R: Re: [syncope-users] Ritornello | AD Resource-SchemaMapping questions
Fabio Martelli
Be sure to re-execute sync task manually or to have scheduled it.
Kind Regards,
Fabio Martelli
Antony Pulicken <antony....@gmail.com> ha scritto:
>Thank a lot Fabio. Create (sync from AD) is working now !! Some of the
>changes I made based on your configuration is
>1) Unchecked Initial loading
>2) I had only Sync capability checked. I have checked all now, but guess
>that is not required
>3) made the propogation mode 'one_phase' and unchecked 'propagation primary'
>4) I deleted my sync task and created one based on what you specified
>
>How ever, when I tried updating the user details (first name, last name ,
>email) and the group details (removed the user from one of the registered
>group 'TelnetClients'), that doesn't seem to get synched. Same is the case
>with the delete. I will continue this tomorrow. In the mean time, please
>let me know in case you have any suggestions about update and delete.
>
>Thanks again for all the help.
>
>Thanks and Regards,
>Antony.
>
>On Mon, Dec 19, 2011 at 9:19 PM, Fabio Martelli <fabio.m...@gmail.com>wrote:
>
>>
>> Il giorno 19/dic/2011, alle ore 15.33, Antony Pulicken ha scritto:
>>
>> Hi Fabio,
>>
>> I'm getting* 'javax.naming.OperationNotSupportedException'* error when I
>> check the '*Verify memberships in OR' *flag. If I don't enable it, then I
>> can see the delta being picked up by the connector, but change won't get
>> propagated to syncope.* *Please find attached the screenshots of the AD
>> connector configuration, AD resource mapping and the log files for your
>> reference. Please let us know your suggestions as early as possible
>>
>> Hi Antony,
>> I have replicated your configuration and it seems to work fine.
>>
>> This is my schema list (userId and fullname removed; uid added)
>>
>>
>> AD connector configuration is ...
>>
>>
>> Resource configuration is ....
>>
>>
>> And at the end, the SyncJob ....
>>
>>
>> Please, check your configuration and let me know what I (or you) missed.
>>
>> Best regards,
>> F.
>>
>>
>> Thanks and regards,
>> Antony.
>> *
>> *
>> On Mon, Dec 19, 2011 at 2:18 PM, Fabio Martelli <fabio.m...@gmail.com>wrote:
>>
>>>
>>> Il giorno 19/dic/2011, alle ore 09.44, Antony Pulicken ha scritto:
>>>
>>> Thanks Fabio for the quick fix.
>>>
>>> Currently we are using
>>> http://syncope.googlecode.com/svn/tags/syncope-0.7RC1/<https://syncope.googlecode.com/svn/tags/syncope-0.7RC1/>and it looks pretty stable. Are you suggesting to take the latest from the
>>> trunk instead of using the released version? Also, I had faced some issues
>>> when I pointed the trunk version to mySQL last week. What do you recommend ?
>>>
>>>
>>> I'm talking about connid (AD connector, in particular).
>>> As you should know, we released the ad connector 0.9.1 release on friday.
>>> Fix about issue #24 <http://code.google.com/p/connid/issues/detail?id=24> has
>>> been provided on trunk<https://connid.googlecode.com/svn/bundles/ad/trunk>
>>> .
>>>
>>> Regards,
>>> F.
>>>
>>>
>>> Regards,
>>> Antony.
>>>
>>> On Mon, Dec 19, 2011 at 2:05 PM, Fabio Martelli <fabio.m...@gmail.com
>>> > wrote:
>>>
>>>>
>>>> Il giorno 19/dic/2011, alle ore 08.51, Fabio Martelli ha scritto:
>>>>
>>>>
>>>> Il giorno 19/dic/2011, alle ore 07.29, Antony Pulicken ha scritto:
>>>>
>>>> Hi,
>>>>
>>>> - While creating a resource mapping for AD connector, I had given
>>>> the external attributes mapping for 'uid' as 'sAMAccountName' and it was a
>>>> text field where I had typed in the mapping. After some time I noticed that
>>>> it has been changed to drop down with the value as 'USNIntersite' and I'm
>>>> not able to find 'sAMAccountName' in the drop down. More over, it was
>>>> giving me an 'Attribute Conversion Exception'
>>>>
>>>> Hi Antony,
>>>> you cannot see sAMAccountName because this is not a schema of object
>>>> classes specified.
>>>> This is a bug that I'm going to correct (
>>>> http://code.google.com/p/connid/issues/detail?id=24).
>>>>
>>>>
>>>> Issue #24 fixed on trunk. Check it out and try again.
>>>>
>>>> Regards,
>>>> F.
>>>>
>>>>
>>>>
>>>> - In the earlier version of syncope, we were able to give the
>>>> 'external attribute' mapping for the password field (unicodepwd or
>>>> password), Username (sAMAccountName even when Username is the accountId)
>>>> etc. Is it taken care internally now or is there a different approach?
>>>>
>>>> Yes, it's a little bit different: now you don't have to specify external
>>>> attribute when you are configuring Password or AccountId.
>>>> Password and AccountId is always sent to the target resource using
>>>> special attribute (__PASSWORD__, __UID__/__NAME__).
>>>>
>>>> Regards,
>>>> F.
>>>>
>>>>
>>>>
>>>
>>>
>> <Screen Shot 2011-12-19 at 7.56.06 PM.png><Screen Shot 2011-12-19 at
>> 7.56.30 PM.png><core-connid.log>
>>
>>
>>
Antony Pulicken
Yes. I'm re-executing and still no luck so far. I took the latest changes from the AD connector trunk (test case related changes) and I'm getting "javax.naming.OperationNotSupportedException" exception when 'configuration.setMembershipsInOr' is set to 'true' in AbstractTest.java. I'm seeing the same exception in the syncope logs as well.
Please find attached the syncope test reports and connid logs for your reference.
Regards,
Antony.
Antony Pulicken
Thanks,
Antony.