Re: [syncope-users] Digest for syncope-users@googlegroups.com - 3 Messages in 2 Topics
8 views
Skip to first unread message
deepika panwar
Feb 4, 2012, 10:49:58 AM2/4/12
to syncop...@googlegroups.com
Thanks Fabio and Francesco :)
I will try to configure AD with SSL and will let you know if its working in that case.
Thanks,
Deepika
On Sat, Feb 4, 2012 at 11:35 AM, <syncop...@googlegroups.com> wrote:
Group: http://groups.google.com/group/syncope-users/topics
- R: Re: [syncope-users] Syncope 1.0-SNAPSHOT - AD Connector Error [1 Update]
- Syncope 1.0-SNAPSHOT - AD Connector Error [2 Updates]
Fabio Martelli <fabio.m...@gmail.com> Feb 03 04:24PM +0100
Yes, francesco is right. Ad needs ssl to implement some requested operations.
Regards.
Fabio Martelli
deepika panwar <panwar....@gmail.com> Feb 03 03:56AM -0800
Hi all,
I have installed AD connector1.0 and configured it successfully with
Syncope 1.0-SNAPSHOT. However when I try to run a schedule task for
provisioning AD to users it fails giving below error:
:43:42.577 DEBUG org.connid.ad.ADConnection.createContext Initial
context environment: {java.naming.provider.url=ldap://xxx.xxx.xxx.xxx:
389, java.naming.factory.initial=com.sun.jndi.ldap.LdapCtxFactory,
java.naming.security.authentication=simple,
java.naming.security.protocol=ssl, java.naming.referral=follow,
java.naming.ldap.attributes.binary=objectGUID}
03:43:42.588 ERROR org.connid.ad.ADConnection.connect Authentication
result FAILED
03:43:42.604 DEBUG
org.identityconnectors.framework.api.operations.SyncApiOp.sync
Exception:
org.identityconnectors.framework.common.exceptions.ConnectorSecurityException:
javax.naming.CommunicationException: simple bind failed:
169.254.158.175:389 [Root exception is java.net.SocketException:
Connection reset]
The details that I have provided in the configuration are correct as I
have used them to connect to AD using JXplorer from the same server.
I am not configuring SSL but then also the URL that I can see in logs
shows "java.naming.security.protocol=ssl" .I have no idea why and how
it is taking that protocol.
Kindly suggest me if somewhere I am mistaken.
Regards,
Deepika
"Francesco Chicchiriccò" <chicch...@gmail.com> Feb 03 02:16PM +0100
>shows "java.naming.security.protocol=ssl" .I have no idea why and how
>it is taking that protocol.
>Kindly suggest me if somewhere I am mistaken.
Hi,
as far as I know, the AD connector is ALWAYS working in SSL mode, because otherwise some operations wouldn't be allowed by AD.
Anyway, the right guy for answering this question is Fabio...
HTH
Regards.
--
Francesco Chicchiriccò
"Computer Science is no more about computers than astronomy
is about telescopes." (E. W. Dijkstra)
You received this message because you are subscribed to the Google Group syncope-users.
You can post via email.
To unsubscribe from this group, send an empty message.
For more options, visit this group.
Fabio Martelli
Feb 6, 2012, 5:29:38 AM2/6/12
to syncop...@googlegroups.com
Il giorno 04/feb/2012, alle ore 16.49, deepika panwar ha scritto:
Thanks Fabio and Francesco :)I will try to configure AD with SSL and will let you know if its working in that case.but out of curiosity want to ask that is this the case with Syncope only because I have configured AD with other IDM products also ?
Hi Deepika,
SSL is required in order to perform password management on Active Directory.
Probably this can be avoided if and only if the client resides on the same host of Active Directory.
In fact, if I well remember, Sun IdM used to connect Active Directory through a .NET connector server (called gateway at that time) located on the same host of Active Directory.
However, I am sure that, without LDAPs our Java JNDI connector cannot be able to create active users because user passwords cannot be valued.
This is the reason why we choose to put in place this constraint to connect to an Active Directory.
Best regards,
F.
Reply all
Reply to author
Forward
0 new messages