info
Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
AD user synchronization using TDI to TDS
244 views
Skip to first unread message
Achmad Zaenullah
Aug 15, 2013, 2:23:28 AM8/15/13
to
Hi All,
I have an issue when configure the TDI feature for password synchronization, the JMS Password Store Connector already can retrieve any password changes occured in AD, but it still cannot be pushed to TDS,
There is no error in the log files when I running the AL, except when I stop the running in console mode, it said there is an error about releasing the MQe queue manager
here is the log files
10:59:36,140 INFO - objectClass (replace): 'inetOrgPerson' 'ActiveDirectoryLinkedEntry' 'top' 'person' 'organizationalPerson'
10:59:36,140 INFO - givenName (replace): 'reni'
10:59:36,140 INFO - uid (replace): 'reni.fitriani'
10:59:36,140 INFO - adDn (replace): 'CN=reni fitriani,CN=Users,DC=ptsekte,DC=com'
10:59:36,140 INFO - sn (replace): 'fitriani'
10:59:36,140 INFO - adObjectGUIDStr (replace): '{163BEC41-23C8-4AE7-B83B-5CD5FD01DDFA}'
10:59:36,140 INFO - cn (replace): 'reni fitriani'
10:59:36,140 INFO - [UpdateUserPasswordinMasterTDS] CTGDIS004I *** Finished dumping Entry
11:06:31,859 INFO - [JMSPasswordStoreConnector] CTGDII056I Interrupted while waiting for messages. Closing connection to server.
11:06:31,859 INFO - CTGDIS964I Shutting down the AssemblyLine.
11:06:32,000 INFO - [JMSPasswordStoreConnector] CTGDIS495I handleException , get, java.lang.InterruptedException
11:06:33,546 ERROR - [JMSPasswordStoreConnector] CTGDIS810E handleException - cannot handle exception , get
java.lang.InterruptedException
at java.lang.Object.wait(Native Method)
at java.lang.Object.wait(Object.java:196)
at java.lang.Thread.join(Thread.java:616)
at com.ibm.di.connector.JMSConnector.processReceiverThread(JMSConnector.java:478)
at com.ibm.di.connector.JMSConnector.getNextEntry(JMSConnector.java:449)
at com.ibm.di.server.AssemblyLineComponent.executeOperation(AssemblyLineComponent.java:3338)
at com.ibm.di.server.AssemblyLineComponent.getnext(AssemblyLineComponent.java:924)
at com.ibm.di.server.AssemblyLine.msGetNextIteratorEntry(AssemblyLine.java:3638)
at com.ibm.di.server.AssemblyLine.executeMainStep(AssemblyLine.java:3347)
at com.ibm.di.server.AssemblyLine.executeMainLoop(AssemblyLine.java:2960)
at com.ibm.di.server.AssemblyLine.executeMainLoop(AssemblyLine.java:2943)
at com.ibm.di.server.AssemblyLine.executeAL(AssemblyLine.java:2912)
at com.ibm.di.server.AssemblyLine.run(AssemblyLine.java:1311)
11:06:33,593 INFO - [JMSPasswordStoreConnector] CTGDII054W Error while closing queue connection: javax.jms.JMSException: error releasing the MQe queue manager
11:06:33,640 INFO - CTGDIS100I Printing the Connector statistics.
11:06:33,656 INFO - [JMSPasswordStoreConnector] Get:7, Errors:1
11:06:33,656 INFO - [UpdateUserPasswordinMasterTDS] Lookup:7, Ignore:2, Nochange:5
11:06:33,656 INFO - CTGDIS104I Total: Get:7, Lookup:7, Ignore:2, Nochange:5, Errors:1.
11:06:33,656 INFO - CTGDIS101I Finished printing the Connector statistics.
11:06:33,671 INFO - CTGDIS080I Terminated successfully (1 errors).
Is there any one who already solving this issue before ??
any advise would be appreciated
Thanks All
I have an issue when configure the TDI feature for password synchronization, the JMS Password Store Connector already can retrieve any password changes occured in AD, but it still cannot be pushed to TDS,
There is no error in the log files when I running the AL, except when I stop the running in console mode, it said there is an error about releasing the MQe queue manager
here is the log files
10:59:36,140 INFO - objectClass (replace): 'inetOrgPerson' 'ActiveDirectoryLinkedEntry' 'top' 'person' 'organizationalPerson'
10:59:36,140 INFO - givenName (replace): 'reni'
10:59:36,140 INFO - uid (replace): 'reni.fitriani'
10:59:36,140 INFO - adDn (replace): 'CN=reni fitriani,CN=Users,DC=ptsekte,DC=com'
10:59:36,140 INFO - sn (replace): 'fitriani'
10:59:36,140 INFO - adObjectGUIDStr (replace): '{163BEC41-23C8-4AE7-B83B-5CD5FD01DDFA}'
10:59:36,140 INFO - cn (replace): 'reni fitriani'
10:59:36,140 INFO - [UpdateUserPasswordinMasterTDS] CTGDIS004I *** Finished dumping Entry
11:06:31,859 INFO - [JMSPasswordStoreConnector] CTGDII056I Interrupted while waiting for messages. Closing connection to server.
11:06:31,859 INFO - CTGDIS964I Shutting down the AssemblyLine.
11:06:32,000 INFO - [JMSPasswordStoreConnector] CTGDIS495I handleException , get, java.lang.InterruptedException
11:06:33,546 ERROR - [JMSPasswordStoreConnector] CTGDIS810E handleException - cannot handle exception , get
java.lang.InterruptedException
at java.lang.Object.wait(Native Method)
at java.lang.Object.wait(Object.java:196)
at java.lang.Thread.join(Thread.java:616)
at com.ibm.di.connector.JMSConnector.processReceiverThread(JMSConnector.java:478)
at com.ibm.di.connector.JMSConnector.getNextEntry(JMSConnector.java:449)
at com.ibm.di.server.AssemblyLineComponent.executeOperation(AssemblyLineComponent.java:3338)
at com.ibm.di.server.AssemblyLineComponent.getnext(AssemblyLineComponent.java:924)
at com.ibm.di.server.AssemblyLine.msGetNextIteratorEntry(AssemblyLine.java:3638)
at com.ibm.di.server.AssemblyLine.executeMainStep(AssemblyLine.java:3347)
at com.ibm.di.server.AssemblyLine.executeMainLoop(AssemblyLine.java:2960)
at com.ibm.di.server.AssemblyLine.executeMainLoop(AssemblyLine.java:2943)
at com.ibm.di.server.AssemblyLine.executeAL(AssemblyLine.java:2912)
at com.ibm.di.server.AssemblyLine.run(AssemblyLine.java:1311)
11:06:33,593 INFO - [JMSPasswordStoreConnector] CTGDII054W Error while closing queue connection: javax.jms.JMSException: error releasing the MQe queue manager
11:06:33,640 INFO - CTGDIS100I Printing the Connector statistics.
11:06:33,656 INFO - [JMSPasswordStoreConnector] Get:7, Errors:1
11:06:33,656 INFO - [UpdateUserPasswordinMasterTDS] Lookup:7, Ignore:2, Nochange:5
11:06:33,656 INFO - CTGDIS104I Total: Get:7, Lookup:7, Ignore:2, Nochange:5, Errors:1.
11:06:33,656 INFO - CTGDIS101I Finished printing the Connector statistics.
11:06:33,671 INFO - CTGDIS080I Terminated successfully (1 errors).
Is there any one who already solving this issue before ??
any advise would be appreciated
Thanks All
Achmad Zaenullah
Aug 15, 2013, 2:25:09 AM8/15/13
to
for your information, I already can push the password to TDS, but it only testing and I use attribute description and successfull,
but when I change back using attribute userPassword in TDS it give us error again LDAP violation
12:13:02,000 INFO - [UpdateUserPasswordinMasterTDS] CTGDIS004I *** Finished dumping Entry
12:13:02,000 INFO - [UpdateUserPasswordinMasterTDS] CTGDJQ028I No distinguished name ($dn attribute ) was given. The existing distinguished name will be used to modify the entry.
12:13:02,000 INFO - [UpdateUserPasswordinMasterTDS] CTGDJQ039I Dumping LDAP Connector Modification List...
12:13:02,000 INFO - [UpdateUserPasswordinMasterTDS] CTGDJQ040I Modification item: Operation is replace attribute: unicodePwd: ani.
12:13:02,000 INFO - [UpdateUserPasswordinMasterTDS] CTGDJQ041I Finished dumping LDAP Connector Modification List.
12:13:02,015 INFO - [UpdateUserPasswordinMasterTDS] CTGDIS495I handleException , update, javax.naming.directory.SchemaViolationException: [LDAP: error code 65 - Object Class Violation]; Remaining name: 'uid=reni.fitriani,DC=PTSEKTE,DC=COM'
12:13:02,015 ERROR - [UpdateUserPasswordinMasterTDS] CTGDIS810E handleException - cannot handle exception , update
javax.naming.directory.SchemaViolationException: [LDAP: error code 65 - Object Class Violation]; Remaining name: 'uid=reni.fitriani,DC=PTSEKTE,DC=COM'
at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3110)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3025)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2832)
at com.sun.jndi.ldap.LdapCtx.c_modifyAttributes(LdapCtx.java:1470)
at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_modifyAttributes(ComponentDirContext.java:267)
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.modifyAttributes(PartialCompositeDirContext.java:184)
at javax.naming.directory.InitialDirContext.modifyAttributes(InitialDirContext.java:178)
at com.ibm.di.connector.LDAPConnector.modEntry(LDAPConnector.java:1025)
at com.ibm.di.server.AssemblyLineComponent.executeOperation(AssemblyLineComponent.java:3330)
at com.ibm.di.server.AssemblyLineComponent.modify(AssemblyLineComponent.java:1883)
at com.ibm.di.server.AssemblyLineComponent.update(AssemblyLineComponent.java:1733)
at com.ibm.di.server.AssemblyLine.msExecuteNextConnector(AssemblyLine.java:3737)
at com.ibm.di.server.AssemblyLine.executeMainStep(AssemblyLine.java:3351)
javax.naming.directory.SchemaViolationException: [LDAP: error code 65 - Object Class Violation]; Remaining name: 'uid=reni.fitriani,DC=PTSEKTE,DC=COM'
at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3110)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3025)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2832)
at com.sun.jndi.ldap.LdapCtx.c_modifyAttributes(LdapCtx.java:1470)
at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_modifyAttributes(ComponentDirContext.java:267)
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.modifyAttributes(PartialCompositeDirContext.java:184)
at javax.naming.directory.InitialDirContext.modifyAttributes(InitialDirContext.java:178)
at com.ibm.di.connector.LDAPConnector.modEntry(LDAPConnector.java:1025)
at com.ibm.di.server.AssemblyLineComponent.executeOperation(AssemblyLineComponent.java:3330)
at com.ibm.di.server.AssemblyLineComponent.modify(AssemblyLineComponent.java:1883)
at com.ibm.di.server.AssemblyLineComponent.update(AssemblyLineComponent.java:1733)
at com.ibm.di.server.AssemblyLine.msExecuteNextConnector(AssemblyLine.java:3737)
at com.ibm.di.server.AssemblyLine.executeMainStep(AssemblyLine.java:3351)
12:13:02,515 INFO - [JMSPasswordStoreConnector] Get:1
12:13:02,515 INFO - [UpdateUserPasswordinMasterTDS] Lookup:1, Errors:1
12:13:02,515 INFO - CTGDIS104I Total: Get:1, Lookup:1, Errors:2.
12:13:02,515 INFO - CTGDIS101I Finished printing the Connector statistics.
12:13:02,515 ERROR - CTGDIS077I Failed with error: [LDAP: error code 65 - Object Class Violation].
Please your advise
Many Thanks
but when I change back using attribute userPassword in TDS it give us error again LDAP violation
12:13:02,000 INFO - [UpdateUserPasswordinMasterTDS] CTGDIS004I *** Finished dumping Entry
12:13:02,000 INFO - [UpdateUserPasswordinMasterTDS] CTGDJQ028I No distinguished name ($dn attribute ) was given. The existing distinguished name will be used to modify the entry.
12:13:02,000 INFO - [UpdateUserPasswordinMasterTDS] CTGDJQ039I Dumping LDAP Connector Modification List...
12:13:02,000 INFO - [UpdateUserPasswordinMasterTDS] CTGDJQ040I Modification item: Operation is replace attribute: unicodePwd: ani.
12:13:02,000 INFO - [UpdateUserPasswordinMasterTDS] CTGDJQ041I Finished dumping LDAP Connector Modification List.
12:13:02,015 INFO - [UpdateUserPasswordinMasterTDS] CTGDIS495I handleException , update, javax.naming.directory.SchemaViolationException: [LDAP: error code 65 - Object Class Violation]; Remaining name: 'uid=reni.fitriani,DC=PTSEKTE,DC=COM'
12:13:02,015 ERROR - [UpdateUserPasswordinMasterTDS] CTGDIS810E handleException - cannot handle exception , update
javax.naming.directory.SchemaViolationException: [LDAP: error code 65 - Object Class Violation]; Remaining name: 'uid=reni.fitriani,DC=PTSEKTE,DC=COM'
at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3110)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3025)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2832)
at com.sun.jndi.ldap.LdapCtx.c_modifyAttributes(LdapCtx.java:1470)
at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_modifyAttributes(ComponentDirContext.java:267)
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.modifyAttributes(PartialCompositeDirContext.java:184)
at javax.naming.directory.InitialDirContext.modifyAttributes(InitialDirContext.java:178)
at com.ibm.di.connector.LDAPConnector.modEntry(LDAPConnector.java:1025)
at com.ibm.di.server.AssemblyLineComponent.executeOperation(AssemblyLineComponent.java:3330)
at com.ibm.di.server.AssemblyLineComponent.modify(AssemblyLineComponent.java:1883)
at com.ibm.di.server.AssemblyLineComponent.update(AssemblyLineComponent.java:1733)
at com.ibm.di.server.AssemblyLine.msExecuteNextConnector(AssemblyLine.java:3737)
at com.ibm.di.server.AssemblyLine.executeMainStep(AssemblyLine.java:3351)
at com.ibm.di.server.AssemblyLine.executeMainLoop(AssemblyLine.java:2960)
at com.ibm.di.server.AssemblyLine.executeMainLoop(AssemblyLine.java:2943)
at com.ibm.di.server.AssemblyLine.executeAL(AssemblyLine.java:2912)
at com.ibm.di.server.AssemblyLine.run(AssemblyLine.java:1311)
12:13:02,015 ERROR - CTGDIS266E Error in NextConnectorOperation. Exception occurred: javax.naming.directory.SchemaViolationException: [LDAP: error code 65 - Object Class Violation]; Remaining name: 'uid=reni.fitriani,DC=PTSEKTE,DC=COM'
at com.ibm.di.server.AssemblyLine.executeMainLoop(AssemblyLine.java:2943)
at com.ibm.di.server.AssemblyLine.executeAL(AssemblyLine.java:2912)
at com.ibm.di.server.AssemblyLine.run(AssemblyLine.java:1311)
javax.naming.directory.SchemaViolationException: [LDAP: error code 65 - Object Class Violation]; Remaining name: 'uid=reni.fitriani,DC=PTSEKTE,DC=COM'
at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3110)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3025)
at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2832)
at com.sun.jndi.ldap.LdapCtx.c_modifyAttributes(LdapCtx.java:1470)
at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_modifyAttributes(ComponentDirContext.java:267)
at com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.modifyAttributes(PartialCompositeDirContext.java:184)
at javax.naming.directory.InitialDirContext.modifyAttributes(InitialDirContext.java:178)
at com.ibm.di.connector.LDAPConnector.modEntry(LDAPConnector.java:1025)
at com.ibm.di.server.AssemblyLineComponent.executeOperation(AssemblyLineComponent.java:3330)
at com.ibm.di.server.AssemblyLineComponent.modify(AssemblyLineComponent.java:1883)
at com.ibm.di.server.AssemblyLineComponent.update(AssemblyLineComponent.java:1733)
at com.ibm.di.server.AssemblyLine.msExecuteNextConnector(AssemblyLine.java:3737)
at com.ibm.di.server.AssemblyLine.executeMainStep(AssemblyLine.java:3351)
at com.ibm.di.server.AssemblyLine.executeMainLoop(AssemblyLine.java:2960)
at com.ibm.di.server.AssemblyLine.executeMainLoop(AssemblyLine.java:2943)
at com.ibm.di.server.AssemblyLine.executeAL(AssemblyLine.java:2912)
at com.ibm.di.server.AssemblyLine.run(AssemblyLine.java:1311)
12:13:02,515 INFO - CTGDIS100I Printing the Connector statistics.
at com.ibm.di.server.AssemblyLine.executeMainLoop(AssemblyLine.java:2943)
at com.ibm.di.server.AssemblyLine.executeAL(AssemblyLine.java:2912)
at com.ibm.di.server.AssemblyLine.run(AssemblyLine.java:1311)
12:13:02,515 INFO - [JMSPasswordStoreConnector] Get:1
12:13:02,515 INFO - [UpdateUserPasswordinMasterTDS] Lookup:1, Errors:1
12:13:02,515 INFO - CTGDIS104I Total: Get:1, Lookup:1, Errors:2.
12:13:02,515 INFO - CTGDIS101I Finished printing the Connector statistics.
12:13:02,515 ERROR - CTGDIS077I Failed with error: [LDAP: error code 65 - Object Class Violation].
Please your advise
Many Thanks
Franzw
Aug 19, 2013, 2:40:23 AM8/19/13
to
Take a look in the ibmslapd.log - it should tell you the reason. You can also dump the conn object in the error hook with a system.dumpEntry(conn) to see what you are trying to write. My guess is that your output map is wrong...
HTH
Regards
Franz Wolfhagen
0 new messages