Access Ldap directory

Dear All,
I want to access the ldap directory to get the users' names , but i don't know how to get the ldap password and data required to access it, plz help.
Thanks alot,
Marwa

The SDK works with CCM4 only. However, it shouldn't be hard to rewrite components to work with CCM6 if you look at the list of what has changed: http://forums.cisco.com/eforum/servlet/NetProf?page=netprof&forum=Unified%20Communications%20and%20Video&topic=IP%20Phone%20Services%20for%20Developers&topicID=.ee94c94&fromOutline=&CommCmd=MB%3Fcmd%3Ddisplay_location%26location%3D.2cc1020e
Just grab a copy of the latest developer guide and adapt the code: http://www.cisco.com/en/US/docs/voice_ip_comm/cucm/devguide/6_0_1/cucm_devguide.html
The database schema (here's a link to bookmark immediately - it contains all developer guides for all ccm releases: http://www.cisco.com/en/US/products/sw/voicesw/ps556/products_programming_reference_guides_list.html)
is also helpful depending on what you do (e.g if you want to know which user is currently logged into a phone by extension mobility).. there's no AXL call for that so you need to make an sql query to extract that information.

Similar Messages

Accessing LDAP Directory from ABAP

Hi all,
is there an easy posibility to access LDAP Users with their orgnanizational data from ABAP? I also would need to access the roles that are created on the LDAP as it is the general UME.
Thanks and best regards,
Dennis Junker

Hello Dennis,
You can synchronize your data between LDAP and ABAP with certain limitations. For example, passwords cannot be synchronized. Refer to SAP notes:
793191 - FAQ: User master synchronization with LDAP directories
603208 - Passwords during the LDAP user master synchronization
If you are trying to use the LDAP for authenticating SAP users, this is not possible too. Have a look at SAP note 448360. An excerpt:
o Logging on to the SAP system
The Application Server ABAP does not support the direct use of
   the directory to authenticate a user.
But you could use the LDAP to authenticate your users via portal.
Regards,
Désiré

Problem accessing LDAP via sqlnet

Hello,
I have installed OID 10.1.2 for accessing targets databases in 9.2, with oracle enterprise user, and that run correctly when I access to the taget database in local.
If I use sqlnet I receive the error 28030!
If someone have an idea!
Thanks

ORA 28030
Text: Server encountered problems accessing LDAP directory service
http://www.oracle.com/technology/products/oid/oidhtml/sec_idm_training/html_masters/handson.htm
or
did you see the How to set up Enterprise User Security
http://www.oracle.com/technology/deploy/security/db_security/howtos/eus-how-to.html
regards,
--Olaf

Can't Authenticate in LDAP directory after upgrade from 10.4.11 to 10.5.1

Hi, all
Yesterday I have tried to upgrade my Xserve Intel from 10.4.11 Tiger to 10.5.1 Leopard Server
In my server there is this service:
-AFP
-DNS
-SMB
-Open Directory Master
- XSAN Primary MDC
All works fine but when I try to acces with worgroup manager to LDAP directory I can't authenticate with "diradmin" this thing appen in local machine and with remote worgroup manager connected to the server.
I have tried with "root" user and I have been able to authenticate for some time, (5-15 min.) after It's impossible to access with all user.
The client still authenticate with user and password in all computer with 10.5.1 and 10.4.11 workstation, but now i wan't to add some new users and I can't do That!!!!!
So for now I have restore my old 10.4.11 Server Tiger, but I wish to know if someone have tried new 10.5.2 server upgrade and maybe there is some kind of fix to this problem.
Thank's In Advance

After posting on numerous message boards, and no one having an exact answer, but several making plenty of great suggestions, I think I've finally figured out the cause of this issue or at least part of the cause.
Within 'Server Admin', select "Open Directory",
under: Settings > Policy > Binding
there are six check boxes under "Security"... for testing kerberos, I have been checking the first four boxes, which are:
1. disable clear text passwords
2. digitally sign all packets (requires Kerberos)
3. encrypt all packets (requires ssl or kerberos)
4. block man-in-the-middle attackes (requires kerberos)
through troubleshooting this myself, and doing each change, followed by a server reboot, then immediately attempting to authenticate to /LDAPv3/127.0.0.1/, it seems that enabling some, or some combination of these Security settings triggers WordGroup Manager to not accept the diradmin password.
referring to the numbers above (1 through 4)...
2 or 4 by themselves fails
1 and 3 together fails
I haven't gone beyond that for testing and don't know what other combinations works or fails.
I don't know if there is something beyond this that is specific to my configuration or environment that plays a part in this failing. All I know is that turning off all Security checkboxes in this section fixes the problem.
I wonder if anyone who has never seen this problem can try this on their 10.5.2 Server and see if they are still able to authenticate as their diradmin to WGM. Regardless, seems that this is a WGM bug to me, right?
if you are having this problem, uncheck all of these boxes and then reboot before trying to authenticate.

Accessing LDAP in a custom JAAS login module

Hi,
I have developed a custom jaas login module in CE 7.1. I created a java dc which contains a class extending AbstractLoginModule. This DC is deployed on to the server using an EAR DC. I am trying to access LDAP in the custom login module. I am trying to establish an SSL connection to LDAP. For this purpose i have created a custom socket factory class which extends SSLSocketFactory. I used the code below to establish the connection.
          Hashtable<String,String> env=new Hashtable<String,String>();
          DirContext dirContext=null;
          env.put(Context.INITIAL_CONTEXT_FACTORY,"com.sun.jndi.ldap.LdapCtxFactory");
          env.put(Context.PROVIDER_URL,ldapURL);
                env.put(Context.SECURITY_PROTOCOL,"ssl");
                env.put("java.naming.ldap.factory.socket", "com.test.ldap.MySSLSocketFactory");
                dirContext=new InitialDirContext(env);
MySSLSocketFactory is the name of custom socket factory.
During a login process, the above code results in error because the connection to LDAP server could not be established. However the same code when executed in a webdynpro DC is working without any problem. What could be the reason for this?
This is the error i could see in defaultTrace
javax.naming.CommunicationException: js24.na.domain.net:636 [Root exception is java.lang.ClassNotFoundException: com.test.ldap.MySSLSocketFactory
Loader Info -
ClassLoader name: [service:security]
Living status: alive
Direct parent loaders:
   [system:Frame]
   [library:j2eeca]
   [service:timeout]
   [service:com.sap.security.core.ume.service]
   [service:adminadapter]
Resources:
   /usr/sap/SV3/J10/j2ee/cluster/bin/services/security/lib/private/sap.comtcjesecurityimpl.jar
at com.sun.jndi.ldap.Connection.<init>(Connection.java:205)
at com.sun.jndi.ldap.LdapClient.<init>(LdapClient.java:118)
at com.sun.jndi.ldap.LdapClient.getInstance(LdapClient.java:1579)
at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2681)
at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:299)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:175)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:193)
at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:136)
at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:66)
at com.sap.engine.system.naming.provider.DefaultInitialContext._getDefaultInitCtxt(DefaultInitialContext.java:64)
at com.sap.engine.system.naming.provider.DefaultInitialContext.<init>(DefaultInitialContext.java:45)
at com.sap.engine.system.naming.provider.DefaultInitialContextFactory.getInitialContext(DefaultInitialContextFactory.java:41)
at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:667)
at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:247)
at javax.naming.InitialContext.init(InitialContext.java:223)
at javax.naming.InitialContext.<init>(InitialContext.java:197)
at javax.naming.directory.InitialDirContext.<init>(InitialDirContext.java:82)

Hi,
I used an EJB to perform the LDAP search and called the EJB from the login module. It is working as expected.
Regards,
Shabeer

Workflow reviewers in an ldap directory

Hi,
I have integrated an ldap directory with UCM as the user/group store.
I need to create a criteria workflow where the initial reviewer(s) are actually users in the ldap directory. After the intial review, it would be escalated to another higher level group of users, also in the ldap directory.
i) In this case, how would I be able to have UCM search the ldap store as reviewers? I don't recall idoc script being able to do this.
ii)What would be the best practice to accomplish this?
Thanks.

Blake,
If I am using a web application model, I would use the following to allow
"everyone" in my LDAP server to get into certian area's of web applications:
<security-constraint>
<web-resource-collection>
<web-resource-name>GeneralEmployee</web-resource-name>
<description>Employee Resource</description>
<url-pattern>/process/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<description>Employees only</description>
<role-name>everyone</role-name>
</auth-constraint>
</security-constraint>
If you are allowing access to this servlet, I would try:
weblogic.allow.execute.weblogic.servlet.servlets/iclientservlet=bseely,every
one
Ken
"Blake Seely" <[email protected]> wrote in message
news:3b4c9003$[email protected]..
>
<sigh>it's already been a long day: my number is 877-870-4718
Thanks again,
Blake
"Blake Seely" <[email protected]> wrote:
I have a servlet set up on a WebLogic 5.1 SP 8 server running on NT 4.
I want that servlet protected so that only company employees defined
in our Netscape
LDAP directory can log in.
If I just want a single user to access, then my access controls for the
servlet
are:
weblogic.httpd.register.servlets/iclientservlet=iclientservlet
weblogic.allow.execute.weblogic.servlet.servlets/iclientservlet=bseely
I have set up the LDAP Realm (ldaprealm.properties is attached) and this
works
fine for one user. (all lookups, access, etc are anonymous on this
directory,
so I didn't specify any principals or passwords)
But now I need to specify that any user who is in the directory canaccess
the
servlet - how do I do that? What do I list in theweblogic.allow.execute...
line?
How do I need to change my ldaprealm.properties?
Thanks - any help appreciated. If anyone has time to give me a call,
I would appreciate
that, too.

Disabling anynomous access in directory server 5.2_Patch_3

Dear All,
Would anyone help me out on how to disable anonymous access in directory server 5.2?
Thanks,
Lewis

Try removing following line from dse.ldif [of that instance of directory server]
aci: (targetattr != "aci")(version 3.0; aci "rootdse anon read access"; allow(
read,search,compare) userdn="ldap:///anyone";)
If there is no exact match you will find a similar entry.. its at the begining of dse.ldif.
You can read more about aci in Directory Server Developer's Guide.
I hope this fixes you problem

What is Portal Ldap Directory

Hi Experts,
In documentation of User Management, I saw ' in addition to corporate LDAP directory server(which portla uses as user data repository) Portal User Management Component uses a dedicated portal LDAP directory to store additional data for the portal.
So here my dought is what is portal LDAP directory, Is it comes with portal installation or do we need this server separately,if we need to install separately, which directory server we need to install and for what additional information we need to install this server.
Pls any one clarify my dought,,Points will be rewards.
Regards
Seshu

Hi,
Yes you need to have a separate server i.e. LDAP server. It is not shipped with portal installation, usually every organisation have LDAP servers as their data sources where every user in an organisation is stored so portal provides ways to integrate this server so that we need not to create users again in portal, once integrated all the users in LDAP will be accessed using portal and every user will have his/her own id created in portal through this data source.
For some more information, refer these links.
http://help.sap.com/saphelp_nw70/helpdata/en/48/d1d13f7fb44c21e10000000a1550b0/frameset.htm
http://help.sap.com/saphelp_nw70/helpdata/en/63/14f5b51a6eff429f2d8b2063400e82/frameset.htm
Regards,
Ameya
Message was edited by:
Ameya Pimpalgaonkar
Message was edited by:
Ameya Pimpalgaonkar

Can't create blogs for users created in LDAP directory

I have an LDAP directory set up on an Open Directory Master and use it for user management. I want to allow users to create blogs off of the main web site. However, when I try to create a blog, it won't authenticate to any of the LDAP users, only the local user (of which the administrator account for the server is the only one).
LDAP directory users can access their personal websites, though (http://mydomain/~user).
Does anyone have any ideas how I can get the blog portion of the web site to allow my LDAP users to create a blog?
Thanks.

Sorry, I should have mentioned I am using Leopard Server (10.5.5).

Access LDAP through WL 5.1

Hi
We are using WL 5.1 server,I need to access the LDAP server.
do I need install a third party directory server ?
does WL 5.1 come with LDAP directory server ?
also, can we search for and read a file through LDAP ?
please help.
thanks
praveen

"praveen" <[email protected]> wrote in message
news:39e771ed$[email protected]..
>
Hi
We are using WL 5.1 server,I need to access the LDAP server.
do I need install a third party directory server ?Yes.
does WL 5.1 come with LDAP directory server ?No. WLS has its own propriatery implementation of JNDI which is not using
LDAP protocol as I know.
also, can we search for and read a file through LDAP ?You'd better read a good book about LDAP. I would recommend you to look at
Sun's JNDI tutorial.
Here is the link: http://java.sun.com/products/jndi/tutorial/index.html
Also look at this link http://www.weblogic.com/docs60/jndi/index.html
Hope it helps
please help.
thanks
praveenkesha

Relationship between groups and their members in LDAP directory missing

I use SAP EP 6 SPS14 with one LDAP Server as data source using this flat LDAP structure:
dn: dc=example,dc=com
objectClass: dcObject
objectClass: organization
dc: example
o: example.com
dn: ou=user,dc=example,dc=com
objectClass: organizationalUnit
description: All Users
ou: user
dn: cn=Max Mustermann,ou=user,dc=example,dc=com
objectClass: inetOrgPerson
objectClass: organizationalPerson
objectClass: person
objectClass: top
cn: Max Mustermann
givenName: Max
sn: Mustermann
uid: 0001
userPassword:: bWF4
dn: cn=Max Meier,ou=user,dc=example,dc=com
objectClass: inetOrgPerson
objectClass: organizationalPerson
objectClass: person
objectClass: top
cn: Max Meier
givenName: Max
sn: Meier
uid: 0002
userPassword:: bWF4
dn: ou=groups,dc=example,dc=com
objectClass: organizationalUnit
description: All Groups
ou: groups
dn: cn=internal,ou=groups,dc=example,dc=com
objectClass: groupOfNames
objectClass: top
cn: internal
member: uid=0001,ou=user,dc=example,dc=com
dn: cn=external,ou=groups,dc=example,dc=com
objectClass: groupOfNames
objectClass: top
cn: external
member: cn=Max Meier,ou=user,dc=example,dc=com
The private section of the LDAP entry in the dataSourceConfiguration.xml looks like:
<privateSection>
               <ume.ldap.access.server_type>openLDAP</ume.ldap.access.server_type>
               <ume.ldap.access.context_factory>com.sun.jndi.ldap.LdapCtxFactory</ume.ldap.access.context_factory>
               <ume.ldap.access.authentication>simple</ume.ldap.access.authentication>
               <ume.ldap.access.flat_group_hierachy>true</ume.ldap.access.flat_group_hierachy>
               <ume.ldap.access.user_as_account>true</ume.ldap.access.user_as_account>
               <ume.ldap.access.dynamic_groups>false</ume.ldap.access.dynamic_groups>
               <ume.ldap.access.ssl_socket_factory>com.sap.security.core.server.https.SecureConnectionFactory</ume.ldap.access.ssl_socket_factory>
               <ume.ldap.access.objectclass.user>inetOrgPerson</ume.ldap.access.objectclass.user>
               <ume.ldap.access.objectclass.uacc>inetOrgPerson</ume.ldap.access.objectclass.uacc>
               <ume.ldap.access.objectclass.grup>groupofnames</ume.ldap.access.objectclass.grup>
               <ume.ldap.access.naming_attribute.user>cn</ume.ldap.access.naming_attribute.user>
               <ume.ldap.access.auxiliary_naming_attribute.user>uid</ume.ldap.access.auxiliary_naming_attribute.user>
               <ume.ldap.access.naming_attribute.uacc>cn</ume.ldap.access.naming_attribute.uacc>
               <ume.ldap.access.auxiliary_naming_attribute.uacc>uid</ume.ldap.access.auxiliary_naming_attribute.uacc>
               <ume.ldap.access.naming_attribute.grup>cn</ume.ldap.access.naming_attribute.grup>
</privateSection>
The pointers in the portal are:
User Path: ou=user,dc=example,dc=com
Group Path: ou=groups,dc=example,dc=com
If I log in as SuperUser, all users and all groups of the LDAP directory are there and I could log on as one of the LDAP provided users. But the relationship between the users and the groups, defined in the member of the objectClass groupOfNames, is missing.
Whats wrong???
Message was edited by: Holger Wohlhüter

Meanwhile I changed the GroupOfNames to GroupOfUniqueNames in the LDAP structure and solved the problem. I had to add this line: <physicalAttribute name="null"/></b> in the User mappings.
<nameSpace name="com.sap.security.core.usermanagement.relation">
     <attributes>
          <attribute name="PRINCIPAL_RELATION_PARENT_ATTRIBUTE">
               <physicalAttribute name="*null*"></physicalAttribute>
          </attribute>
     </attributes>
</nameSpace>
Message was edited by: Holger Wohlhüter

Jabber for Windows - wildcard search against LDAP directory

Hi all,
I have set up an on premise environment with CUCM, CUPS and a 3rd party LDAP Directory. For CUPC everything is working fine. For Jabber for Windows it took me some time to find the correct jabber-config.xml settings to make it working.
At the moment I am able to search the LDAP Directory, but I have to write the complete Name, i.e. "Miller, John", in the search field. If I try it with "Miller" only, I get no results for my search.
I played arround with the <UseWildcards>0</UseWildcards> tag without any changes in the behaviour.
Is there anybody who can help?
Best regards
Manfred

Hi Manfred,
Jabber for Windows has been tested with following directory services:
Supported Directories
Microsoft Active Directory 2003
Microsoft Active Directory 2008
Cisco Unified Communications Manager User Data Service UDS is supported on Cisco Unified Communications Manager version 8.6.2 or later.
OpenLDAP
The behavior you are seeing could be related to interop issues. I suggest to open a TAC case for further assistance.
Thanks,
Maqsood

EMC Crash when i try to - reset client access virtual directory

Hi All,
I have one exchagne server 2010 sp3 rollup 7 installed on server 2012R2 Std.
When i try to reset client access virtual directory the MMC is crashing.
In the event viewer i can find 3 error after to crash:
1.
The program mmc.exe version 6.3.9600.17415 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: 2360
Start Time: 01d04e7b531a4a0d
Termination Time: 4294967295
Application Path: C:\Windows\system32\mmc.exe
Report Id: 69db84d3-ba91-11e4-80c3-0050569b5787
Faulting package full name:
Faulting package-relative application ID:
2.
Application: mmc.exe
Framework Version: v4.0.30319
Description: The process was terminated due to an unhandled exception.
Exception Info: System.Reflection.TargetInvocationException
Stack:
at Microsoft.ManagementConsole.Executive.MmcThreadMessageWindow.OnThreadException(Exception e)
at System.Windows.Forms.NativeWindow.Callback(IntPtr hWnd, Int32 msg, IntPtr wparam, IntPtr lparam)
at System.Windows.Forms.UnsafeNativeMethods.DispatchMessageW(MSG& msg)
at System.Windows.Forms.Application.ComponentManager.System.Windows.Forms.UnsafeNativeMethods.IMsoComponentManager.FPushMessageLoop(IntPtr dwComponentID, Int32 reason, Int32 pvLoopData)
at System.Windows.Forms.Application.ThreadContext.RunMessageLoopInner(Int32 reason, ApplicationContext context)
at System.Windows.Forms.Application.ThreadContext.RunMessageLoop(Int32 reason, ApplicationContext context)
at Microsoft.ManagementConsole.Internal.SnapInMessagePumpProxy.Microsoft.ManagementConsole.Internal.ISnapInMessagePumpProxy.Run()
at Microsoft.ManagementConsole.Executive.SnapInThread.OnThreadStart()
at System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
at System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
at System.Threading.ThreadHelper.ThreadStart()
3.
Faulting application name: mmc.exe, version: 6.3.9600.17415, time stamp: 0x54504e26
Faulting module name: KERNELBASE.dll, version: 6.3.9600.17415, time stamp: 0x54505737
Exception code: 0xe0434352
Fault offset: 0x0000000000008b9c
Faulting process id: 0x2014
Faulting application start time: 0x01d04e9e432feaef
Faulting application path: C:\Windows\system32\mmc.exe
Faulting module path: C:\Windows\system32\KERNELBASE.dll
Report Id: b8276755-ba91-11e4-80c3-0050569b5787
Faulting package full name:
Faulting package-relative application ID:
When i try to preform the task from EMC that installed on my PC (Win 7 SP1 x64) everything works fine
Thank you.

Hi Eliran,
Thank you for your question.
Are there any update recently?
We could refer to the following steps to troubleshoot:
1)disable A/V
2) Run: DISM.exe /Online /Cleanup-image /Restorehealth
http://support.microsoft.com/kb/947821/en-gb
3) follow http://support.microsoft.com/kb/929833/en-gb to upload %WinDir%\Logs\CBS\CBS.log
4) disable snap-ins exept DNS-snapin
5) run SDP
6) enable A/V
We could also re-install .Net 4.0 to check if the issue persist by the following link:
http://www.microsoft.com/en-us/download/details.aspx?id=17718
If the issue persist, we could install Exchange 2010 SP3 CU8 by the following link:
http://www.microsoft.com/en-us/download/details.aspx?id=45225
If there are any questions regarding this issue, please be free to let me know.
Best Regard,
Jim

SCVMM 2008 R2 - "The SQL Server service account does not have permission to access Active Directory Domain Services (AD DS)."

I know this question has been asked before, but never for R2, that I can tell, and the posted fixes aren't working. I have just installed SCVMM 2008 R2 on a Windows Server 2008 R2 server, using a remote SQL 2008 SP1 database. When I attempt to connect to SCVMM, I get the following error:
"The SQL Server service account does not have permission to access Active Directory Domain Services (AD DS).
Ensure that the SQL Server service is running under a domain account or a computer account that has permission to access AD DS. For more information, see "Some applications and APIs require access to authorization information on account objects" in the Microsoft Knowledge Base at http://go.microsoft.com/fwlink/?LinkId=121054.
ID: 2607"
What I've seen online is that this is usually becuase the domain account SCVMM is running as does not have the proper permissions on the SQL database. Here's what I've confirmed:
1) My SCVMM service account is a local admin on the SCVMM server
2) My SCVMM service account is a dbowner on the SCVMM database in SQL
3) My SQL service account is a dbowner on the SCVMM database in SQL
4) My SQL service account is a domain user (even made it a domain admin, just in case, and it still "doesn't have access to AD DS," which is obviously untrue)
5) Neither service account is locked out
Has anyone run in to this? It says in Technet that remote SQL 2008 is supported, as long as the SQL management studio is installed to the SCVMM server, and I installed and patched before I began the SCVMM installation. I just don't know what else to try - I have no errors in event logs, no issues during the installation itself...
Andrew Topp

That answer was very unhelpful fr33m4n. The individual mentions that they've received the error that points to the KB article. I currently receive the same error -- there seems to be no resolution. I've run the Microsoft VBS script to add TAUG to the WAAG
as suggested by 331951, and that made absolutely no difference.
1) My SCVMM service account is a local admin on the SCVMM server
2) My SCVMM service account is a dbowner on the SCVMM database in SQL
3) My SQL service account is a dbowner on the SCVMM database in SQL
4) My SQL service account is a domain user (even made it a domain admin, just in case, and it still
"doesn't have access to AD DS," which is obviously untrue)
The user is also a member of WAAG, the machines have delegated authority to each other. Is there any other solution?

Integrating Flat File data to LDAP Directory using sunopsis driver

Hello
I need to import data from a csv file into a LDAP Directory.
In order to acheive this, i used Demo physical and logical File data server (called FILE_GENERIC) and set up a new LDAP data server using tutorial "Oracle Data Integrator Driver for LDAP - User's Manual".
I can manually see and update data on both file and LDAP datastores.
The fact is that i cannot manage to import/update data from the file to the LDAP directory through a dedicated interface.
The issue do, i think, come from the PK/FK used by sunopsis relational model to represent the directory.
LDAP DN is represented by a set of two table representing in my example the organizational units in one hand and the persons in the other hands, linking them through FK in persons to auto-generated PK in organization units. My person table also have a auto generated PK. All the directory datastore tables have been reversed through ODI.
In my interface, i always use my cn as update key.
I first tried not to map the person PK in the interface, letting the driver generating it for me (or mapping a null PK). I then catch in operator a message like: " null : java.sql.SQLException: Try to insert null into a non-nullable column".
Anyway, the first row is created in the directory and a new PK is given into ODI datastore. Curiously, this is not as i would presume the last PK value + 1.
There are some kinds of gaps in the ID sequences.
I even tried checking the "tolerated error" into the IKM step called "Insert new row". I'm using IKM shipped with ODI :"IKM SQL Incremental Update". The sequence is finished in operator but due, i guess, to the catched error, the other rows are not processed. (Anyway i shouldn't have to tolerate errors)
I tried after to put not used custom PK values into my file, then map the PK column to the LDAP datastore PK column without much success: Only one row is processed. Futhermore, the id of the PK in the datastore is different of the one I put in the file.
I finally tried to generate PK values through SQL instructions by creating new steps in the IKM modul but that did not worked much.
I really do not see any other ideas to either have the driver construct new PK at insert/update or to make him ignore the null PK problem and process all the rows.
If anyone do have an idea about it, please share...
Greetings,
Adrien

Hi,
I am facing an issue who is probably the same.
using ODI 10.1.3.5, I can't insert new rows into my openLDAP.
One of the point I see is that the execution take the LDAP server for staging area and want to create I$ table into it, so the data are already imported into the ldap Server.
thanks for any help.

Access Ldap directory

Similar Messages

Maybe you are looking for