Home › Forums › Identity Governance › OpenLDAP Provisioning
Tagged: OpenLDAP, Provisioning
- This topic has 11 replies, 3 voices, and was last updated 1 year ago by
Arvind Kumar.
-
AuthorPosts
-
June 8, 2021 at 9:43 am #2174
Arvind Kumar
ParticipantCan we have a proper document / Video which I can follow to provision the OpenLDAP directory?
My Source is OpenIAM and I want to provision to OpenLDAP for ldap authentication.
-
This topic was modified 1 year ago by
Arvind Kumar.
June 8, 2021 at 10:19 am #2177suneet_shah
KeymasterHi Arvind,
We will be posting a video for this later this week. Have you already done the following?
a) Start the ldap connector
b) Create a managed system
c) Associated the managed system role to test the provisioning?June 9, 2021 at 8:59 am #2189Arvind Kumar
ParticipantYes I did the same. but no success.
My LDAP Connector is connected but neither reconciliating nor provisioning.
June 9, 2021 at 8:31 pm #2192suneet_shah
KeymasterHi Arvind,
Can you post the logs from the ldap connector?
Please also post the ldap connector managed system configuration (blank out anything that is sensistive)June 10, 2021 at 11:01 am #2201Arvind Kumar
ParticipantHi @suneet_shah,
Please find the below attached logs + settings
Attachments:
You must be logged in to view attached files.June 10, 2021 at 11:11 am #2207Arvind Kumar
Participant{“id”:”c87ba1d4-61c7-4933-9cc7-d2dba705ec56″,”lastIndexDateTime”:1622282928914,”userId”:”3000″,”timestamp”:1622282898632,”source”:”ESB”,”action”:”PROVISIONING_USER_SEARCH”,”result”:”FAILURE”,”nodeIP”:”iam”,”correlationId”:”6AQrllJupB”,”contentProviderId”:”40284c9279a9eb120179aa03e76c006b”,”attributes”:[{“id”:”TSumZedntTyXcSOLLqVkVDVahQBMnKhzXxlT”,”lastIndexDateTime”:1622282898684,”key”:”EVENT_NAME”,”value”:”PROVISIONING_USER_SEARCH”},{“id”:”TSDaZXEVItYkJWOnLikvbYbdBwNuHvwuqRth”,”lastIndexDateTime”:1622282898685,”key”:”DESCRIPTION”,”value”:”Search called”},{“id”:”mmEqCjZGgBmYnwfKTtpQxUNQRsDfukSuRcYT”,”lastIndexDateTime”:1622282898762,”key”:”lookupQuery”,”value”:”(&(objectclass=inetOrgPerson)(uid=?))”},{“id”:”CxMVBTHKsxhmIpzLJhbzLStkShOsPucfSwDe”,”lastIndexDateTime”:1622282928784,”key”:”FAILURE_REASON”,”value”:”Error code: INTERNAL_ERROR;error text: Response is not received from RabbitMQ during reply timeout”}],”targetManagedSystems”:[{“id”:”YzEffjCFbHhnoHvjWRATaEScOpjMSddSBdlr”,”lastIndexDateTime”:1622282928915,”key”:”101″,”value”:”LDAP Managed System”}],”parentId”:”null”}
-
This reply was modified 1 year ago by
Arvind Kumar.
Attachments:
You must be logged in to view attached files.June 16, 2021 at 2:29 am #2232Arvind Kumar
ParticipantHi @suneet_shah,
Any Update on this?
June 17, 2021 at 3:19 am #2233Viacheslav Gnennyi
ParticipantHi Arvind,
What version OpenIAM do you use ? What type installation do you use (docker / rpm)?
Can you :
1. resave connector (webconsole -> provisioning -> connectors. Open “LDAP CONNECTOR” and press save button.)
2. Can you post logs from : idm , esb, ldap-connector modules with time of operations.
3. if this is docker installation, please provide container status : (like comand: ‘docker ps’): Response is not received from RabbitMQ during reply timeout – error looks like has not answer from one of module. If this error in idm log – looks like some problem with ldap-connector module.
June 23, 2021 at 1:47 am #2237Arvind Kumar
ParticipantI have done the steps mentioned by you but no success.
Please find the attached logs.
This is Single VM installation not docker.Build : Version: 4.2.0.7.31b6434, Build: 2021/05/13 18:44 +0000, Last commit 2021/05/12 13:16 +0000
Installation Type : RPMAttachments:
You must be logged in to view attached files.June 23, 2021 at 4:24 am #2239Viacheslav Gnennyi
ParticipantHi,
2021-06-23 04:43:34.106 ERROR 2095 — [ool-30-thread-1] o.o.r.s.i.p.ReconciliationUserProcessor : SearchQuery is not defined for reconciliation config.
Looks like not fill “Target System Search Query script” field on Reconciliation config page. There is must be something like “/recon/LDAPSearch Query.groovy”
Please share Reconciliation config screen.
June 29, 2021 at 3:35 am #2245Arvind Kumar
ParticipantPFA
Attachments:
You must be logged in to view attached files.June 29, 2021 at 5:45 am #2247Arvind Kumar
ParticipantUpdate:
After changing some configurations Users started getting provisioned but still groups are not getting provisioned.
Question :- All the users are getting provisioned under BaseDN I want to provision them into a particular OU, How do I do that?
-
This topic was modified 1 year ago by
-
AuthorPosts
- You must be logged in to reply to this topic.