Home Forums Identity Governance AD Syncronization does not work from AD to openiam

Viewing 8 posts - 1 through 8 (of 8 total)
  • Author
    Posts
  • #2426
    Vasilis Geo
    Participant

    Hello,

    The AD synchronization for user or group works perfectly from openiam to AD but not the other way around.

    I don’t have any errors in the logs.

    Please note that i am able to create AD users and groups from webconsole and get provisioned to AD correctly.

    #2427
    suneet_shah
    Keymaster

    Hi Vasilis,

    Glad to hear that you have AD provisioning working.

    Can you post some details about synch configuration from AD to OpenIAM?
    Also, which connector are you using?

    #2428
    Vasilis Geo
    Participant

    Hi suneet_shah,

    Thanks for the reply.

    I am using powershell connector.

    Check attached the user and group ad sync config

    Attachments:
    You must be logged in to view attached files.
    #2438
    Vasilis Geo
    Participant

    Hello suneet_shah,

    Did you have the chance to look my config?

    thanks
    Vasilis

    #2446
    Vasilis Geo
    Participant

    I have just read in the documentation that in the managed system field i need to put openiam as the target system but it can’t connect to it…
    The openiam managed system under Managed Systems is not configured by default and i can’t find any info on how to make it connect to it self. I have a docker installation

    #2449
    suneet_shah
    Keymaster

    Hi Vasilis,
    Can you take a look at the configuration at the attachment?
    You need to setup the managed system in the synchronization configuration to you AD managed system. Otherwise it will not pull the data from that connector.

    Attachments:
    You must be logged in to view attached files.
    #2452
    Vasilis Geo
    Participant

    This is what i have in my configuration (please check my screenshots) and it is not syncing.
    The thing is that you are writing to add OPENIAM in your documentation which i tried and i am getting an error:
    https://docs.openiam.com/docs-4.2.0.8/admin/5-lifecycle/1-synch

    #2453
    Vasilis Geo
    Participant

    The only difference with your config was the “Attribute Names Lookup” option. I have changed it to “/attribute-lookup/ADAttibuteNamesLookup.groovy” but its failing with the following error:

    FAILURE_REASON
    can’t retrieve lineObjects from target systemclass ADAttributeNamesLookup cannot be cast to class org.openiam.sync.service.AttributesScript (ADAttributeNamesLookup is in unnamed module of loader groovy.lang.GroovyClassLoader$InnerLoader @5cc8e87c; org.openiam.sync.service.AttributesScript is in unnamed module of loader org.springframework.boot.loader.LaunchedURLClassLoader @9629756)

Viewing 8 posts - 1 through 8 (of 8 total)
  • You must be logged in to reply to this topic.