incubator-syncope-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Antony Pulicken <antony.pulic...@gmail.com>
Subject Re: [connid-users] Re: Syncope | Error while provisioning user to LDAP
Date Thu, 15 Mar 2012 09:59:31 GMT
Thanks a lot Fabio and get well soon :-)

1. We are using OpenDS
2. I have attached the screenshots of mapping and the connector
configuration

I'm facing another issue now. I doubt it is occurring because the LDAP
connector configuration is incorrect. The issue is the updates from AD are
not getting synced to LDAP. When an update happens in AD, it's getting
synced to syncope and then the LDAP search is getting invoked. Even though
the user exists in LDAP, it's returning null and because of that Create is
getting triggered. Can you please take a look at the configuration and spot
anything that is obvious ?

Regards,
Antony.



On Thu, Mar 15, 2012 at 1:33 PM, Fabio Martelli <fabio.martelli@gmail.com>wrote:

> Hi Antony, could you give me more info to reproduce the problem?
>
> 1. What ldap server are you using?
> 2. Can you provide your connector configuration screenshot?
>
> I am sick at the moment but  I will do my best to reply to you asap.
>
> Regards,
> F.
> Il giorno 14/mar/2012 04:39, "Antony Pulicken" <antony.pulicken@gmail.com>
> ha scritto:
>
> Thanks fabio for the response. I removed the Uid attribute mapping, but
>> the result is the same.  The javax.naming.directory.Attributes object
>> passed to the LdapSchemaMapping.create() still has 'entryuuid=entryUUID:
>> user314' as one of the value and it fails if I don't add the check that I
>> mentioned in my earlier mail.
>>
>> Regards,
>> Antony.
>>
>> On Tue, Mar 13, 2012 at 3:32 PM, Fabio Martelli <fabio.martelli@gmail.com
>> > wrote:
>>
>>>
>>> Il giorno 13/mar/2012, alle ore 06.43, Antony Pulicken ha scritto:
>>>
>>> Attaching the screenshots again as there was some issue last time....
>>>
>>> On Tue, Mar 13, 2012 at 11:08 AM, Antony Pulicken <
>>> antony.pulicken@gmail.com> wrote:
>>>
>>>> Hi,
>>>>
>>>> I'm getting the following error while provisioning a user from syncope
>>>> to LDAP.
>>>>
>>>> org.identityconnectors.framework.common.exceptions.ConnectorException:
>>>> javax.naming.OperationNotSupportedException: [LDAP: error code 53 - Entry
>>>> uid=user201,ou=people,dc=opensso,dc=java,dc=net cannot be added because it
>>>> includes attribute *entryUUID* which is defined as
>>>> NO-USER-MODIFICATION in the server schema]; remaining name
>>>> 'uid=user201,ou=people,dc=opensso,dc=java,dc=net'
>>>>     at
>>>> org.identityconnectors.ldap.schema.LdapSchemaMapping.create(LdapSchemaMapping.java:325)
>>>> ~[na:na]
>>>>     at
>>>> org.identityconnectors.ldap.modify.LdapCreate$1.access(LdapCreate.java:144)
>>>> ~[na:na]
>>>>     at
>>>> org.identityconnectors.ldap.schema.GuardedPasswordAttribute$Simple$1.access(GuardedPasswordAttribute.java:75)
>>>> ~[na:na]
>>>>
>>>> I think the attribute '*entryUUID'* is getting included because we are
>>>> setting one of the field/mapping as the account Id (and it's mandatory to
>>>> do that in Syncope).
>>>>
>>>> It worked only when I added a check for '*entryUUID' *and excluded the
>>>> same from the attributes while creating the sub context in the LDAP
>>>> connector code (LdapSchemaMapping.create()). Please let me know whether
>>>> there is any better way to make it work?
>>>>
>>>> I have also attached the screen shot of my LDAP Resource mapping un
>>>> syncope.
>>>>
>>>
>>> Hi Antony,
>>> you don't have to map uid. Uid attribute mapping will be generated
>>> implicitly  be defining the AccountId.
>>>
>>> Let me know if the problem persists.
>>>
>>> Regards,
>>> F.
>>>
>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> Regards,
>>>> Antony.
>>>>
>>>
>>> <Screen Shot 2012-03-13 at 11.12.23 AM.png><Screen Shot 2012-03-13 at
>>> 11.12.43 AM.png>
>>>
>>>
>>>
>>

Mime
View raw message