<div dir="ltr"><div dir="ltr"><br><div><br></div><div><span style="color:rgb(0,0,0);font-family:Roboto,RobotoDraft,Helvetica,Arial,sans-serif;font-size:18px;white-space:pre-wrap;background-color:rgb(210,227,252)">My Active Directory is running on Windows Server 2016, does anyone run this version with Midpoint 4.1 or 4.2?</span><br></div><div><span style="color:rgb(0,0,0);font-family:Roboto,RobotoDraft,Helvetica,Arial,sans-serif;font-size:18px;white-space:pre-wrap;background-color:rgb(210,227,252)"><br></span></div><div><span style="color:rgb(0,0,0);font-family:Roboto,RobotoDraft,Helvetica,Arial,sans-serif;font-size:18px;white-space:pre-wrap;background-color:rgb(210,227,252)">Regards</span></div><div><span style="color:rgb(0,0,0);font-family:Roboto,RobotoDraft,Helvetica,Arial,sans-serif;font-size:18px;white-space:pre-wrap;background-color:rgb(210,227,252)"><br></span></div><div><span style="color:rgb(0,0,0);font-family:Roboto,RobotoDraft,Helvetica,Arial,sans-serif;font-size:18px;white-space:pre-wrap;background-color:rgb(210,227,252)">Gus</span></div></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">Em seg., 14 de dez. de 2020 às 10:37, Al Lilianstrom via midPoint <<a href="mailto:midpoint@lists.evolveum.com">midpoint@lists.evolveum.com</a>> escreveu:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">Also<br>
<br>
Check your System and Directory Service event logs on the Domain Controllers. There might be a hint there as to the problem.<br>
<br>
<br>
--<br>
Al Lilianstrom<br>
Authentication Services<br>
<br>
Fermi National Accelerator Laboratory<br>
<a href="http://www.fnal.gov" rel="noreferrer" target="_blank">www.fnal.gov</a><br>
<a href="mailto:lilstrom@fnal.gov" target="_blank">lilstrom@fnal.gov</a><br>
<br>
<br>
________________________________________<br>
From: Al Lilianstrom <<a href="mailto:lilstrom@fnal.gov" target="_blank">lilstrom@fnal.gov</a>><br>
Sent: Monday, December 14, 2020 7:19 AM<br>
To: midPoint General Discussion<br>
Subject: Re: [midPoint] Synchronization Trouble - Active Directory to MP<br>
<br>
<br>
Gus,<br>
<br>
Please pull the DA permissions as soon as you can<br>
<br>
Replicating directory changes is necessary. Check for that.<br>
<br>
--<br>
Al Lilianstrom<br>
Authentication Services<br>
<br>
Fermi National Accelerator Laboratory<br>
<a href="http://www.fnal.gov" rel="noreferrer" target="_blank">www.fnal.gov</a><br>
<a href="mailto:lilstrom@fnal.gov" target="_blank">lilstrom@fnal.gov</a><br>
<br>
<br>
________________________________________<br>
From: midPoint <<a href="mailto:midpoint-bounces@lists.evolveum.com" target="_blank">midpoint-bounces@lists.evolveum.com</a>> on behalf of Gus Lou via midPoint <<a href="mailto:midpoint@lists.evolveum.com" target="_blank">midpoint@lists.evolveum.com</a>><br>
Sent: Monday, December 14, 2020 7:00 AM<br>
To: midPoint General Discussion<br>
Cc: Gus Lou<br>
Subject: Re: [midPoint] Synchronization Trouble - Active Directory to MP<br>
<br>
Hi Ivan<br>
<br>
I'm checking the permissions again. I assigned full control permission at the domain level to the midpoint bind account in the active directory and enabled inheritance for all objects. It also assigns domain admin permission as well. I know that both permissions are not necessary and not recommended as they are highly permissive, but it was the way I found to try to eliminate possible permission errors.<br>
But unfortunately the problems persist.<br>
I will continue to investigate.<br>
<br>
Regards<br>
<br>
Gus<br>
<br>
<br>
Em seg., 14 de dez. de 2020 às 09:49, Ivan Noris via midPoint <<a href="mailto:midpoint@lists.evolveum.com" target="_blank">midpoint@lists.evolveum.com</a><mailto:<a href="mailto:midpoint@lists.evolveum.com" target="_blank">midpoint@lists.evolveum.com</a>>> escreveu:<br>
<br>
Hi Gus,<br>
<br>
seems to be permission problem in your AD.<br>
<br>
LDAP error during DirSync search: insufficientAccessRights: 00002105: LdapErr: DSID-0C0909A9, comment: Error processing control, data 0, v3839? (50)<br>
<br>
<br>
Best regards,<br>
<br>
Ivan<br>
<br>
On 12. 12. 2020 18:38, Gus Lou via midPoint wrote:<br>
Hi Richard<br>
I checked the permissions of the midpooint account in AD again and it is in accordance with the guidelines in the link below:<br>
Active Directory with LDAP connector - midPoint - Evolveum Confluence<<a href="https://urldefense.proofpoint.com/v2/url?u=https-3A__wiki.evolveum.com_display_midPoint_Active-2BDirectory-2Bwith-2BLDAP-2Bconnector&d=DwMFaQ&c=gRgGjJ3BkIsb5y6s49QqsA&r=Ccoy53oEM8wW3-vUAuZFE1kez-3vbV9LOfLVoaEsm3A&m=t3Y2sKnNRhcFDCgp_cjRSkN2sOieLk7ktdB0p5trDAg&s=lHe5YrQxLZ9dY8yXVQ8agTsQ5ligaXbx6hhseaon4ig&e=" rel="noreferrer" target="_blank">https://urldefense.proofpoint.com/v2/url?u=https-3A__wiki.evolveum.com_display_midPoint_Active-2BDirectory-2Bwith-2BLDAP-2Bconnector&d=DwMFaQ&c=gRgGjJ3BkIsb5y6s49QqsA&r=Ccoy53oEM8wW3-vUAuZFE1kez-3vbV9LOfLVoaEsm3A&m=t3Y2sKnNRhcFDCgp_cjRSkN2sOieLk7ktdB0p5trDAg&s=lHe5YrQxLZ9dY8yXVQ8agTsQ5ligaXbx6hhseaon4ig&e=</a>><br>
<br>
I applied permissions at the domain level <a href="http://xyz.net" rel="noreferrer" target="_blank">xyz.net</a><<a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__xyz.net&d=DwMFaQ&c=gRgGjJ3BkIsb5y6s49QqsA&r=Ccoy53oEM8wW3-vUAuZFE1kez-3vbV9LOfLVoaEsm3A&m=t3Y2sKnNRhcFDCgp_cjRSkN2sOieLk7ktdB0p5trDAg&s=x6rOMc9P-OQ_aUeBF43Xg7Vv_j0lMAyQgdUdwLIbiFk&e=" rel="noreferrer" target="_blank">https://urldefense.proofpoint.com/v2/url?u=http-3A__xyz.net&d=DwMFaQ&c=gRgGjJ3BkIsb5y6s49QqsA&r=Ccoy53oEM8wW3-vUAuZFE1kez-3vbV9LOfLVoaEsm3A&m=t3Y2sKnNRhcFDCgp_cjRSkN2sOieLk7ktdB0p5trDAg&s=x6rOMc9P-OQ_aUeBF43Xg7Vv_j0lMAyQgdUdwLIbiFk&e=</a>><br>
<br>
Here it is part of midpoint log:<br>
----------------------------------------------------------------------------------------------------------------<br>
2020-12-11 16:53:22,996 [] [Thread-327] ERROR (com.evolveum.polygon.connector.ldap.sync.AdDirSyncStrategy): method: null msg:LDAP error during DirSync search: insufficientAccessRights: 00002105: LdapErr: DSID-0C0909A9, comment: Error processing control, data 0, v3839? (50)<br>
2020-12-11 16:53:22,997 [] [midPointScheduler_Worker-2] WARN (com.evolveum.midpoint.provisioning.ucf.impl.connid.ConnIdUtil): Got ConnId exception (might be handled by upper layers later) org.identityconnectors.framework.common.exceptions.PermissionDeniedException in connector:a0c5bb85-f4f0-4954-af1d-17ec4f27233e(ConnId com.evolveum.polygon.<a href="http://connector.ldap.ad" target="_blank">connector.ldap.ad</a>.AdLdapConnector v3.1): ConnectorSpec(resource:746ecf5e-3e8c-11e6-b2f9-3c970e44b9e2(Medusa Active Directory (LDAP)), name=null, oid=a0c5bb85-f4f0-4954-af1d-17ec4f27233e): LDAP error during DirSync search: insufficientAccessRights: 00002105: LdapErr: DSID-0C0909A9, comment: Error processing control, data 0, v3839? (50), reason: LDAP error during DirSync search: insufficientAccessRights: 00002105: LdapErr: DSID-0C0909A9, comment: Error processing control, data 0, v3839? (50) (class org.identityconnectors.framework.common.exceptions.PermissionDeniedException)<br>
2020-12-11 16:53:22,997 [PROVISIONING] [midPointScheduler_Worker-2] ERROR (com.evolveum.midpoint.provisioning.impl.ProvisioningServiceImpl): Got unexpected exception: org.identityconnectors.framework.common.exceptions.PermissionDeniedException: LDAP error during DirSync search: insufficientAccessRights: 00002105: LdapErr: DSID-0C0909A9, comment: Error processing control, data 0, v3839? (50)<br>
com.evolveum.midpoint.util.exception.SystemException: Got unexpected exception: org.identityconnectors.framework.common.exceptions.PermissionDeniedException: LDAP error during DirSync search: insufficientAccessRights: 00002105: LdapErr: DSID-0C0909A9, comment: Error processing control, data 0, v3839? (50)<br>
at com.evolveum.midpoint.provisioning.ucf.impl.connid.ConnectorInstanceConnIdImpl.fetchChanges(ConnectorInstanceConnIdImpl.java:1731)<br>
at com.evolveum.midpoint.provisioning.impl.ResourceObjectConverter.fetchChanges(ResourceObjectConverter.java:1924)<br>
at com.evolveum.midpoint.provisioning.impl.sync.LiveSynchronizer.synchronize(LiveSynchronizer.java:199)<br>
at com.evolveum.midpoint.provisioning.impl.ProvisioningServiceImpl.synchronize(ProvisioningServiceImpl.java:347)<br>
at com.evolveum.midpoint.model.impl.sync.LiveSyncTaskHandler.run(LiveSyncTaskHandler.java:90)<br>
at com.evolveum.midpoint.task.quartzimpl.execution.HandlerExecutor.executePlainTaskHandler(HandlerExecutor.java:62)<br>
at com.evolveum.midpoint.task.quartzimpl.execution.HandlerExecutor.executeHandler(HandlerExecutor.java:52)<br>
at com.evolveum.midpoint.task.quartzimpl.execution.JobExecutor.executeHandler(JobExecutor.java:731)<br>
at com.evolveum.midpoint.task.quartzimpl.execution.JobExecutor.executeRecurrentTask(JobExecutor.java:608)<br>
at com.evolveum.midpoint.task.quartzimpl.execution.JobExecutor.execute(JobExecutor.java:185)<br>
at org.quartz.core.JobRunShell.run(JobRunShell.java:202)<br>
at org.quartz.simpl.SimpleThreadPool$WorkerThread.run(SimpleThreadPool.java:588)<br>
Caused by: org.identityconnectors.framework.common.exceptions.PermissionDeniedException: LDAP error during DirSync search: insufficientAccessRights: 00002105: LdapErr: DSID-0C0909A9, comment: Error processing control, data 0, v3839? (50)<br>
at com.evolveum.polygon.connector.ldap.ErrorHandler.processLdapResult(ErrorHandler.java:149)<br>
at com.evolveum.polygon.<a href="http://connector.ldap.ad" target="_blank">connector.ldap.ad</a>.AdErrorHandler.processLdapResult(AdErrorHandler.java:63)<br>
at com.evolveum.polygon.connector.ldap.sync.AdDirSyncStrategy.sync(AdDirSyncStrategy.java:189)<br>
at com.evolveum.polygon.connector.ldap.AbstractLdapConnector.sync(AbstractLdapConnector.java:1405)<br>
at org.identityconnectors.framework.impl.api.local.operations.SyncImpl.sync(SyncImpl.java:134)<br>
at jdk.internal.reflect.GeneratedMethodAccessor1305.invoke(Unknown Source)<br>
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)<br>
at java.base/java.lang.reflect.Method.invoke(Method.java:566)<br>
at org.identityconnectors.framework.impl.api.local.operations.ConnectorAPIOperationRunnerProxy.invoke(ConnectorAPIOperationRunnerProxy.java:99)<br>
at com.sun.proxy.$Proxy249.sync(Unknown Source)<br>
at jdk.internal.reflect.GeneratedMethodAccessor1305.invoke(Unknown Source)<br>
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)<br>
at java.base/java.lang.reflect.Method.invoke(Method.java:566)<br>
at org.identityconnectors.framework.impl.api.local.operations.ThreadClassLoaderManagerProxy.invoke(ThreadClassLoaderManagerProxy.java:96)<br>
at com.sun.proxy.$Proxy249.sync(Unknown Source)<br>
at jdk.internal.reflect.GeneratedMethodAccessor1305.invoke(Unknown Source)<br>
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)<br>
at java.base/java.lang.reflect.Method.invoke(Method.java:566)<br>
at org.identityconnectors.framework.impl.api.BufferedResultsProxy$BufferedResultsHandler.run(BufferedResultsProxy.java:165)<br>
2020-12-11 16:53:22,997 [] [midPointScheduler_Worker-2] ERROR (com.evolveum.midpoint.model.impl.sync.LiveSyncTaskHandler): Live Sync: Unspecified error: Got unexpected exception: org.identityconnectors.framework.common.exceptions.PermissionDeniedException: LDAP error during DirSync search: insufficientAccessRights: 00002105: LdapErr: DSID-0C0909A9, comment: Error processing control, data 0, v3839? (50)<br>
com.evolveum.midpoint.util.exception.SystemException: Got unexpected exception: org.identityconnectors.framework.common.exceptions.PermissionDeniedException: LDAP error during DirSync search: insufficientAccessRights: 00002105: LdapErr: DSID-0C0909A9, comment: Error processing control, data 0, v3839? (50)<br>
at com.evolveum.midpoint.provisioning.ucf.impl.connid.ConnectorInstanceConnIdImpl.fetchChanges(ConnectorInstanceConnIdImpl.java:1731)<br>
at com.evolveum.midpoint.provisioning.impl.ResourceObjectConverter.fetchChanges(ResourceObjectConverter.java:1924)<br>
at com.evolveum.midpoint.provisioning.impl.sync.LiveSynchronizer.synchronize(LiveSynchronizer.java:199)<br>
at com.evolveum.midpoint.provisioning.impl.ProvisioningServiceImpl.synchronize(ProvisioningServiceImpl.java:347)<br>
at com.evolveum.midpoint.model.impl.sync.LiveSyncTaskHandler.run(LiveSyncTaskHandler.java:90)<br>
at com.evolveum.midpoint.task.quartzimpl.execution.HandlerExecutor.executePlainTaskHandler(HandlerExecutor.java:62)<br>
at com.evolveum.midpoint.task.quartzimpl.execution.HandlerExecutor.executeHandler(HandlerExecutor.java:52)<br>
at com.evolveum.midpoint.task.quartzimpl.execution.JobExecutor.executeHandler(JobExecutor.java:731)<br>
at com.evolveum.midpoint.task.quartzimpl.execution.JobExecutor.executeRecurrentTask(JobExecutor.java:608)<br>
at com.evolveum.midpoint.task.quartzimpl.execution.JobExecutor.execute(JobExecutor.java:185)<br>
at org.quartz.core.JobRunShell.run(JobRunShell.java:202)<br>
at org.quartz.simpl.SimpleThreadPool$WorkerThread.run(SimpleThreadPool.java:588)<br>
Caused by: org.identityconnectors.framework.common.exceptions.PermissionDeniedException: LDAP error during DirSync search: insufficientAccessRights: 00002105: LdapErr: DSID-0C0909A9, comment: Error processing control, data 0, v3839? (50)<br>
at com.evolveum.polygon.connector.ldap.ErrorHandler.processLdapResult(ErrorHandler.java:149)<br>
at com.evolveum.polygon.<a href="http://connector.ldap.ad" target="_blank">connector.ldap.ad</a>.AdErrorHandler.processLdapResult(AdErrorHandler.java:63)<br>
at com.evolveum.polygon.connector.ldap.sync.AdDirSyncStrategy.sync(AdDirSyncStrategy.java:189)<br>
at com.evolveum.polygon.connector.ldap.AbstractLdapConnector.sync(AbstractLdapConnector.java:1405)<br>
at org.identityconnectors.framework.impl.api.local.operations.SyncImpl.sync(SyncImpl.java:134)<br>
at jdk.internal.reflect.GeneratedMethodAccessor1305.invoke(Unknown Source)<br>
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)<br>
at java.base/java.lang.reflect.Method.invoke(Method.java:566)<br>
at org.identityconnectors.framework.impl.api.local.operations.ConnectorAPIOperationRunnerProxy.invoke(ConnectorAPIOperationRunnerProxy.java:99)<br>
at com.sun.proxy.$Proxy249.sync(Unknown Source)<br>
at jdk.internal.reflect.GeneratedMethodAccessor1305.invoke(Unknown Source)<br>
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)<br>
at java.base/java.lang.reflect.Method.invoke(Method.java:566)<br>
at org.identityconnectors.framework.impl.api.local.operations.ThreadClassLoaderManagerProxy.invoke(ThreadClassLoaderManagerProxy.java:96)<br>
at com.sun.proxy.$Proxy249.sync(Unknown Source)<br>
at jdk.internal.reflect.GeneratedMethodAccessor1305.invoke(Unknown Source)<br>
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)<br>
at java.base/java.lang.reflect.Method.invoke(Method.java:566)<br>
at org.identityconnectors.framework.impl.api.BufferedResultsProxy$BufferedResultsHandler.run(BufferedResultsProxy.java:165)<br>
2020-12-11 16:53:23,015 [] [midPointScheduler_Worker-2] INFO (com.evolveum.midpoint.task.quartzimpl.execution.JobExecutor): Task encountered permanent error, suspending the task. Task = Task(id:1546210629125-0-1, name:Sync: Active Directory (Groups), oid:36d98518-9db1-49ce-a4d7-75be1047bac6)<br>
2020-12-11 16:53:23,015 [TASK_MANAGER] [midPointScheduler_Worker-2] INFO (com.evolveum.midpoint.task.quartzimpl.TaskManagerQuartzImpl): Suspending tasks [Task(id:1546210629125-0-1, name:Sync: Active Directory (Groups), oid:36d98518-9db1-49ce-a4d7-75be1047bac6)]; do not stop tasks.<br>
-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------<br>
<br>
Best Regards<br>
<br>
Gus<br>
<br>
<br>
<br>
Em sex., 11 de dez. de 2020 às 20:22, Richard Richter via midPoint <<a href="mailto:midpoint@lists.evolveum.com" target="_blank">midpoint@lists.evolveum.com</a><mailto:<a href="mailto:midpoint@lists.evolveum.com" target="_blank">midpoint@lists.evolveum.com</a>>> escreveu:<br>
Hello<br>
<br>
I have no idea why this happens, just looking at the message, it seems to come from java.util.Base64.decode(...) call, it is in the code and probably some Base64 encoded string is not correct.<br>
It always helps if you can provide also a stacktrace, part of the log or something. If it's easy to answer without it, it doesn't hurt. Here, I have no idea where the call originates from.<br>
<br>
Regards<br>
<br>
Richard Richter<br>
midPoint developer<br>
<br>
________________________________<br>
From: "midPoint General Discussion" <<a href="mailto:midpoint@lists.evolveum.com" target="_blank">midpoint@lists.evolveum.com</a><mailto:<a href="mailto:midpoint@lists.evolveum.com" target="_blank">midpoint@lists.evolveum.com</a>>><br>
To: "midPoint General Discussion" <<a href="mailto:midpoint@lists.evolveum.com" target="_blank">midpoint@lists.evolveum.com</a><mailto:<a href="mailto:midpoint@lists.evolveum.com" target="_blank">midpoint@lists.evolveum.com</a>>><br>
Cc: "Gus Lou" <<a href="mailto:gugalou38@gmail.com" target="_blank">gugalou38@gmail.com</a><mailto:<a href="mailto:gugalou38@gmail.com" target="_blank">gugalou38@gmail.com</a>>><br>
Sent: Friday, December 11, 2020 11:44:56 PM<br>
Subject: [midPoint] Synchronization Trouble - Active Directory to MP<br>
<br>
Hi Guys<br>
<br>
I need to import groups, users and users and their existing access into Active Directory to Midpoint (MP version 4.2, ADLdapConector 3.1)<br>
<br>
To achieve this goal, I did the following:<br>
<br>
1-I imported the active directory resource template from the address below:<br>
<a href="https://github.com/Evolveum/midpoint-samples/blob/master/samples/resources/ad-ldap/ad-ldap-medusa-medium.xml" rel="noreferrer" target="_blank">https://github.com/Evolveum/midpoint-samples/blob/master/samples/resources/ad-ldap/ad-ldap-medusa-medium.xml</a><<a href="https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_Evolveum_midpoint-2Dsamples_blob_master_samples_resources_ad-2Dldap_ad-2Dldap-2Dmedusa-2Dmedium.xml&d=DwMFaQ&c=gRgGjJ3BkIsb5y6s49QqsA&r=Ccoy53oEM8wW3-vUAuZFE1kez-3vbV9LOfLVoaEsm3A&m=t3Y2sKnNRhcFDCgp_cjRSkN2sOieLk7ktdB0p5trDAg&s=bVVmWuKEVUDl6AusI04NjeiRqTBkD2Ktg23DkJaiIZI&e=" rel="noreferrer" target="_blank">https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_Evolveum_midpoint-2Dsamples_blob_master_samples_resources_ad-2Dldap_ad-2Dldap-2Dmedusa-2Dmedium.xml&d=DwMFaQ&c=gRgGjJ3BkIsb5y6s49QqsA&r=Ccoy53oEM8wW3-vUAuZFE1kez-3vbV9LOfLVoaEsm3A&m=t3Y2sKnNRhcFDCgp_cjRSkN2sOieLk7ktdB0p5trDAg&s=bVVmWuKEVUDl6AusI04NjeiRqTBkD2Ktg23DkJaiIZI&e=</a>><br>
<br>
2-I created two synchronization tasks, one for users and one for groups.<br>
<br>
When I run the synchronization tasks, I get the following error:<br>
<br>
Unspecified error: Got unexpected exception: java.lang.IllegalArgumentException: Last unit does not have enough valid bits<br>
<br>
I have already checked the required permissions following the guidelines in the link below:<br>
<a href="https://wiki.evolveum.com/display/midPoint/Active+Directory+with+LDAP+connector" rel="noreferrer" target="_blank">https://wiki.evolveum.com/display/midPoint/Active+Directory+with+LDAP+connector</a><<a href="https://urldefense.proofpoint.com/v2/url?u=https-3A__wiki.evolveum.com_display_midPoint_Active-2BDirectory-2Bwith-2BLDAP-2Bconnector&d=DwMFaQ&c=gRgGjJ3BkIsb5y6s49QqsA&r=Ccoy53oEM8wW3-vUAuZFE1kez-3vbV9LOfLVoaEsm3A&m=t3Y2sKnNRhcFDCgp_cjRSkN2sOieLk7ktdB0p5trDAg&s=lHe5YrQxLZ9dY8yXVQ8agTsQ5ligaXbx6hhseaon4ig&e=" rel="noreferrer" target="_blank">https://urldefense.proofpoint.com/v2/url?u=https-3A__wiki.evolveum.com_display_midPoint_Active-2BDirectory-2Bwith-2BLDAP-2Bconnector&d=DwMFaQ&c=gRgGjJ3BkIsb5y6s49QqsA&r=Ccoy53oEM8wW3-vUAuZFE1kez-3vbV9LOfLVoaEsm3A&m=t3Y2sKnNRhcFDCgp_cjRSkN2sOieLk7ktdB0p5trDAg&s=lHe5YrQxLZ9dY8yXVQ8agTsQ5ligaXbx6hhseaon4ig&e=</a>><br>
<br>
<br>
Does anyone have any ideas to resolve or any other documentation that I can review.?<br>
<br>
<br>
_______________________________________________<br>
midPoint mailing list<br>
<a href="mailto:midPoint@lists.evolveum.com" target="_blank">midPoint@lists.evolveum.com</a><mailto:<a href="mailto:midPoint@lists.evolveum.com" target="_blank">midPoint@lists.evolveum.com</a>><br>
<a href="https://lists.evolveum.com/mailman/listinfo/midpoint" rel="noreferrer" target="_blank">https://lists.evolveum.com/mailman/listinfo/midpoint</a><<a href="https://urldefense.proofpoint.com/v2/url?u=https-3A__lists.evolveum.com_mailman_listinfo_midpoint&d=DwMFaQ&c=gRgGjJ3BkIsb5y6s49QqsA&r=Ccoy53oEM8wW3-vUAuZFE1kez-3vbV9LOfLVoaEsm3A&m=t3Y2sKnNRhcFDCgp_cjRSkN2sOieLk7ktdB0p5trDAg&s=fu0kKh3PJtFtx1S7XMUYcbuU4mxOMy_qdu1CnIGOi1s&e=" rel="noreferrer" target="_blank">https://urldefense.proofpoint.com/v2/url?u=https-3A__lists.evolveum.com_mailman_listinfo_midpoint&d=DwMFaQ&c=gRgGjJ3BkIsb5y6s49QqsA&r=Ccoy53oEM8wW3-vUAuZFE1kez-3vbV9LOfLVoaEsm3A&m=t3Y2sKnNRhcFDCgp_cjRSkN2sOieLk7ktdB0p5trDAg&s=fu0kKh3PJtFtx1S7XMUYcbuU4mxOMy_qdu1CnIGOi1s&e=</a>><br>
_______________________________________________<br>
midPoint mailing list<br>
<a href="mailto:midPoint@lists.evolveum.com" target="_blank">midPoint@lists.evolveum.com</a><mailto:<a href="mailto:midPoint@lists.evolveum.com" target="_blank">midPoint@lists.evolveum.com</a>><br>
<a href="https://lists.evolveum.com/mailman/listinfo/midpoint" rel="noreferrer" target="_blank">https://lists.evolveum.com/mailman/listinfo/midpoint</a><<a href="https://urldefense.proofpoint.com/v2/url?u=https-3A__lists.evolveum.com_mailman_listinfo_midpoint&d=DwMFaQ&c=gRgGjJ3BkIsb5y6s49QqsA&r=Ccoy53oEM8wW3-vUAuZFE1kez-3vbV9LOfLVoaEsm3A&m=t3Y2sKnNRhcFDCgp_cjRSkN2sOieLk7ktdB0p5trDAg&s=fu0kKh3PJtFtx1S7XMUYcbuU4mxOMy_qdu1CnIGOi1s&e=" rel="noreferrer" target="_blank">https://urldefense.proofpoint.com/v2/url?u=https-3A__lists.evolveum.com_mailman_listinfo_midpoint&d=DwMFaQ&c=gRgGjJ3BkIsb5y6s49QqsA&r=Ccoy53oEM8wW3-vUAuZFE1kez-3vbV9LOfLVoaEsm3A&m=t3Y2sKnNRhcFDCgp_cjRSkN2sOieLk7ktdB0p5trDAg&s=fu0kKh3PJtFtx1S7XMUYcbuU4mxOMy_qdu1CnIGOi1s&e=</a>><br>
<br>
<br>
<br>
_______________________________________________<br>
midPoint mailing list<br>
<a href="mailto:midPoint@lists.evolveum.com" target="_blank">midPoint@lists.evolveum.com</a><mailto:<a href="mailto:midPoint@lists.evolveum.com" target="_blank">midPoint@lists.evolveum.com</a>><br>
<a href="https://lists.evolveum.com/mailman/listinfo/midpoint" rel="noreferrer" target="_blank">https://lists.evolveum.com/mailman/listinfo/midpoint</a><<a href="https://urldefense.proofpoint.com/v2/url?u=https-3A__lists.evolveum.com_mailman_listinfo_midpoint&d=DwMFaQ&c=gRgGjJ3BkIsb5y6s49QqsA&r=Ccoy53oEM8wW3-vUAuZFE1kez-3vbV9LOfLVoaEsm3A&m=t3Y2sKnNRhcFDCgp_cjRSkN2sOieLk7ktdB0p5trDAg&s=fu0kKh3PJtFtx1S7XMUYcbuU4mxOMy_qdu1CnIGOi1s&e=" rel="noreferrer" target="_blank">https://urldefense.proofpoint.com/v2/url?u=https-3A__lists.evolveum.com_mailman_listinfo_midpoint&d=DwMFaQ&c=gRgGjJ3BkIsb5y6s49QqsA&r=Ccoy53oEM8wW3-vUAuZFE1kez-3vbV9LOfLVoaEsm3A&m=t3Y2sKnNRhcFDCgp_cjRSkN2sOieLk7ktdB0p5trDAg&s=fu0kKh3PJtFtx1S7XMUYcbuU4mxOMy_qdu1CnIGOi1s&e=</a>><br>
<br>
<br>
--<br>
Ivan Noris<br>
Senior Identity Engineer<br>
<a href="http://evolveum.com" rel="noreferrer" target="_blank">evolveum.com</a><<a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__evolveum.com&d=DwMFaQ&c=gRgGjJ3BkIsb5y6s49QqsA&r=Ccoy53oEM8wW3-vUAuZFE1kez-3vbV9LOfLVoaEsm3A&m=t3Y2sKnNRhcFDCgp_cjRSkN2sOieLk7ktdB0p5trDAg&s=JqE8PF_lIP5TxW9nhmnWfhsO2uYb3OrjAV8HReP_WN4&e=" rel="noreferrer" target="_blank">https://urldefense.proofpoint.com/v2/url?u=http-3A__evolveum.com&d=DwMFaQ&c=gRgGjJ3BkIsb5y6s49QqsA&r=Ccoy53oEM8wW3-vUAuZFE1kez-3vbV9LOfLVoaEsm3A&m=t3Y2sKnNRhcFDCgp_cjRSkN2sOieLk7ktdB0p5trDAg&s=JqE8PF_lIP5TxW9nhmnWfhsO2uYb3OrjAV8HReP_WN4&e=</a>><br>
<br>
<br>
_______________________________________________<br>
midPoint mailing list<br>
<a href="mailto:midPoint@lists.evolveum.com" target="_blank">midPoint@lists.evolveum.com</a><mailto:<a href="mailto:midPoint@lists.evolveum.com" target="_blank">midPoint@lists.evolveum.com</a>><br>
<a href="https://lists.evolveum.com/mailman/listinfo/midpoint" rel="noreferrer" target="_blank">https://lists.evolveum.com/mailman/listinfo/midpoint</a><<a href="https://urldefense.proofpoint.com/v2/url?u=https-3A__lists.evolveum.com_mailman_listinfo_midpoint&d=DwMFaQ&c=gRgGjJ3BkIsb5y6s49QqsA&r=Ccoy53oEM8wW3-vUAuZFE1kez-3vbV9LOfLVoaEsm3A&m=t3Y2sKnNRhcFDCgp_cjRSkN2sOieLk7ktdB0p5trDAg&s=fu0kKh3PJtFtx1S7XMUYcbuU4mxOMy_qdu1CnIGOi1s&e=" rel="noreferrer" target="_blank">https://urldefense.proofpoint.com/v2/url?u=https-3A__lists.evolveum.com_mailman_listinfo_midpoint&d=DwMFaQ&c=gRgGjJ3BkIsb5y6s49QqsA&r=Ccoy53oEM8wW3-vUAuZFE1kez-3vbV9LOfLVoaEsm3A&m=t3Y2sKnNRhcFDCgp_cjRSkN2sOieLk7ktdB0p5trDAg&s=fu0kKh3PJtFtx1S7XMUYcbuU4mxOMy_qdu1CnIGOi1s&e=</a>><br>
_______________________________________________<br>
midPoint mailing list<br>
<a href="mailto:midPoint@lists.evolveum.com" target="_blank">midPoint@lists.evolveum.com</a><br>
<a href="https://lists.evolveum.com/mailman/listinfo/midpoint" rel="noreferrer" target="_blank">https://lists.evolveum.com/mailman/listinfo/midpoint</a><br>
</blockquote></div>