OpenLDAP Provisioning

[Arvind Kumar]

Can we have a proper document / Video which I can follow to provision the OpenLDAP directory?

My Source is OpenIAM and I want to provision to OpenLDAP for ldap authentication.

• This topic was modified 7 months, 2 weeks ago by Arvind Kumar.

[suneet_shah]

Hi Arvind,
We will be posting a video for this later this week. Have you already done the following?
a) Start the ldap connector
b) Create a managed system
c) Associated the managed system role to test the provisioning?

[Arvind Kumar]

Yes I did the same. but no success.

My LDAP Connector is connected but neither reconciliating nor provisioning.

[suneet_shah]

Hi Arvind,
Can you post the logs from the ldap connector?
Please also post the ldap connector managed system configuration (blank out anything that is sensistive)

[Arvind Kumar]

Hi @suneet_shah,

Please find the below attached logs + settings

Attachments:

You must be logged in to view attached files.

[Arvind Kumar]

{“id”:”c87ba1d4-61c7-4933-9cc7-d2dba705ec56″,”lastIndexDateTime”:1622282928914,”userId”:”3000″,”timestamp”:1622282898632,”source”:”ESB”,”action”:”PROVISIONING_USER_SEARCH”,”result”:”FAILURE”,”nodeIP”:”iam”,”correlationId”:”6AQrllJupB”,”contentProviderId”:”40284c9279a9eb120179aa03e76c006b”,”attributes”:[{“id”:”TSumZedntTyXcSOLLqVkVDVahQBMnKhzXxlT”,”lastIndexDateTime”:1622282898684,”key”:”EVENT_NAME”,”value”:”PROVISIONING_USER_SEARCH”},{“id”:”TSDaZXEVItYkJWOnLikvbYbdBwNuHvwuqRth”,”lastIndexDateTime”:1622282898685,”key”:”DESCRIPTION”,”value”:”Search called”},{“id”:”mmEqCjZGgBmYnwfKTtpQxUNQRsDfukSuRcYT”,”lastIndexDateTime”:1622282898762,”key”:”lookupQuery”,”value”:”(&(objectclass=inetOrgPerson)(uid=?))”},{“id”:”CxMVBTHKsxhmIpzLJhbzLStkShOsPucfSwDe”,”lastIndexDateTime”:1622282928784,”key”:”FAILURE_REASON”,”value”:”Error code: INTERNAL_ERROR;error text: Response is not received from RabbitMQ during reply timeout”}],”targetManagedSystems”:[{“id”:”YzEffjCFbHhnoHvjWRATaEScOpjMSddSBdlr”,”lastIndexDateTime”:1622282928915,”key”:”101″,”value”:”LDAP Managed System”}],”parentId”:”null”}

• This reply was modified 7 months, 2 weeks ago by Arvind Kumar.

Attachments:

You must be logged in to view attached files.

[Arvind Kumar]

Hi @suneet_shah,

Any Update on this?

[Viacheslav Gnennyi]

Hi Arvind,
What version OpenIAM do you use ? What type installation do you use (docker / rpm)?
Can you :
1. resave connector (webconsole -> provisioning -> connectors. Open “LDAP CONNECTOR” and press save button.)
2. Can you post logs from : idm , esb, ldap-connector modules with time of operations.
3. if this is docker installation, please provide container status : (like comand: ‘docker ps’)

: Response is not received from RabbitMQ during reply timeout – error looks like has not answer from one of module. If this error in idm log – looks like some problem with ldap-connector module.

[Arvind Kumar]

I have done the steps mentioned by you but no success.
Please find the attached logs.
This is Single VM installation not docker.

Build : Version: 4.2.0.7.31b6434, Build: 2021/05/13 18:44 +0000, Last commit 2021/05/12 13:16 +0000
Installation Type : RPM

Attachments:

You must be logged in to view attached files.

[Viacheslav Gnennyi]

Hi,

2021-06-23 04:43:34.106 ERROR 2095 — [ool-30-thread-1] o.o.r.s.i.p.ReconciliationUserProcessor : SearchQuery is not defined for reconciliation config.

Looks like not fill “Target System Search Query script” field on Reconciliation config page. There is must be something like “/recon/LDAPSearch Query.groovy”

Please share Reconciliation config screen.

[Arvind Kumar]

PFA

Attachments:

You must be logged in to view attached files.

[Arvind Kumar]

Update:

After changing some configurations Users started getting provisioned but still groups are not getting provisioned.

Question :- All the users are getting provisioned under BaseDN I want to provision them into a particular OU, How do I do that?

[Author]

Posts