Forum Replies Created

Viewing 3 posts - 1 through 3 (of 3 total)
  • Author
    Posts
  • in reply to: Problem buiding Primary Principal in LDAP Connector #1551

    I have been doing a lot of testing, I we are going to let OpenIAM apart, it seems like community edition has no community at all, and it becomes some kind of useless.

    Getting a look at the logs I see messages like:

    idm.out:
    2020-09-01 10:36:45.998 WARN 7866 — [cTaskExecutor-1] m.g.i.ConnectorRequestServiceGatewayImpl : LDAP_Connector_1.SEARCH API Response is not received from connector!

    /var/log/messages (error related to elasticsearch)

    Sep 1 10:53:04 vs01iam01 elasticsearch: [2020-09-01 10:53:04,715][DEBUG][action.search ] [Boomslang] [2318] Failed to execute query phase
    Sep 1 10:53:04 vs01iam01 elasticsearch: RemoteTransportException[[Boomslang][127.0.0.1:9300][indices:data/read/search[phase/scan/scroll]]]; nested: SearchContextMissingException[No search context found for id [2318]];
    Sep 1 10:53:04 vs01iam01 elasticsearch: Caused by: SearchContextMissingException[No search context found for id [2318]]
    Sep 1 10:53:04 vs01iam01 elasticsearch: at org.elasticsearch.search.SearchService.findContext(SearchService.java:626)
    Sep 1 10:53:04 vs01iam01 elasticsearch: at org.elasticsearch.search.SearchService.executeScan(SearchService.java:318)
    Sep 1 10:53:04 vs01iam01 elasticsearch: at org.elasticsearch.search.action.SearchServiceTransportAction$SearchScanScrollTransportHandler.messageReceived(SearchServiceTransportAction.java:433)
    Sep 1 10:53:04 vs01iam01 elasticsearch: at org.elasticsearch.search.action.SearchServiceTransportAction$SearchScanScrollTransportHandler.messageReceived(SearchServiceTransportAction.java:430)
    Sep 1 10:53:04 vs01iam01 elasticsearch: at org.elasticsearch.transport.TransportRequestHandler.messageReceived(TransportRequestHandler.java:33)
    Sep 1 10:53:04 vs01iam01 elasticsearch: at org.elasticsearch.transport.RequestHandlerRegistry.processMessageReceived(RequestHandlerRegistry.java:77)
    Sep 1 10:53:04 vs01iam01 elasticsearch: at org.elasticsearch.transport.TransportService$4.doRun(TransportService.java:378)
    Sep 1 10:53:04 vs01iam01 elasticsearch: at org.elasticsearch.common.util.concurrent.AbstractRunnable.run(AbstractRunnable.java:37)
    Sep 1 10:53:04 vs01iam01 elasticsearch: at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
    Sep 1 10:53:04 vs01iam01 elasticsearch: at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
    Sep 1 10:53:04 vs01iam01 elasticsearch: at java.lang.Thread.run(Thread.java:748)

    Can’t find sources of information regarding these errors… this is getting a little frustrating, so I give up till next version (crossing my fingers…)

    in reply to: Problem buiding Primary Principal in LDAP Connector #1547

    Hi Suneet,

    Thanks for your response. This is the status of the Managed System:

    AD Managed System ACTIVE ldaps://vs01dc01.joopbox.local 23494@127.0.0.1 Last Date:08/31/2020 09:03:32

    Here is the config for the Managed System:

    Managed System Name: AD Managed System
    Description:Active Directory Managed System
    Active
    URL: ldaps://vs01dc01.testnet.local
    Port: 636
    Password Policy: Defult Pwd Policy
    Communication Protocol: SSL
    Login Id: CN=adminiam,CN=Users,DC=testnet,DC=local
    Password: ••••••
    Object Primary Key for User: sAMAccountName
    Base DN for User: OU=Usuarios,DC=testnet,DC=local
    Search Base DN for User: OU=Usuarios,DC=testnet,DC=local
    Search Filter for User: (&(objectclass=user)(sAMAccountName=?))
    Object Primary Key for Group: cn
    Base DN for Group: OU=Grupos,DC=testnet,DC=local
    Search Base DN for Group: OU=Grupos,DC=testnet,DC=local
    Search Filter for Group: (&(objectclass=user)(cn=?))
    Search Scope: Subtree
    Target System Type: ACTIVE DIRECTORY
    Category: DIRECTORIES

    Attributes
    Attribute Name MetaData Element Attribute Value Actions
    MANAGER_FIELD_NAME manager
    PASSWORD_FIELD_NAME unicodePwd
    GROUP_MEMBERSHIP_ENABLED Y
    INCLUDE_IN_PASSWORD_SYNC Y
    ON_DELETE DELETE
    MEMBER_FIELD_NAME member

    Authentication Providers
    No Authentication Providers found

    The policy Map associated with this managed system is this one (the one comming with the default connector):

    PRINCIPAL sAMAccountName POLICY ad-sAMAccountName STRING
    USER accountExpires POLICY ad-accountExpires STRING
    USER c POLICY ad-c STRING
    USER cn POLICY ad-cn STRING
    USER co POLICY ad-co STRING
    USER company POLICY ad-company STRING
    USER department POLICY ad-department STRING
    USER displayName POLICY ad-displayName STRING
    USER division POLICY ad-division STRING
    USER employeeID POLICY ad-employeeId STRING
    USER employeeNumber POLICY ad-employeeNumber STRING
    USER employeeType POLICY ad-employeeType STRING
    USER givenName POLICY ad-givenName STRING
    USER homeDirectory POLICY ad-homeDirectory STRING
    USER homeDrive POLICY ad-homeDrive STRING
    USER initials POLICY ad-initials STRING
    USER l POLICY ad-l STRING
    USER mail POLICY ad-mail STRING
    USER manager POLICY ad-manager STRING
    USER memberOf POLICY ad-memberOf STRING
    USER mobile POLICY ad-mobile STRING
    USER objectClass POLICY ad-objectClass STRING
    USER ou POLICY ad-ou STRING
    USER postalCode POLICY ad-postalCode STRING
    USER sn POLICY ad-sn STRING
    USER st POLICY ad-st STRING
    USER streetAddress POLICY ad-streetAddress STRING
    USER telephoneNumber POLICY ad-telephoneNumber STRING
    USER thumbnailPhoto POLICY ad-thumbnailPhoto STRING
    USER title POLICY ad-title STRING
    USER userPrincipalName POLICY ad-userPrincipalName STRING
    PASSWORD unicodePwd POLICY ad-unicodePwd STRING
    USER userAccountControl POLICY ad-userAccountControl STRING

    I have not customized any of these mappings nor any groovy script.

    If you need any other info I’ll be pleased to send it.

    Thanks in advanced,

    Xisco.

    in reply to: AD user Provisioning error #1544

    Hello,

    I am facing the same error when trying to provision Users to AD via LDAP. Did you manage to get a solution?

    Thanks in advanced!

    Regards,

    Xisco.

Viewing 3 posts - 1 through 3 (of 3 total)