Forum Replies Created
-
AuthorPosts
-
Francisco Fernández
ParticipantI have been doing a lot of testing, I we are going to let OpenIAM apart, it seems like community edition has no community at all, and it becomes some kind of useless.
Getting a look at the logs I see messages like:
idm.out:
2020-09-01 10:36:45.998 WARN 7866 — [cTaskExecutor-1] m.g.i.ConnectorRequestServiceGatewayImpl : LDAP_Connector_1.SEARCH API Response is not received from connector!/var/log/messages (error related to elasticsearch)
Sep 1 10:53:04 vs01iam01 elasticsearch: [2020-09-01 10:53:04,715][DEBUG][action.search ] [Boomslang] [2318] Failed to execute query phase
Sep 1 10:53:04 vs01iam01 elasticsearch: RemoteTransportException[[Boomslang][127.0.0.1:9300][indices:data/read/search[phase/scan/scroll]]]; nested: SearchContextMissingException[No search context found for id [2318]];
Sep 1 10:53:04 vs01iam01 elasticsearch: Caused by: SearchContextMissingException[No search context found for id [2318]]
Sep 1 10:53:04 vs01iam01 elasticsearch: at org.elasticsearch.search.SearchService.findContext(SearchService.java:626)
Sep 1 10:53:04 vs01iam01 elasticsearch: at org.elasticsearch.search.SearchService.executeScan(SearchService.java:318)
Sep 1 10:53:04 vs01iam01 elasticsearch: at org.elasticsearch.search.action.SearchServiceTransportAction$SearchScanScrollTransportHandler.messageReceived(SearchServiceTransportAction.java:433)
Sep 1 10:53:04 vs01iam01 elasticsearch: at org.elasticsearch.search.action.SearchServiceTransportAction$SearchScanScrollTransportHandler.messageReceived(SearchServiceTransportAction.java:430)
Sep 1 10:53:04 vs01iam01 elasticsearch: at org.elasticsearch.transport.TransportRequestHandler.messageReceived(TransportRequestHandler.java:33)
Sep 1 10:53:04 vs01iam01 elasticsearch: at org.elasticsearch.transport.RequestHandlerRegistry.processMessageReceived(RequestHandlerRegistry.java:77)
Sep 1 10:53:04 vs01iam01 elasticsearch: at org.elasticsearch.transport.TransportService$4.doRun(TransportService.java:378)
Sep 1 10:53:04 vs01iam01 elasticsearch: at org.elasticsearch.common.util.concurrent.AbstractRunnable.run(AbstractRunnable.java:37)
Sep 1 10:53:04 vs01iam01 elasticsearch: at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
Sep 1 10:53:04 vs01iam01 elasticsearch: at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
Sep 1 10:53:04 vs01iam01 elasticsearch: at java.lang.Thread.run(Thread.java:748)Can’t find sources of information regarding these errors… this is getting a little frustrating, so I give up till next version (crossing my fingers…)
Francisco Fernández
ParticipantHi Suneet,
Thanks for your response. This is the status of the Managed System:
AD Managed System ACTIVE ldaps://vs01dc01.joopbox.local 23494@127.0.0.1 Last Date:08/31/2020 09:03:32
Here is the config for the Managed System:
Managed System Name: AD Managed System
Description:Active Directory Managed System
Active
URL: ldaps://vs01dc01.testnet.local
Port: 636
Password Policy: Defult Pwd Policy
Communication Protocol: SSL
Login Id: CN=adminiam,CN=Users,DC=testnet,DC=local
Password: ••••••
Object Primary Key for User: sAMAccountName
Base DN for User: OU=Usuarios,DC=testnet,DC=local
Search Base DN for User: OU=Usuarios,DC=testnet,DC=local
Search Filter for User: (&(objectclass=user)(sAMAccountName=?))
Object Primary Key for Group: cn
Base DN for Group: OU=Grupos,DC=testnet,DC=local
Search Base DN for Group: OU=Grupos,DC=testnet,DC=local
Search Filter for Group: (&(objectclass=user)(cn=?))
Search Scope: Subtree
Target System Type: ACTIVE DIRECTORY
Category: DIRECTORIESAttributes
Attribute Name MetaData Element Attribute Value Actions
MANAGER_FIELD_NAME manager
PASSWORD_FIELD_NAME unicodePwd
GROUP_MEMBERSHIP_ENABLED Y
INCLUDE_IN_PASSWORD_SYNC Y
ON_DELETE DELETE
MEMBER_FIELD_NAME memberAuthentication Providers
No Authentication Providers foundThe policy Map associated with this managed system is this one (the one comming with the default connector):
PRINCIPAL sAMAccountName POLICY ad-sAMAccountName STRING
USER accountExpires POLICY ad-accountExpires STRING
USER c POLICY ad-c STRING
USER cn POLICY ad-cn STRING
USER co POLICY ad-co STRING
USER company POLICY ad-company STRING
USER department POLICY ad-department STRING
USER displayName POLICY ad-displayName STRING
USER division POLICY ad-division STRING
USER employeeID POLICY ad-employeeId STRING
USER employeeNumber POLICY ad-employeeNumber STRING
USER employeeType POLICY ad-employeeType STRING
USER givenName POLICY ad-givenName STRING
USER homeDirectory POLICY ad-homeDirectory STRING
USER homeDrive POLICY ad-homeDrive STRING
USER initials POLICY ad-initials STRING
USER l POLICY ad-l STRING
USER mail POLICY ad-mail STRING
USER manager POLICY ad-manager STRING
USER memberOf POLICY ad-memberOf STRING
USER mobile POLICY ad-mobile STRING
USER objectClass POLICY ad-objectClass STRING
USER ou POLICY ad-ou STRING
USER postalCode POLICY ad-postalCode STRING
USER sn POLICY ad-sn STRING
USER st POLICY ad-st STRING
USER streetAddress POLICY ad-streetAddress STRING
USER telephoneNumber POLICY ad-telephoneNumber STRING
USER thumbnailPhoto POLICY ad-thumbnailPhoto STRING
USER title POLICY ad-title STRING
USER userPrincipalName POLICY ad-userPrincipalName STRING
PASSWORD unicodePwd POLICY ad-unicodePwd STRING
USER userAccountControl POLICY ad-userAccountControl STRINGI have not customized any of these mappings nor any groovy script.
If you need any other info I’ll be pleased to send it.
Thanks in advanced,
Xisco.
Francisco Fernández
ParticipantHello,
I am facing the same error when trying to provision Users to AD via LDAP. Did you manage to get a solution?
Thanks in advanced!
Regards,
Xisco.
-
AuthorPosts