Server 1.4.1.20257 on Windows Server 2012 R2 Standard Edition.</div><div class=""><br class=""></div><div class="">When I start the synchronization task it stops immediately giving the message:</div><div class=""><br class=""></div><div class=""><b class="">Synchronization error: generic connector framework error: org.identityconnectors.framework.impl.api.remote.RemoteWrappedException(The given key was not present in the dictionary.) </b></div><div class=""><br class=""></div><div class="">Below an extract of the Connector Server log file concerning the synchronization error:<br class=""> <br class=""> ConnectorServer.exe Error: 0 : Exception :<br class=""> Type: System.Collections.Generic.KeyNotFoundException<br class=""> Message: The given key was not present in the dictionary.<br class=""> Source: FrameworkInternal<br class=""> Stacktrace: at System.Collections.Generic.Dictionary`2.get_Item(TKey key)<br class=""> at Org.IdentityConnectors.ActiveDirectory.ActiveDirectoryConnector.Sync(ObjectClass objClass, SyncToken token, SyncResultsHandler handler, OperationOptions options) in d:\midpoint\tgit\openicf\connectors\dotnet\ActiveDirectoryConnector\ActiveDirectoryConnector.cs:line 1196<br class=""> at Org.IdentityConnectors.Framework.Impl.Api.Local.Operations.SyncImpl.Sync(ObjectClass objectClass, SyncToken token, SyncResultsHandler handler, OperationOptions options) in c:\Users\Pavol\Documents\GitHub\ConnId\dotnet\FrameworkInternal\ApiLocalOperations.cs:line 1606<br class=""> at Org.IdentityConnectors.Framework.Impl.Api.Local.Operations.ConnectorAPIOperationRunnerProxy.Invoke(Object proxy, MethodInfo method, Object[] args) in c:\Users\Pavol\Documents\GitHub\ConnId\dotnet\FrameworkInternal\ApiLocalOperations.cs:line 247<br class=""> at ___proxy1.Sync(ObjectClass , SyncToken , SyncResultsHandler , OperationOptions )<br class=""> at Org.IdentityConnectors.Framework.Impl.Api.DelegatingTimeoutProxy.Invoke(Object proxy, MethodInfo method, Object[] args) in c:\Users\Pavol\Documents\GitHub\ConnId\dotnet\FrameworkInternal\Api.cs:line 1344<br class=""> at ___proxy1.Sync(ObjectClass , SyncToken , SyncResultsHandler , OperationOptions )<br class=""> at Org.IdentityConnectors.Framework.Impl.Server.ConnectionProcessor.ProcessOperationRequest(OperationRequest request) in c:\Users\Pavol\Documents\GitHub\ConnId\dotnet\FrameworkInternal\Server.cs:line 626<br class=""> DateTime=2015-08-27T08:02:33.2560306Z</div><div class=""><br class=""></div><div class="">Any ideas on how to resolve the issue?</div><div class=""><br class=""></div><div class="">Thanks in advance.</div><div class=""><br class=""></div><div class="">————————</div><div class="">Fabio Contessi</div><div class=""><br class=""></div><div class=""><br class=""></div><div class=""><br class=""></div><br class=""> _______________________________________________<br class=""> midPoint mailing list<br class=""> <a href="mailto:midPoint@lists.evolveum.com" class="" target="_blank" data-mce-href="mailto:midPoint@lists.evolveum.com">midPoint@lists.evolveum.com</a><br class=""> <a class="moz-txt-link-freetext" href="http://lists.evolveum.com/mailman/listinfo/midpoint" target="_blank" data-mce-href="http://lists.evolveum.com/mailman/listinfo/midpoint">http://lists.evolveum.com/mailman/listinfo/midpoint</a><br class=""></blockquote><div class=""><br class=""> <br class=""></div><div class=""><br class=""></div><div class="">-- <br class=""></div><div class=""><span class=""></span> Ing. Ivan Noris<br class=""> Senior Identity Management Engineer<br class=""> <a href="http://evolveum.com/" class="" target="_blank" data-mce-href="http://evolveum.com/">evolveum.com</a><br class=""> ___________________________________________<br class=""> "Idem per idem - semper idem Vix."<span class=""></span><br class=""></div></div></div>_______________________________________________<br class=""> midPoint mailing list<br class=""> <a href="mailto:midPoint@lists.evolveum.com" class="" target="_blank" data-mce-href="mailto:midPoint@lists.evolveum.com">midPoint@lists.evolveum.com</a><br class=""> <a href="http://lists.evolveum.com/mailman/listinfo/midpoint" class="" target="_blank" data-mce-href="http://lists.evolveum.com/mailman/listinfo/midpoint">http://lists.evolveum.com/mailman/listinfo/midpoint</a><br class=""></div></blockquote></div><br class=""></div><br class=""> _______________________________________________<br class=""> midPoint mailing list<br class=""> <a href="mailto:midPoint@lists.evolveum.com" class="" target="_blank" data-mce-href="mailto:midPoint@lists.evolveum.com">midPoint@lists.evolveum.com</a><br class=""> <a class="moz-txt-link-freetext" href="http://lists.evolveum.com/mailman/listinfo/midpoint" target="_blank" data-mce-href="http://lists.evolveum.com/mailman/listinfo/midpoint">http://lists.evolveum.com/mailman/listinfo/midpoint</a><br class=""></blockquote><div class=""><br class=""> <br class=""></div><div class=""><br class=""></div><div class="">-- <br class=""></div><div class=""><span class=""></span> Ing. Ivan Noris<br class=""> Senior Identity Management Engineer<br class=""> <a href="http://evolveum.com/" class="" target="_blank" data-mce-href="http://evolveum.com/">evolveum.com</a><br class=""> ___________________________________________<br class=""> "Idem per idem - semper idem Vix."<span class=""></span><br class=""></div></div></div>_______________________________________________<br class=""> midPoint mailing list<br class=""> <a href="mailto:midPoint@lists.evolveum.com" class="" target="_blank" data-mce-href="mailto:midPoint@lists.evolveum.com">midPoint@lists.evolveum.com</a><br class=""> <a class="moz-txt-link-freetext" href="http://lists.evolveum.com/mailman/listinfo/midpoint" target="_blank" data-mce-href="http://lists.evolveum.com/mailman/listinfo/midpoint">http://lists.evolveum.com/mailman/listinfo/midpoint</a><br class=""></div></blockquote></div><br class=""></div></div><br class=""><fieldset class="mimeAttachmentHeader"></fieldset><br class=""><pre class="">_______________________________________________
midPoint mailing list
<a class="moz-txt-link-abbreviated" href="mailto:midPoint@lists.evolveum.com" target="_blank" data-mce-href="mailto:midPoint@lists.evolveum.com">midPoint@lists.evolveum.com</a>
<a class="moz-txt-link-freetext" href="http://lists.evolveum.com/mailman/listinfo/midpoint" target="_blank" data-mce-href="http://lists.evolveum.com/mailman/listinfo/midpoint">http://lists.evolveum.com/mailman/listinfo/midpoint</a>
</pre></blockquote><br class=""><pre class="moz-signature">--
Ing. Ivan Noris
Senior Identity Management Engineer & IDM Architect
<a href="http://evolveum.com" class="" target="_blank" data-mce-href="http://evolveum.com">evolveum.com</a> <a href="http://evolveum.com/blog/" class="" target="_blank" data-mce-href="http://evolveum.com/blog/">evolveum.com/blog/</a>
___________________________________________________
"Semper Id(e)M Vix."
</pre></div>_______________________________________________<br class="">midPoint mailing list<br class=""><a href="mailto:midPoint@lists.evolveum.com" class="" target="_blank" data-mce-href="mailto:midPoint@lists.evolveum.com">midPoint@lists.evolveum.com</a><br class="">http://lists.evolveum.com/mailman/listinfo/midpoint<br class=""></div></blockquote></div><br class=""></div></div></div><br>_______________________________________________<br>midPoint mailing list<br>midPoint@lists.evolveum.com<br>http://lists.evolveum.com/mailman/listinfo/midpoint<br></blockquote><div><br><br></div><div><br></div><div>-- <br></div><div><span name="x"></span> Ing. Ivan Noris<br> Senior Identity Management Engineer<br> evolveum.com<br> ___________________________________________<br> "Idem per idem - semper idem Vix."<span name="x"></span><br></div></div></body></html>