<html>
<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
Hi Dick,<br>
<br>
FYI I have just tried resource-localhost.xml from
testing/conntest/.../ad-ldap and after I set the SSL/tunnel to
medusa correctly, I was able to create an account using Add
projection without any problems. I have not changed anything in the
sample.<br>
<br>
Strange enough :-) I have not touched ri:cn at all. But of course my
objectCategory DN is valid.<br>
<br>
FYI I was trying to send userPrincipalName attribute as
user@domain@domain (because of bad mapping) and the error message
returned by AD was: "00000523: SysErr: DSID-031A1202, problem 22
(Invalid argument), data 0". But tracing showed the value I was
trying to send, so it helped me to diagnose it instantly.<br>
<br>
Regards,<br>
Ivan<br>
<br>
<div class="moz-cite-prefix">On 06/29/2016 01:57 PM, Dick Muller
wrote:<br>
</div>
<blockquote
cite="mid:D53E5299-773A-4DF3-9251-A49F5A6F3F70@tahzoo.com"
type="cite">
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta name="Title" content="">
<meta name="Keywords" content="">
<meta name="Generator" content="Microsoft Word 15 (filtered
medium)">
<!--[if !mso]><style>v\:* {behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}
</style><![endif]-->
<style><!--
/* Font Definitions */
@font-face
{font-family:"Courier New";
panose-1:2 7 3 9 2 2 5 2 4 4;}
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:"Times New Roman \;color\:black ";}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:Calibri;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:#0563C1;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:#954F72;
text-decoration:underline;}
pre
{mso-style-priority:99;
mso-style-link:"HTML Preformatted Char";
margin:0in;
margin-bottom:.0001pt;
font-size:10.0pt;
font-family:"Courier New";}
span.HTMLPreformattedChar
{mso-style-name:"HTML Preformatted Char";
mso-style-priority:99;
mso-style-link:"HTML Preformatted";
font-family:Courier;}
span.EmailStyle19
{mso-style-type:personal;
font-family:Calibri;
color:windowtext;}
span.EmailStyle20
{mso-style-type:personal;
font-family:Calibri;
color:windowtext;}
span.EmailStyle21
{mso-style-type:personal;
font-family:Calibri;
color:windowtext;}
span.EmailStyle22
{mso-style-type:personal;
font-family:Calibri;
color:windowtext;}
span.EmailStyle23
{mso-style-type:personal-reply;
font-family:Calibri;
color:windowtext;}
span.msoIns
{mso-style-type:export-only;
mso-style-name:"";
text-decoration:underline;
color:teal;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style>
<div class="WordSection1">
<p class="MsoNormal"><span style="font-size:11.0pt">Ivan,<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt">I used a
sample LDAP resource file and seems that the attribute (that
I do not need btw) with the name objectCategory was giving
problems.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt">Now I have
anoter error, stating that the object can’t be created
because of an invalied attribute.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt">The error
log is in the attachments of this mail.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt">I hope you
can think of something, because we are talking about pretty
standard attributes I think.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt">Thanks,<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt">Dick<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt"><o:p> </o:p></span></p>
<div style="border:none;border-top:solid #B5C4DF
1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b><span style="color:black">From: </span></b><span
style="color:black">midPoint
<a class="moz-txt-link-rfc2396E" href="mailto:midpoint-bounces@lists.evolveum.com"><midpoint-bounces@lists.evolveum.com></a> on behalf of
Dick Muller <a class="moz-txt-link-rfc2396E" href="mailto:dick.muller@tahzoo.com"><dick.muller@tahzoo.com></a><br>
<b>Reply-To: </b>midPoint General Discussion
<a class="moz-txt-link-rfc2396E" href="mailto:midpoint@lists.evolveum.com"><midpoint@lists.evolveum.com></a><br>
<b>Date: </b>Wednesday 29 June 2016 at 13:25<br>
<b>To: </b>midPoint General Discussion
<a class="moz-txt-link-rfc2396E" href="mailto:midpoint@lists.evolveum.com"><midpoint@lists.evolveum.com></a><br>
<b>Subject: </b>Re: [midPoint] LDAP connector 1.4.3 was
not found<o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span style="font-family:"Times New
Roman","serif""><o:p> </o:p></span></p>
</div>
<div>
<div>
<p class="MsoNormal"><span style="font-size:11.0pt">HI Ivan,</span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt"> </span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt">The
logfile tells that there is a constraint error because
the object already exists.</span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt">But that
is absolutely not true. I’ve looked in the AD domain and
forest for the same account, but it doesn’t exist.</span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt"> </span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt">I’ve
included the log in the mail.</span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt"> </span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt">Thanks,</span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt">Dick</span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt"> </span><o:p></o:p></p>
<div style="border:none;border-top:solid #B5C4DF
1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b><span style="color:black">From: </span></b><span
style="color:black">midPoint
<a class="moz-txt-link-rfc2396E" href="mailto:midpoint-bounces@lists.evolveum.com"><midpoint-bounces@lists.evolveum.com></a> on behalf
of Ivan Noris <a class="moz-txt-link-rfc2396E" href="mailto:ivan.noris@evolveum.com"><ivan.noris@evolveum.com></a><br>
<b>Organization: </b>Evolveum, s.r.o.<br>
<b>Reply-To: </b>midPoint General Discussion
<a class="moz-txt-link-rfc2396E" href="mailto:midpoint@lists.evolveum.com"><midpoint@lists.evolveum.com></a><br>
<b>Date: </b>Wednesday 29 June 2016 at 09:19<br>
<b>To: </b><a class="moz-txt-link-rfc2396E" href="mailto:midpoint@lists.evolveum.com">"midpoint@lists.evolveum.com"</a>
<a class="moz-txt-link-rfc2396E" href="mailto:midpoint@lists.evolveum.com"><midpoint@lists.evolveum.com></a><br>
<b>Subject: </b>Re: [midPoint] LDAP connector 1.4.3
was not found</span><o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><span style="font-family:"Times
New Roman","serif""> </span><o:p></o:p></p>
</div>
<div>
<div>
<p class="MsoNormal" style="margin-bottom:12.0pt">Hi
Dick,<br>
<br>
I don't see anything obvious yet.<br>
Please try to get:<br>
1) stack trace from midpoint idm.log when this
operation fails<br>
2) the (red) result can be clicked and whole tree of
operations will be displayed. Somewhere will be ICF
Create or ICF Update operation logged, including the
parameters from provisioning. This would help to see
what was sent to the connector.<br>
<br>
Also tracing org.identityconnectors.framework.api
during this operation would help too. (idm.log will
contain the information)<br>
<br>
The cn=ldap.test,... account is the one you are trying
to create, right? Does "ou=Employees DC" exist in
OU=Tahzoo?<br>
<br>
Ivan<o:p></o:p></p>
<div>
<p class="MsoNormal">On 06/29/2016 07:36 AM, Dick
Muller wrote:<o:p></o:p></p>
</div>
<blockquote style="margin-top:5.0pt;margin-bottom:5.0pt">
<p class="MsoNormal"><span style="font-size:11.0pt">Hi
Ivan,</span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt"> </span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt">I
get an error when I add a projection to the user
with an LDAPS connection.</span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt">(See
the attachment)</span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt">I’ve
checked the synchronization mappings and
synchronization tab. I’ve got the reconcile
checked and kind and intent correctly configured.</span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt"> </span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt">Thanks,</span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt"> </span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt">Dick</span><o:p></o:p></p>
<p class="MsoNormal"><span style="font-size:11.0pt"> </span><o:p></o:p></p>
<div style="border:none;border-top:solid #B5C4DF
1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b><span style="color:black">From:
</span></b><span style="color:black">midPoint
<a moz-do-not-send="true"
href="mailto:midpoint-bounces@lists.evolveum.com"><midpoint-bounces@lists.evolveum.com></a>
on behalf of Ivan Noris
<a moz-do-not-send="true"
href="mailto:ivan.noris@evolveum.com"><ivan.noris@evolveum.com></a><br>
<b>Organization: </b>Evolveum, s.r.o.<br>
<b>Reply-To: </b>midPoint General Discussion <a
moz-do-not-send="true"
href="mailto:midpoint@lists.evolveum.com">
<a class="moz-txt-link-rfc2396E" href="mailto:midpoint@lists.evolveum.com"><midpoint@lists.evolveum.com></a></a><br>
<b>Date: </b>Tuesday 28 June 2016 at 15:17<br>
<b>To: </b><a moz-do-not-send="true"
href="mailto:midpoint@lists.evolveum.com">"midpoint@lists.evolveum.com"</a>
<a moz-do-not-send="true"
href="mailto:midpoint@lists.evolveum.com"><midpoint@lists.evolveum.com></a><br>
<b>Subject: </b>Re: [midPoint] LDAP connector
1.4.3 was not found</span><o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><span
style="font-family:"Times New
Roman","serif""> </span><o:p></o:p></p>
</div>
<div>
<div>
<p class="MsoNormal" style="margin-bottom:12.0pt">Hi
Dick,<br>
<br>
AFAIK with midPoint 3.4 you should see LDAP
connectors version 1.4.2.17 (including AdLdap).<br>
<br>
The 1.4.3.0-SNAPSHOT was used during 3.4
development and that connector version was
tagged as 1.4.2.17, so that should be the
version you want to use.<br>
<br>
What sync problems with 1.4.2.x are you
referring to?<br>
<br>
The error message means that there is no
connector (JAR) referenced by Connector
repository object (1.4.3.0-SNAPSHOT).<br>
<br>
You need to update all resources referencing to
the 1.4.3.0-SNAPSHOT connectors to refer to
1.4.2.17. (By changing the oid in connectorRef
in the resources, as we were discussing during
the training.<br>
<br>
Best regards,<br>
Ivan<o:p></o:p></p>
<div>
<p class="MsoNormal">On 06/28/2016 03:05 PM,
Dick Muller wrote:<o:p></o:p></p>
</div>
<blockquote
style="margin-top:5.0pt;margin-bottom:5.0pt">
<p class="MsoNormal"><span
style="font-size:11.0pt">Hi,</span><o:p></o:p></p>
<p class="MsoNormal"><span
style="font-size:11.0pt">I upgraded to the
latest 3.4 version and wanted to install
ADLDAP connectors.</span><o:p></o:p></p>
<p class="MsoNormal"><span
style="font-size:11.0pt">I can select 1.4.2
or 1.4.3.0-SNAPSHOT. The 1.4.2 version gives
problems during syncing. I think this is
already described in JIRA.</span><o:p></o:p></p>
<p class="MsoNormal"><span
style="font-size:11.0pt">I want to use the
latest version 1.4.3.0-snapshot but get an
error during TEST of the resource.</span><o:p></o:p></p>
<p class="MsoNormal"><span
style="font-size:11.0pt"> </span><o:p></o:p></p>
<p class="MsoNormal"><span
style="font-size:11.0pt">I’ve included the
Error message as attachment.</span><o:p></o:p></p>
<p class="MsoNormal"><span
style="font-size:11.0pt"> </span><o:p></o:p></p>
<p class="MsoNormal"><span
style="font-size:11.0pt">Hope somebody can
help me with this.</span><o:p></o:p></p>
<p class="MsoNormal"><span
style="font-size:11.0pt"> </span><o:p></o:p></p>
<p class="MsoNormal"><span
style="font-size:11.0pt">Regards,</span><o:p></o:p></p>
<div>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Times
New Roman \;color\:black ""> </span><o:p></o:p></p>
<div>
<div>
<div>
<div>
<div>
<div>
<div class="MsoNormal"><span
style="font-size:10.5pt;color:black">
<hr style="width:187.5pt"
align="left" size="1"
width="250">
</span></div>
</div>
</div>
</div>
</div>
</div>
</div>
<p class="MsoNormal"><b><span
style="font-size:9.0pt;font-family:Helvetica;color:#1D6084">Dick
Muller</span></b><o:p></o:p></p>
<p class="MsoNormal" style="background:white"><span
style="font-size:10.0pt;font-family:Helvetica;color:#646464">Senior
Systems Engineer</span><o:p></o:p></p>
<p class="MsoNormal"
style="margin-bottom:12.0pt;background:white"><span
style="font-size:8.5pt;font-family:Helvetica;color:#646464">Delftechpark
37i<br>
2628 XJ Delft<b><br>
d</b>: +31 88 2682586 <br>
<b>m:</b> +31 6 46477690</span><o:p></o:p></p>
<p class="MsoNormal" style="background:white"><a
moz-do-not-send="true"
href="http://www.tahzoo.com/"
target="_blank"><span
style="font-size:11.0pt;text-decoration:none"><img
id="_x0000_i1026"
src="cid:part6.06010305.09040709@evolveum.com"
border="0" height="48" width="125"></span></a><o:p></o:p></p>
</div>
<p class="MsoNormal"> <o:p></o:p></p>
<p class="MsoNormal"><span
style="font-family:"Times New
Roman","serif""><br>
<br>
<br>
<br>
<br>
<br>
</span><o:p></o:p></p>
<pre>_______________________________________________<o:p></o:p></pre>
<pre>midPoint mailing list<o:p></o:p></pre>
<pre><a moz-do-not-send="true" href="mailto:midPoint@lists.evolveum.com">midPoint@lists.evolveum.com</a><o:p></o:p></pre>
<pre><a moz-do-not-send="true" href="http://lists.evolveum.com/mailman/listinfo/midpoint">http://lists.evolveum.com/mailman/listinfo/midpoint</a><o:p></o:p></pre>
</blockquote>
<p class="MsoNormal"><span
style="font-family:"Times New
Roman","serif""><br>
<br>
<br>
<br>
<br>
</span><o:p></o:p></p>
<pre>-- <o:p></o:p></pre>
<pre> Ing. Ivan Noris<o:p></o:p></pre>
<pre> Senior Identity Management Engineer & IDM Architect<o:p></o:p></pre>
<pre> evolveum.com evolveum.com/blog/<o:p></o:p></pre>
<pre> ___________________________________________________<o:p></o:p></pre>
<pre> "Semper ID(e)M Vix."<o:p></o:p></pre>
</div>
</div>
<p class="MsoNormal"><span
style="font-family:"Times New
Roman","serif""><br>
<br>
<br>
<br>
</span><o:p></o:p></p>
<pre>_______________________________________________<o:p></o:p></pre>
<pre>midPoint mailing list<o:p></o:p></pre>
<pre><a moz-do-not-send="true" href="mailto:midPoint@lists.evolveum.com">midPoint@lists.evolveum.com</a><o:p></o:p></pre>
<pre><a moz-do-not-send="true" href="http://lists.evolveum.com/mailman/listinfo/midpoint">http://lists.evolveum.com/mailman/listinfo/midpoint</a><o:p></o:p></pre>
</blockquote>
<p class="MsoNormal"><span
style="font-family:"Times New
Roman","serif""><br>
<br>
<br>
</span><o:p></o:p></p>
<pre>-- <o:p></o:p></pre>
<pre> Ing. Ivan Noris<o:p></o:p></pre>
<pre> Senior Identity Management Engineer & IDM Architect<o:p></o:p></pre>
<pre> evolveum.com evolveum.com/blog/<o:p></o:p></pre>
<pre> ___________________________________________________<o:p></o:p></pre>
<pre> "Semper ID(e)M Vix."<o:p></o:p></pre>
</div>
</div>
</div>
</div>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
midPoint mailing list
<a class="moz-txt-link-abbreviated" href="mailto:midPoint@lists.evolveum.com">midPoint@lists.evolveum.com</a>
<a class="moz-txt-link-freetext" href="http://lists.evolveum.com/mailman/listinfo/midpoint">http://lists.evolveum.com/mailman/listinfo/midpoint</a>
</pre>
</blockquote>
<br>
<pre class="moz-signature" cols="72">--
Ing. Ivan Noris
Senior Identity Management Engineer & IDM Architect
evolveum.com evolveum.com/blog/
___________________________________________________
"Semper ID(e)M Vix."
</pre>
</body>
</html>