<html>
  <head>
    <meta content="text/html; charset=utf-8" http-equiv="Content-Type">
  </head>
  <body text="#000000" bgcolor="#FFFFFF">
    Hi Marco,<br>
    <br>
    have you also set SSL? Do you have (windows machine) CA certificate
    in midPoint keystore?<br>
    <br>
    I believe Radovan will also have some thoughts, but these are just
    in my mind.<br>
    <br>
    In <a class="moz-txt-link-freetext" href="https://wiki.evolveum.com/pages/viewpage.action?pageId=20709437">https://wiki.evolveum.com/pages/viewpage.action?pageId=20709437</a>
    (Active Directory Tips&Tricks) I can see the following:<br>
    <br>
    ...<br>
    "Either install Active Directory Certificate Services (AD CS) or
    install server certificate manually: <a
href="https://www.petri.com/enable-secure-ldap-windows-server-2008-2012-dc"
      class="external-link" rel="nofollow"><a class="moz-txt-link-freetext" href="https://www.petri.com/enable-secure-ldap-windows-server-2008-2012-dc">https://www.petri.com/enable-secure-ldap-windows-server-2008-2012-dc</a></a>"<br>
    ...<br>
    <br>
    Also, although this is unrelated to this problem, please use<br>
    <div class="container" title="Hint: double-click to select code">
      <div class="line number1 index0 alt2"><code class="java plain"><schema></code></div>
      <div class="line number2 index1 alt1"><code class="java spaces">   </code><code
          class="java plain"><generationConstraints></code></div>
      <div class="line number3 index2 alt2"><code class="java spaces">        </code><code
          class="java plain"><generateObjectClass>ri:user</generateObjectClass></code></div>
      <div class="line number4 index3 alt1"><code class="java spaces">        </code><code
          class="java plain"><generateObjectClass>ri:group</generateObjectClass></code></div>
      <div class="line number5 index4 alt2"><code class="java spaces">    </code><code
          class="java plain"></generationConstraints></code></div>
      <div class="line number6 index5 alt1"><code class="java plain"></schema></code></div>
    </div>
    <br>
    in your resource to <b>avoid</b> fetching all LDAP object classes
    from Active Directory... This is also in
    <a class="moz-txt-link-freetext" href="https://wiki.evolveum.com/display/midPoint/Active+Directory+with+LDAP+connector">https://wiki.evolveum.com/display/midPoint/Active+Directory+with+LDAP+connector</a>
    but may be interesting.<br>
    <br>
    Ivan<br>
    <br>
    <div class="moz-cite-prefix">On 02/02/2016 05:09 PM, Marco Benucci
      wrote:<br>
    </div>
    <blockquote
cite="mid:CAEYZk3Twa9q39wO4FZmjT0nrH=ybQAgw596qXjjeajzCgO1LNA@mail.gmail.com"
      type="cite">
      <div dir="ltr">I'm trying to configure my AD resource with the
        connector you have specified<br>
        <br>
        ICF.com.evolveum.polygon.connector.ldap.ad.AdLdapConnector
        v1.4.2.0 (like the wiki says)<br>
        ----------<br>
        port:636<br>
        <span style="color:rgb(51,51,51);font-family:'Source Sans
          Pro','Helvetica
Neue',Helvetica,Arial,sans-serif;font-size:14px;line-height:20px;background-color:rgb(236,240,245)">baseContext: </span><font
          face="Source Sans Pro, Helvetica Neue, Helvetica, Arial,
          sans-serif" color="#333333"><span
            style="font-size:14px;line-height:20px">DC=rete,DC=risorse,DC=mise<br>
          </span></font>bindDn: CN=idmadminrete2,OU=MISE,DC=rete,DC=risorse,DC=mise<br>
        <span style="color:rgb(51,51,51);font-family:'Source Sans
          Pro','Helvetica
Neue',Helvetica,Arial,sans-serif;font-size:14px;line-height:20px;background-color:rgb(249,249,249)">passwordAttribute:
          MyPaSsWoRd<br>
        </span><span style="color:rgb(51,51,51);font-family:'Source Sans
          Pro','Helvetica
Neue',Helvetica,Arial,sans-serif;font-size:14px;line-height:20px;background-color:rgb(236,240,245)">host:
          <hostname></span>
        <div><span style="color:rgb(51,51,51);font-family:'Source Sans
            Pro','Helvetica
Neue',Helvetica,Arial,sans-serif;font-size:14px;line-height:26.6667px;background-color:rgb(249,249,249)">enableAttributesToGetSearchResultsHandler:
            false<br>
          </span><span style="color:rgb(51,51,51);font-family:'Source
            Sans Pro','Helvetica
Neue',Helvetica,Arial,sans-serif;font-size:14px;line-height:26.6667px;background-color:rgb(249,249,249)">enableFilteredResultsHandler:
            false</span></div>
        <div><span style="color:rgb(51,51,51);font-family:'Source Sans
            Pro','Helvetica
Neue',Helvetica,Arial,sans-serif;font-size:14px;line-height:26.6667px;background-color:rgb(236,240,245)">enableNormalizingResultsHandler:
            false</span></div>
        <div><span style="color:rgb(51,51,51);font-family:'Source Sans
            Pro','Helvetica
Neue',Helvetica,Arial,sans-serif;font-size:14px;line-height:26.6667px;background-color:rgb(236,240,245)">---------</span></div>
        <div><span style="color:rgb(51,51,51);font-family:'Source Sans
            Pro','Helvetica
Neue',Helvetica,Arial,sans-serif;font-size:14px;line-height:26.6667px;background-color:rgb(236,240,245)">but,
            with the "save and test connection" on the configuration
            page of the AD resource,  i'm recieving this error<br>
            <br>
          </span>
          <ul style="margin:0px;list-style:none outside
            none;padding:0px;color:rgb(185,74,72);font-family:'Source
            Sans Pro','Helvetica
Neue',Helvetica,Arial,sans-serif;font-size:12px;line-height:17.1429px;background-color:rgb(242,222,222)">
            <li style="padding:1px 0px;list-style:none outside
              none;margin:0px;text-overflow:ellipsis;overflow:auto"><span
                class="">Connector configuration error for the
                <a class="moz-txt-link-freetext" href="resource:3f820c01-1baa-40a8-9f65-27bbd997791e(ldap_ad)">resource:3f820c01-1baa-40a8-9f65-27bbd997791e(ldap_ad)</a>:
                Configuration error: Unable to bind to LDAP server <a
                  moz-do-not-send="true" href="http://192.168.123.2:636">192.168.123.2:636</a>
                as CN=idmadminrete2,OU=MISE,DC=rete,DC=risorse,DC=mise:
                protocolError: PROTOCOL_ERROR: The server will
                disconnect! (2)</span></li>
          </ul>
          <div><font face="Source Sans Pro, Helvetica Neue, Helvetica,
              Arial, sans-serif" color="#b94a48"><span
                style="font-size:12px;line-height:17.1429px"><br>
              </span></font></div>
          <div><font face="Source Sans Pro, Helvetica Neue, Helvetica,
              Arial, sans-serif" color="#b94a48"><span
                style="line-height:17.1429px">The idmadminrete2 user
                have admin permissions on the AD...<br>
              </span><span style="font-size:12px;line-height:17.1429px"><br>
                Do you know where i'm wrong?<br>
                <br>
                <br>
                Thanks,<br>
                <br>
                Marco </span></font></div>
          <span style="color:rgb(51,51,51);font-family:'Source Sans
            Pro','Helvetica
Neue',Helvetica,Arial,sans-serif;font-size:14px;line-height:26.6667px;background-color:rgb(236,240,245)"><br>
            <br>
          </span></div>
      </div>
      <br>
      <fieldset class="mimeAttachmentHeader"></fieldset>
      <br>
      <pre wrap="">_______________________________________________
midPoint mailing list
<a class="moz-txt-link-abbreviated" href="mailto:midPoint@lists.evolveum.com">midPoint@lists.evolveum.com</a>
<a class="moz-txt-link-freetext" href="http://lists.evolveum.com/mailman/listinfo/midpoint">http://lists.evolveum.com/mailman/listinfo/midpoint</a>
</pre>
    </blockquote>
    <br>
    <pre class="moz-signature" cols="72">-- 
  Ing. Ivan Noris
  Senior Identity Management Engineer & IDM Architect
  evolveum.com                     evolveum.com/blog/
  ___________________________________________________
  "Semper Id(e)M Vix."
</pre>
  </body>
</html>