AD password sync version
Hi,
I've read the following in AD connector documentation:
The architecture of the password synchronization connector has been completely overhauled in release 9.1.1.
We have AD UM v. 9.1.0.1 and we are planning to install AD Password sync v. 9.1.1. Are they compatible or they are required to be same version level?
Thanks
Edited by: user108734543 on May 7, 2010 3:22 PM
Which version of AD Connector and AD Pass Sync Agent are you using?
I think the Filed Name is now UD_ADUSER_UID.
Did you complete all the post installation steps of Password Sync Agent?
Similar Messages
-
OIM-AD password sync not working
Hi All,
I am trying to sync password b/w AD and OIM. I have installed the password sync connector and followed the steps specified in the connector document. However when i change the password in AD, it is not reflected in OIM.
The connector version is 11.1.1.5. And the following have been done
1. deployed SPML-DSML service
2. Tested the SPML-DSML service
3. Installed the connector
4. Enabled the logs
5. Configured IT resource and enabled SSL
But the password changed in AD is not reflected in OIM. Please let me know if any additional steps have to performed.
ThanksHi Raghav,
Please find the log below
Debug [1/19/2012 3:54:05 PM] Inside sgsladds::sgslperwriteData YOOOO
Debug [1/19/2012 3:54:05 PM] Inside sgsladac c-tor
Debug [1/19/2012 3:54:05 PM] AD Host
Debug [1/19/2012 3:54:05 PM] localhost
Debug [1/19/2012 3:54:05 PM]
Debug [1/19/2012 3:54:05 PM] AD Port
Debug [1/19/2012 3:54:05 PM] 636
Debug [1/19/2012 3:54:05 PM]
Debug [1/19/2012 3:54:05 PM] AD Base DN
Debug [1/19/2012 3:54:05 PM] DC=abc,DC=xyz,DC=com
Debug [1/19/2012 3:54:05 PM]
Debug [1/19/2012 3:54:05 PM] Only dataattribute
Debug [1/19/2012 3:54:05 PM] Got Registry enteries
Debug [1/19/2012 3:54:05 PM] contact
Debug [1/19/2012 3:54:05 PM] description
Debug [1/19/2012 3:54:05 PM] Got Entiredn
Debug [1/19/2012 3:54:05 PM] OU=oimpwdsynctms.abc.xyz,ou=org1,DC=abc,DC=xyz,DC=com
Debug [1/19/2012 3:54:05 PM] Encrypted record already exists in Datastore
Debug [1/19/2012 3:54:05 PM] Already Exists
Debug [1/19/2012 3:54:05 PM] Encrypted record already exists in Datastore
Debug [1/19/2012 3:54:05 PM] Already Exists
Debug [1/19/2012 3:54:05 PM] Inside sgsladdsSearchUser
Debug [1/19/2012 3:54:05 PM] Firing Search Request
Debug [1/19/2012 3:54:05 PM] AD search for a user objectGUID is successfull
Debug [1/19/2012 3:54:05 PM] Count success
Debug [1/19/2012 3:54:05 PM] Search result fetched
Debug [1/19/2012 3:54:05 PM] 0:319 10 230 308 AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAA6msQnVk0HkW+zmHr7+2nyAAAAAAmAAAAUABhAHMAcwB3AG8AcgBkACAARQBuAGMAcgBwAHQAaQBvAG4AAAADZgAAqAAAABAAAABU2g1ES3TOo35N6+zJPunGAAAAAASAAACgAAAAEAAAAEsx8lF3vt0oEaE0BhubB/A4AAAAl0IEcVLgvhvZryqKTWzBkjEatBoCMvekzXvlLlUfj/moGrX2NgWL9zlmeLKY9scstvPONOalbbgUAAAArNCxOGd02kIZELgCavo2IZpN5ZA=
Debug [1/19/2012 3:54:05 PM] --------------------&&&----------------
Debug [1/19/2012 3:54:05 PM] Inside sgsladds::sgsladdsgetData NEW Look
Debug [1/19/2012 3:54:05 PM] 0:319 10 230 308 AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAA6msQnVk0HkW+zmHr7+2nyAAAAAAmAAAAUABhAHMAcwB3AG8AcgBkACAARQBuAGMAcgBwAHQAaQBvAG4AAAADZgAAqAAAABAAAABU2g1ES3TOo35N6+zJPunGAAAAAASAAACgAAAAEAAAAEsx8lF3vt0oEaE0BhubB/A4AAAAl0IEcVLgvhvZryqKTWzBkjEatBoCMvekzXvlLlUfj/moGrX2NgWL9zlmeLKY9scstvPONOalbbgUAAAArNCxOGd02kIZELgCavo2IZpN5ZA=
Debug [1/19/2012 3:54:05 PM] Encoded Data Extracted in sgsladdsgetData
Debug [1/19/2012 3:54:05 PM] 319 10 230 308 AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAA6msQnVk0HkW+zmHr7+2nyAAAAAAmAAAAUABhAHMAcwB3AG8AcgBkACAARQBuAGMAcgBwAHQAaQBvAG4AAAADZgAAqAAAABAAAABU2g1ES3TOo35N6+zJPunGAAAAAASAAACgAAAAEAAAAEsx8lF3vt0oEaE0BhubB/A4AAAAl0IEcVLgvhvZryqKTWzBkjEatBoCMvekzXvlLlUfj/moGrX2NgWL9zlmeLKY9scstvPONOalbbgUAAAArNCxOGd02kIZELgCavo2IZpN5ZA=
Debug [1/19/2012 3:54:05 PM] Moving out sgsladdsgetData
Debug [1/19/2012 3:54:05 PM] Encoded Data Extracted
Debug [1/19/2012 3:54:05 PM] 319 10 230 308 AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAA6msQnVk0HkW+zmHr7+2nyAAAAAAmAAAAUABhAHMAcwB3AG8AcgBkACAARQBuAGMAcgBwAHQAaQBvAG4AAAADZgAAqAAAABAAAABU2g1ES3TOo35N6+zJPunGAAAAAASAAACgAAAAEAAAAEsx8lF3vt0oEaE0BhubB/A4AAAAl0IEcVLgvhvZryqKTWzBkjEatBoCMvekzXvlLlUfj/moGrX2NgWL9zlmeLKY9scstvPONOalbbgUAAAArNCxOGd02kIZELgCavo2IZpN5ZA=
Debug [1/19/2012 3:54:05 PM] MAX_RETRY LIMIT count is not updated: OIM is down
Debug [1/19/2012 3:54:05 PM] 0
Debug [1/19/2012 3:54:05 PM] numretries ======
Debug [1/19/2012 3:54:05 PM] 0
Debug [1/19/2012 3:54:05 PM] Inside sgslcodsupdateChild
Debug [1/19/2012 3:54:05 PM] 0:319 10 230 308 AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAA6msQnVk0HkW+zmHr7+2nyAAAAAAmAAAAUABhAHMAcwB3AG8AcgBkACAARQBuAGMAcgBwAHQAaQBvAG4AAAADZgAAqAAAABAAAABU2g1ES3TOo35N6+zJPunGAAAAAASAAACgAAAAEAAAAEsx8lF3vt0oEaE0BhubB/A4AAAAl0IEcVLgvhvZryqKTWzBkjEatBoCMvekzXvlLlUfj/moGrX2NgWL9zlmeLKY9scstvPONOalbbgUAAAArNCxOGd02kIZELgCavo2IZpN5ZA=
Debug [1/19/2012 3:54:05 PM]
Encrypted record data updated successfully
Debug [1/19/2012 3:54:05 PM] Inside sgsladac destructor
Debug [1/19/2012 3:54:05 PM] Password updation failed in child process
Debug [1/19/2012 3:54:05 PM]
Relaxing while processing records from datastore
I have provided the correct port numbers and also my certificate is same as the OIM server name. But still when the password is changed in AD, its not updated in OIM.
Thanks,
Bhavana -
OIM Password sync connector installation issue
Hi All,
I am trying to configure password synchronziation between OIM & Active Directory. while installing AD Password Sync connector on AD Host it is returniing following.
Error occurred while uploading prepAD.ldif. , please refer to %TEMP%\oimpwdsync.log. Please upload
prepAD.ldif to Active Directory Domain Controller before applying ACLs.
Kindly suggest me on this.
Regards,
MadhuI'm also getting the same error.
This is the content of the log file :
(Apr 14, 2011 6:19:27 AM), Install, com.oracle.installshield.adpwd.pathValidator, dbg, Directory does not exists, will get created at the installation time
(Apr 14, 2011 6:19:38 AM), Install, com.installshield.product.actions.UninstallerJVMResolution, dbg.jvm, attempting to use the current JVM
(Apr 14, 2011 6:19:38 AM), Install, com.installshield.product.actions.UninstallerJVMResolution, dbg.jvm, searching for a JVM
(Apr 14, 2011 6:19:38 AM), Install, com.installshield.product.service.product.PureJavaProductServiceImpl$Installer, err, ProductException: (error code = 601; message="JVM not found")
STACK_TRACE: 8
ProductException: (error code = 601; message="JVM not found")
at com.installshield.product.actions.JVMResolution.install(JVMResolution.java:171)
at com.installshield.product.service.product.PureJavaProductServiceImpl$InstallProduct.checkUninstallerJVMResolution(PureJavaProductServiceImpl.java:4793)
at com.installshield.product.service.product.PureJavaProductServiceImpl$InstallProduct.install(PureJavaProductServiceImpl.java:4554)
at com.installshield.product.service.product.PureJavaProductServiceImpl$Installer.execute(PureJavaProductServiceImpl.java:3758)
at com.installshield.wizard.service.AsynchronousOperation.run(AsynchronousOperation.java:41)
at java.lang.Thread.run(Unknown Source)
(Apr 14, 2011 6:19:38 AM), Install, com.oracle.installshield.adpwd.execTool, err, Cannot run program "C:\Program": CreateProcess error=2, The system cannot find the file specified
(Apr 14, 2011 6:19:38 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, ASCII file C:\Program Files\oracle\OIMADPasswordSync\prepAD.ldif does not exist and will be created.
(Apr 14, 2011 6:19:38 AM), Install, com.oracle.installshield.adpwd.ldapModify, err, gen exp
(Apr 14, 2011 6:19:38 AM), Install, com.oracle.installshield.adpwd.ldapModify, err, C:\Program Files\oracle\OIMADPasswordSync\prepAD.ldif (The system cannot find the file specified)
Anyone fixed it. I have checked JAVA env is set in my machine
C:\>echo %JAVA_HOME%
D:\oracle\Middleware\jdk160_14_R27.6.5-32
C:\>java -version
java version "1.6.0_12"
Java(TM) SE Runtime Environment (build 1.6.0_12-b04)
Java HotSpot(TM) Client VM (build 11.2-b01, mixed mode)
Did anyone fix the issue? -
Hi,
I am using OIM 9.1. I am using AD connector and AD password sync connector. (connector version 9.0.4.1.10) i have deployed AD connector as well as AD Passwod Sync connector. In xlconfig.xml file I have specified "USR_UDF_PASSSTATUS" as the field in which result should be set. When I am changing user's password in Active Directory, it is changing in OIM successfully but I am getting error in updating the status in the user field.
Following is the trace from log file:
24 Aug 2008 16:14:39 INFO Logger created
24 Aug 2008 16:14:39 INFO Triggering Password Synchronization mechanism
24 Aug 2008 16:14:39 INFO Value of the installedFlag=>true
24 Aug 2008 16:14:39 INFO Password Reset Installed..get the ITResourceType and ITResourceName
24 Aug 2008 16:14:39 INFO IT ResourceType Name=>AD Server
24 Aug 2008 16:14:39 INFO ITResourceName=>ADITResource
24 Aug 2008 16:14:39 INFO Logging to OIM server
24 Aug 2008 16:14:39 INFO Logging into OIM Server with an auth mechanism
24 Aug 2008 16:14:39 INFO Necassary Configurations read
24 Aug 2008 16:14:39 INFO Logging into OIM Server with uname/pwd based auth
24 Aug 2008 16:14:52 INFO Logging into OIM Server with uname/pwd based auth
24 Aug 2008 16:14:52 INFO Initializing API instances
24 Aug 2008 16:14:52 INFO Login completed
24 Aug 2008 16:14:52 INFO Get the value of IT Resource parameter
24 Aug 2008 16:14:52 INFO Set the value of IT Resource parameter to LDAP connection variables
24 Aug 2008 16:14:52 INFO Check whether the ADsync is activated through ADServer or OIM user
24 Aug 2008 16:14:52 INFO Inside checkOIMFlag
24 Aug 2008 16:14:52 INFO Going to connect AD
24 Aug 2008 16:14:52 INFO Successful connected to AD
24 Aug 2008 16:14:52 INFO Check the value of the customAtrributeName
24 Aug 2008 16:14:52 INFO Enumerate the attributes
24 Aug 2008 16:14:52 INFO objectGUID-->f0f668d90fc80645ac344dce042cf152
24 Aug 2008 16:14:52 INFO samName-->DES.DPOLICE126
24 Aug 2008 16:14:52 INFO userPrincipalName-->[email protected]
24 Aug 2008 16:14:52 INFO User Defined field value-->0
24 Aug 2008 16:14:52 INFO Custom Atrribute value is 0
24 Aug 2008 16:14:52 INFO return from checkOIMFlag
24 Aug 2008 16:14:52 INFO Password for this user needs to be updated through synchronization
24 Aug 2008 16:14:52 INFO userId--->DES.DPOLICE126
24 Aug 2008 16:14:52 INFO matchType--->UserID
24 Aug 2008 16:14:52 INFO Inserted DES.DPOLICE126 in Input
24 Aug 2008 16:14:52 INFO Find the user in OIM :
24 Aug 2008 16:14:52 INFO After findUser :: userRS.size : 1
24 Aug 2008 16:14:52 INFO User DES.DPOLICE126 = 1128
24 Aug 2008 16:14:52 INFO Set the value of UDF field to ADSYNCH_TRUE value
24 Aug 2008 16:14:52 INFO Going to update the USR_UDF_PWDCHANGEDINDICATION to ADSYNCH_TRUE
24 Aug 2008 16:14:52 INFO update the value of USR_UDF_PWDCHANGEDINDICATION to ADSYNCH_TRUE
24 Aug 2008 16:14:52 INFO Invoking OIM API for setting Password
24 Aug 2008 16:14:52 INFO Password changed
24 Aug 2008 16:14:52 ERROR Unable to update status
Thor.API.Exceptions.tcStaleDataUpdateException
at com.evermind.server.rmi.RMICall.EXCEPTION_ORIGINATES_FROM_THE_REMOTE_SERVER(RMICall.java:109)
at com.evermind.server.rmi.RMICall.throwRecordedException(RMICall.java:125)
at com.evermind.server.rmi.RMIClientConnection.obtainRemoteMethodResponse(RMIClientConnection.java:571)
at com.evermind.server.rmi.RMIClientConnection.invokeMethod(RMIClientConnection.java:515)
at com.evermind.server.rmi.RemoteInvocationHandler.invoke(RemoteInvocationHandler.java:63)
at com.evermind.server.rmi.RecoverableRemoteInvocationHandler.invoke(RecoverableRemoteInvocationHandler.java:28)
at com.evermind.server.ejb.StatelessSessionRemoteInvocationHandler.invoke(StatelessSessionRemoteInvocationHandler.java:43)
at __Proxy3.updateUser(Unknown Source)
at Thor.API.Operations.tcUserOperationsClient.updateUser(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at Thor.API.Base.SecurityInvocationHandler$1.run(Unknown Source)
at Thor.API.Security.LoginHandler.oracleLoginSession.runAs(Unknown Source)
at Thor.API.Base.SecurityInvocationHandler.invoke(Unknown Source)
at $Proxy0.updateUser(Unknown Source)
at com.thortech.xl.integration.adpasswordsynch.ChangePassword.changePassword(Unknown Source)
at com.thortech.xl.integration.adpasswordsynch.ChangePassword.main(Unknown Source)
24 Aug 2008 16:14:52 INFO Set the value of UDF field to ADSYNCH_FALSE value
24 Aug 2008 16:14:53 INFO Going to update the USR_UDF_PWDCHANGEDINDICATION to ADSYNCH_FALSE
24 Aug 2008 16:14:53 INFO changed the USR_UDF_PWDCHANGEDINDICATION to ADSYNCH_FALSE
24 Aug 2008 16:14:53 INFO Password synch over
24 Aug 2008 16:14:53 INFO Before System.exit(0):
Can someone please tell me why I am getting this error?
Thanks & Regards,
Yash ShahDont do any thing. just restart your machine,a dn re-configure, because first time passwordsync10.dll has not initialized on AD machine. after that just put same parameter value what you have given previously. it will work
same time verify if AD Authentication or xelsysadm Authentication is wrong -
Configuration settings for the AD Password Sync Connector
Hi,
I am looking for information on how do retries work for the OIM Password (Sync) Connector for Active Directory. We are currently using version 9.1.1.5.10. If anyone can help answer any of the below questions, it will be very appreciated. Also, if there is a doc that explains this, please do let me know. The official connector doc on the Oracle site provides a good architectural overview but it does not talk about any of these registry settings.
a) What does this registry setting "OIMConfig\ConfigSleepTime" control
b) What does this registry setting "OIMConfig\MAX_RETRIES" control
c) What does this registry setting "OIMConfig\SleepTime" control
- In my experience this is the time when the password update thread kicks off. So in other words it represents the max latency between when you change a password in AD and when it will get pushed down to OIM. If you set this to 300 seconds, then you are looking at a worse case scenario of a 300 second lag between the time you changed your AD password and when it was pushed to OIM.
d) According to this doc, http://docs.oracle.com/cd/E11223_01/doc.910/e11218/overview.htm#CEGHJCJE, bullet #6 states:
"If Oracle Identity Manager rejects the password change, then the password update thread keeps resending SPML requests until the retry count reaches the maximum number of retries."
I am trying to understand what is the reasoning behind having the connector retry the password update if OIM has already rejected it once. Is there a possible scenario where OIM would reject a password update the first time and then accept the same password update on a second attempt?
e) Referring back to question #d above, what is the frequency at which the connector will attempt retries?
Thanks
Aspi Engineer
Putnam InvestmentsThat is the problem...
When I installed the connector I didn't get any error and I get a message the connector was installed ok. I think I will reinstall it.
Thanks,
Renato -
AD password sync connector configuration for OIM Cluster
Hi
I have OIM running on clustered environment in two nodes.
I have some AD domain controller. I need to install the AD password sync connector (version 9.1.1) in the AD domain controller.
I remember that in the earlier versions we need to install the user management console and then change the value in xlConfig file to have both the node name.
Version 9.1.1 is changed to use the SPML webservices. I have installed the SPML WS in both the nodes.
My question is where do i specify in the AD password sync connector that I have two server as there is no xlConfig or any other config file that I can give both the server address.
I referred the following PDF http://download.oracle.com/docs/cd/E11223_01/doc.910/e11218.pdf
Thanks
Narendar Doshihave you tried importing the cert in cacerts under $JAVA_HOME?
-
Password Sync not happening in AD with SSL 636
I am working on OIM 9.1.0. I followed the Connector Guide for Microsoft Active Directory Password Synchronization.(Connector version 9.1.1)
Configured AD with SSL. AD SSL Provisioning (636) is working fine.
Configuration of SSL on Weblogic was done (generation of keys, signing, export, etc) & imported the Certificate in AD.
Installed Password Sync on AD(389) without SSL & it worked.
I re-configured it to SSL (AD 636) but it shows errors
Can anyone give some info on it.
***********Inside sgslldpcopenLDAPConnection****************
Debug [2/9/2012 4:43:35 PM] Inside sgsladac c-tor
Debug [2/9/2012 4:43:35 PM] AD Host
Debug [2/9/2012 4:43:35 PM] 10.129.149.131
Debug [2/9/2012 4:43:35 PM]
Debug [2/9/2012 4:43:35 PM] AD Port
Debug [2/9/2012 4:43:35 PM] *636*
Debug [2/9/2012 4:43:35 PM]
Debug [2/9/2012 4:43:35 PM] AD Base DN
Debug [2/9/2012 4:43:35 PM] DC=oimpad,DC=com
Debug [2/9/2012 4:43:35 PM]
Debug [2/9/2012 4:43:35 PM]
Debugging the code
Debug [2/9/2012 4:43:35 PM] Inside ConnectToADSI
Debug [2/9/2012 4:43:35 PM]
ldap_connect failed with
Debug [2/9/2012 4:43:35 PM] Server Down
Debug [2/9/2012 4:43:35 PM]
Debug [2/9/2012 4:43:35 PM]
Connection to AD failed
Debug [2/9/2012 4:43:35 PM]
***********Out of openLDAPConnection****************
Debug [2/9/2012 4:43:35 PM] Inside sgsladac destructor
Debug [2/9/2012 4:43:36 PM] Datastore --- Connect to AD
Debug [2/9/2012 4:43:36 PM]
***********Inside sgslldpcopenLDAPConnection****************
Debug [2/9/2012 4:43:36 PM] Inside sgsladac c-tor
Debug [2/9/2012 4:43:36 PM] AD Host
Debug [2/9/2012 4:43:36 PM] 10.129.149.131
Debug [2/9/2012 4:43:36 PM]
Debug [2/9/2012 4:43:36 PM] AD Port
Debug [2/9/2012 4:43:36 PM] 636
Debug [2/9/2012 4:43:36 PM]
Debug [2/9/2012 4:43:36 PM] AD Base DN
Debug [2/9/2012 4:43:36 PM] DC=oimpad,DC=com
Debug [2/9/2012 4:43:36 PM]
Debug [2/9/2012 4:43:36 PM]
Debugging the code
Debug [2/9/2012 4:43:36 PM] Inside ConnectToADSI
Debug [2/9/2012 4:43:36 PM]
ldap_connect failed with
Debug [2/9/2012 4:43:36 PM] Server Down
Debug [2/9/2012 4:43:36 PM]
Debug [2/9/2012 4:43:36 PM]
Connection to AD failed
Debug [2/9/2012 4:43:36 PM]
***********Out of openLDAPConnection****************
Regards,
PraveenBoth the URLs are working & I configured the SSL one. Telnet to the port also happens with IP & hostname in OIM & Ad servers
http://pwoim:7001/spmlws/OIMProvisioning
https://pwoim:7002/spmlws/OIMProvisioning -
Hello All,
I am trying use the password sync util which is part of the Identity Manager aka Waveset Lighthouse to capture the password changes on Active Directory and pass it to an LDAP server.
It intercepts the password change on the Active Directory side but then throws the following error
Can not create the object of the CLSID_IDMgrClient! CoCreateInstance: 0X80040154: , , Class not registered
02/02/2005 16.54.57.547000 [2068] (../../../../src/wps/passwordsync/service/pwicsvc.cpp,321): Exit: GetClient
02/02/2005 16.54.57.547000 [2068] (../../../../src/wps/passwordsync/service/pwicsvc.cpp,450): **ERROR: Failed to get soap client.
02/02/2005 16.54.57.547000 [2068] (../../../../src/wps/passwordsync/service/pwicsvc.cpp,402): Waiting for client.Requests Processed: 1 failures: 0
The AD is on a Windows 2003.
Has anyone tried to use the password sync util, if so can you tell me what I am doing wrong?
Thank you
Cheers
VamsiHi..
Here is what I have done.. and the error log
I have upgraded Sun IDM 5.0 to SP3 and also installed PwSync with .NET 1.1. That went fine. I have also gone through the registry, and changed the 'tracelevel' attribute to level 4.
Now here are the questions-
1) No where I could see the two parameters, 'passwordSyncThreshold' and 'passwordSyncExcludeList' , to which according to the .pdf we have to set. So from where I should set those parameter's values?
2) Some times I get the trace file with errors like ---
07/20/2005 17.46.18.232000 [1940] (../../../src/wps/passwordsync/WSTrace.cpp,150): trace active, level: 4, file: C:\Program Files\Sun\Identity Manager\PasswordSync\pwicsvc.log, maxSize: 10000 KB
07/20/2005 17.46.18.232000 [1940] (../../../src/wps/passwordsync/WSTrace.cpp,109): In WSTrace::init()
07/20/2005 17.46.18.232000 [1940] (../../../src/wps/passwordsync/WSTrace.cpp,110): Version: 'Sun Identity Manager 5.0 (20041020 SP 2)'
07/20/2005 17.46.18.232000 [1940] (../../../../src/wps/passwordsync/service/pwicsvc.cpp,594): Enter: ReadRegisterySettings
07/20/2005 17.46.18.232000 [1940] (../../../../src/wps/passwordsync/service/pwicsvc.cpp,637): Error reading USE_SSL from registry.
07/20/2005 17.46.18.232000 [1940] (../../../../src/wps/passwordsync/service/pwicsvc.cpp,666): Proxy Port: 8080
07/20/2005 17.46.18.232000 [1940] (../../../../src/wps/passwordsync/service/pwicsvc.cpp,751): Error reading SecurityFlags from registry.
07/20/2005 17.46.18.232000 [1940] (../../../../src/wps/passwordsync/service/pwicsvc.cpp,763): Error reading ConnectionFlags from registry.
07/20/2005 17.46.18.242000 [1940] (../../../../src/wps/passwordsync/service/pwicsvc.cpp,779): Exit: ReadRegisterySettings
07/20/2005 17.46.18.252000 [1940] (../../../../src/wps/passwordsync/service/pwicsvc.cpp,511): WINVER: Windows Active Directory
07/20/2005 17.46.18.262000 [1940] (../../../../src/wps/passwordsync/service/pwicsvc.cpp,557): Service::svc
07/20/2005 17.46.18.272000 [1940] (../../../../src/wps/passwordsync/service/pwicsvc.cpp,374): Enter: waitForIntercepts
07/20/2005 17.46.18.282000 [1940] (../../../../src/wps/passwordsync/service/pwicsvc.cpp,402): Waiting for client.Requests Processed: 0 failures: 0
4) And some times :
after registering DotNetWrapper.DLL file manually i get this trace..
read from pipe
Request: TSALL2600J238DMKGK2JDJJ2
Getting new soap client
Enter: GetClient
Soap client created.
Client timesout: 10000
Proxy Server not specified.
Endpont URL: http://10.0.0.10:8080/idm/servlet/rpcrouter2
SSL Disabled
RAEncryptor: Decrypt3DES :Input length (16) moded to 2
Login failed error code: -2147221164 (I am giving Username : configurator, passwd: configurator)
Disassemblling Client
Exit : Get Client
"ERROR: Failed to get soap client
Waiting for client. Request proccessed : 1 Failure: 0
Am I going wrong somewhere...
Plz help me to overcome he problem..
Thanking You in advance... -
Hello All,
I installed password sync in a Windows 2003 server SE.
The application server(websphere 5) is using SSL.
The waveset version is 5.5.
I manualy registered the dll DotNetWrapper.dll but I am still getting the following log:
,110): Version: 'Sun Identity Manager 5.0 (20041020 SP 2)'
pwicsvc.cpp,594): Enter: ReadRegisterySettings
pwicsvc.cpp,637): Error reading USE_SSL from registry.
pwicsvc.cpp,666): Proxy Port: 8080
pwicsvc.cpp,751): Error reading SecurityFlags from registry.
pwicsvc.cpp,763): Error reading ConnectionFlags from registry.
pwicsvc.cpp,779): Exit: ReadRegisterySettings
pwicsvc.cpp,511): WINVER: Windows Active Directory
pwicsvc.cpp,557): Service::svc
pwicsvc.cpp,374): Enter: waitForIntercepts
pwicsvc.cpp,402): Waiting for client.Requests Processed: 0 failures: 0
pwicsvc.cpp,416): read from pipe
pwicsvc.cpp,420): REQUEST: SRTCTkASGZP1++W/mobdreEAtquTHmFJDTpZ+1fsztFSWSU2j5QdZw==
pwicsvc.cpp,441): GETTING NEW SOAP CLIENT
pwicsvc.cpp,228): Enter: GetClient
pwicsvc.cpp,245): Soap client created
pwicsvc.cpp,246): ClientTimeout: 10000
pwicsvc.cpp,256): Proxy server not specified
pwicsvc.cpp,260): EndpointURL: https://servername:443/idm/servlet/rpcrouter2
pwicsvc.cpp,287): SSL Enabled
ptor.cpp,67): RAEncryptor::Decrypt3DES: input length (16) moded to 2
pwicsvc.cpp,301): Login failed error code : -2147467259. Disassembing client
pwicsvc.cpp,321): Exit: GetClient
pwicsvc.cpp,450): **ERROR: Failed to get soap client.
pwicsvc.cpp,402): Waiting for client.Requests Processed: 1 failures: 0
Any help will be appreciated.
Itay.I would like to add that .NET and IE 6 are installed with the OS (Win2003) by default.
When I surf to the to the endpointURL I get the following message:
ERROR: org.openspml.server.SOAPRouter: GET is unsupported -
Sun IdM Password Sync 8.1 - Urgent help needed
Hi,
I have installed Sun Idm 8.1 password sync. It has been installed in Direct mode.
The test environment is 1 dc controller and 1 windows xp machine.
The following test cases were done -
1. Admin/User changes password (IDM) - it is synchronized to AD and user is able to log into XP.
2. Admin changes the password in AD - it is synchronized to IdM and user is able to log into XP and IdM
**3. When the user changes the password in XP, it does not get synchronized to idm.**
Please let me know your suggestions. Password Sync is a proven technology and should work.It should work - we have it working.
Few things to look at:
1) Check the Password Sync DLL trace log, level 4. It will help you see what is going on.
2) What is the version of Windows domain controller?
3) Make sure you have the latest password syc DLL installed. -
Hi All,
Please Help Regarding This Issue
I Cannot Resolve password sync with this AD
My Idm Version Is 9.1
My Active Directory Running on Windows 2003
=========================================================================================
My AD SYNC LOG
15 Sep 2008 19:05:51 INFO Logger created
15 Sep 2008 19:05:51 INFO Triggering Password Synchronization mechanism
15 Sep 2008 19:05:52 INFO Value of the installedFlag=>true
15 Sep 2008 19:05:52 INFO Password Reset Installed..get the ITResourceType and ITResourceName
15 Sep 2008 19:05:52 INFO IT ResourceType Name=> AD Server
15 Sep 2008 19:05:52 INFO ITResourceName=> ADITResource
15 Sep 2008 19:05:52 INFO Checking for OIM Server to synchronize password for the user--> IDMUSER
15 Sep 2008 19:05:52 INFO Port: 1099
15 Sep 2008 19:05:52 INFO Host: idmkuneh
15 Sep 2008 19:06:04 INFO OIM Server is up and running !!
15 Sep 2008 19:06:04 INFO Logging to OIM server
15 Sep 2008 19:06:04 INFO Logging into OIM Server with an auth mechanism
15 Sep 2008 19:06:04 INFO Necessary Configurations read
15 Sep 2008 19:06:04 INFO Logging into OIM Server with uname/pwd based auth
15 Sep 2008 19:06:04 INFO Finally !!
15 Sep 2008 19:06:04 INFO Before System.exit(0):
=========================================================================================
MY XLCONFIG.XML
- <xl-configuration>
<appServerName>jboss</appServerName>
- <Discovery>
- <CoreServer>
<java.naming.provider.url>jnp://idmkuneh:1099</java.naming.provider.url>
<java.naming.factory.initial>org.jnp.interfaces.NamingContextFactory</java.naming.factory.initial>
</CoreServer>
</Discovery>
- <Security>
- <XLSymmetricProvider>
- <KeyStore>
<Provider>com.sun.crypto.provider.SunJCE</Provider>
</KeyStore>
</XLSymmetricProvider>
- <XLPKIProvider>
- <KeyStore>
<Location>.xlkeystore</Location>
<Password encrypted="true">FlbwcjDZAB0hS3Q8F7PB4g==</Password>
<Type>JKS</Type>
<Provider>sun.security.provider.Sun</Provider>
</KeyStore>
- <Keys>
- <PrivateKey>
<Alias>xell</Alias>
<Password encrypted="true">FlbwcjDZAB0hS3Q8F7PB4g==</Password>
</PrivateKey>
</Keys>
<SignatureAlgorithm>SHA1withDSA</SignatureAlgorithm>
<SignatureProvider>sun.security.provider.Sun</SignatureProvider>
<VerifySigner>false</VerifySigner>
</XLPKIProvider>
</Security>
- <!-- Configuration for AD Password Sync Adapter
-->
- <ADSync>
- <Login>
<UseSignature>false</UseSignature>
<Username>xelsysadm</Username>
<Password encrypted="true">aPM3F6YImvbctkGkE4C4Ww==</Password>
</Login>
- <UserMatch>
- <!-- UserID and UDF
-->
<MatchingMethod>UserID</MatchingMethod>
<FieldName>UD_ADUSER_LOGIN</FieldName>
<ResourceObject>AD User</ResourceObject>
</UserMatch>
- <Result>
<UpdateUDF>false</UpdateUDF>
<FieldName>USR_UDF_ADPWDRES</FieldName>
<SuccessValue>SUCCESS</SuccessValue>
<FailureValue>FAIL</FailureValue>
<AppendTimeStamp>true</AppendTimeStamp>
</Result>
- <ADConnectorConfig>
<Installed>true</Installed>
<ITResourceType>AD Server</ITResourceType>
<ITResourceName>ADITResource</ITResourceName>
</ADConnectorConfig>
</ADSync>
- <Cache>
- <XLCacheProvider>
<MultiCastAddress>10.10.10.30</MultiCastAddress>
</XLCacheProvider>
</Cache>
</xl-configuration>
=========================================================================================
Thanks Before
GdeWhich version of AD Connector and AD Pass Sync Agent are you using?
I think the Filed Name is now UD_ADUSER_UID.
Did you complete all the post installation steps of Password Sync Agent? -
Error in installing the Password Sync connector
Hello friends,
I am installing the Active Directory Connector Password Sync on the domain controller, these are the results of the installation log. Any suggestions to solve the problem. thanks
(Oct 14, 2011 9:08:39 AM), Install, com.installshield.wizard.platform.win32.Win32PPKRegistryServiceImpl, dbg.registry, reading VPD from C:\WINDOWS\vpd.properties
(Oct 14, 2011 10:11:33 AM), Install, com.oracle.installshield.adpwd.getAttributeVal, dbg, defaultNamingContext
(Oct 14, 2011 10:11:33 AM), Install, com.oracle.installshield.adpwd.getAttributeVal, err, [LDAP: error code 1 - 00000000: LdapErr: DSID-0C090627, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, vece ]
(Oct 14, 2011 10:11:33 AM), Install, com.oracle.installshield.adpwd.getDomainName, dbg, dnsHostName
(Oct 14, 2011 10:11:33 AM), Install, com.oracle.installshield.adpwd.getDomainName, err, [LDAP: error code 1 - 00000000: LdapErr: DSID-0C090627, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, vece ]
(Oct 14, 2011 10:27:06 AM), Install, com.oracle.installshield.adpwd.pathValidator, err, could not create directory D:\$P(absoluteInstallLocation)
(Oct 14, 2011 10:28:16 AM), Install, com.oracle.installshield.adpwd.pathValidator, err, could not create directory D:\$P(absoluteInstallLocation)
(Oct 14, 2011 10:28:34 AM), Install, com.oracle.installshield.adpwd.pathValidator, err, could not create directory D:\$P(absoluteInstallLocation)
(Oct 14, 2011 10:28:46 AM), Install, com.oracle.installshield.adpwd.pathValidator, err, could not create directory D:\$P(absoluteInstallLocation)
(Oct 14, 2011 10:29:09 AM), Install, com.oracle.installshield.adpwd.pathValidator, dbg, C:\Progra~1\oracle\OIMADPasswordSync\Logs Directory already exists
(Oct 14, 2011 10:30:07 AM), Install, com.oracle.installshield.adpwd.pathValidator, dbg, C:\Progra~1\oracle\OIMADPasswordSync\Logs Directory already exists
(Oct 14, 2011 10:41:49 AM), Install, com.installshield.wizard.platform.win32.Win32JVMServiceImpl, dbg.jvm, calculating size from directory C:\DOCUME~1\user\LOCALS~1\Temp\LRE1.tmp
(Oct 14, 2011 10:41:49 AM), Install, com.installshield.wizard.platform.win32.Win32JVMServiceImpl, dbg.jvm, calculating size from directory C:\DOCUME~1\user\LOCALS~1\Temp\LRE1.tmp
(Oct 14, 2011 10:41:58 AM), Install, com.installshield.product.actions.UninstallerJVMResolution, dbg.jvm, attempting to use the current JVM
(Oct 14, 2011 10:41:58 AM), Install, com.installshield.product.actions.UninstallerJVMResolution, dbg.jvm, copying the current JVM
(Oct 14, 2011 10:41:58 AM), Install, com.installshield.wizard.platform.win32.Win32JVMServiceImpl, dbg.jvm, copying directory C:\DOCUME~1\user\LOCALS~1\Temp\LRE1.tmp to C:\Program Files\oracle\OIMADPasswordSync\_jvm
(Oct 14, 2011 10:42:03 AM), Install, com.installshield.wizard.platform.win32.Win32JVMServiceImpl, dbg.jvm, JVM_HOME = C:\Program Files\oracle\OIMADPasswordSync\_jvm
(Oct 14, 2011 10:42:03 AM), Install, com.installshield.wizard.platform.win32.Win32ProductServiceImpl, dbg.install, JVM memory before installing Files (files): free=16516032 total=20971520
(Oct 14, 2011 10:42:03 AM), Install, com.installshield.wizard.platform.win32.Win32ProductServiceImpl, msg1, installing Files (files)
(Oct 14, 2011 10:42:03 AM), Install, com.installshield.wizard.platform.win32.Win32ProductServiceImpl, dbg.install, JVM memory after installing Files (files): free=16258032 total=20971520
(Oct 14, 2011 10:42:03 AM), Install, com.installshield.wizard.platform.win32.Win32ProductServiceImpl, dbg.install, JVM memory before installing Files (dlls): free=16241712 total=20971520
(Oct 14, 2011 10:42:03 AM), Install, com.installshield.wizard.platform.win32.Win32ProductServiceImpl, msg1, installing Files (dlls)
(Oct 14, 2011 10:42:03 AM), Install, com.installshield.wizard.platform.win32.Win32ProductServiceImpl, dbg.install, JVM memory after installing Files (dlls): free=17534280 total=20971520
(Oct 14, 2011 10:42:03 AM), Install, com.installshield.wizard.platform.win32.Win32ProductServiceImpl, dbg.install, JVM memory before installing Win32 Registry Update (registryUpdate): free=17517840 total=20971520
(Oct 14, 2011 10:42:03 AM), Install, com.installshield.wizard.platform.win32.Win32ProductServiceImpl, msg1, installing Win32 Registry Update (registryUpdate)
(Oct 14, 2011 10:42:03 AM), Install, com.installshield.wizard.platform.win32.Win32ProductServiceImpl, dbg.install, JVM memory after installing Win32 Registry Update (registryUpdate): free=16909032 total=20971520
(Oct 14, 2011 10:42:03 AM), Install, com.installshield.wizard.platform.win32.Win32ProductServiceImpl, dbg.install, JVM memory before installing Create Directory (createLogDir): free=16892816 total=20971520
(Oct 14, 2011 10:42:03 AM), Install, com.installshield.wizard.platform.win32.Win32ProductServiceImpl, msg1, installing Create Directory (createLogDir)
(Oct 14, 2011 10:42:03 AM), Install, com.installshield.wizard.platform.win32.Win32ProductServiceImpl, dbg.install, JVM memory after installing Create Directory (createLogDir): free=16838120 total=20971520
(Oct 14, 2011 10:42:03 AM), Install, com.installshield.wizard.platform.win32.Win32PPKRegistryServiceImpl, dbg.registry, writing VPD to C:\WINDOWS\vpd.properties
(Oct 14, 2011 10:42:06 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, Reading in ASCII file C:\Program Files\oracle\OIMADPasswordSync\prepAD.ldif.
(Oct 14, 2011 10:42:06 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, /REPLACE TEXT: orclpwfbasedn ON LINE: 7/
(Oct 14, 2011 10:42:06 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, ou: oimpwdsyncdomain.inet
(Oct 14, 2011 10:42:06 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, /REPLACE TEXT: orclpwfbasedn ON LINE: 5/
(Oct 14, 2011 10:42:06 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, name: oimpwdsyncdomain.inet
(Oct 14, 2011 10:42:06 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, /REPLACE TEXT: orclpwfbasedn ON LINE: 3/
(Oct 14, 2011 10:42:06 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, OU=oimpwdsyncdomain.inet,persistentstore,domaindn
(Oct 14, 2011 10:42:06 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, /REPLACE TEXT: orclpwfbasedn ON LINE: 0/
(Oct 14, 2011 10:42:06 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, dn: OU=oimpwdsyncdomain.inet,persistentstore,domaindn
(Oct 14, 2011 10:42:06 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, /REPLACE TEXT: domaindn ON LINE: 3/
(Oct 14, 2011 10:42:06 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, OU=oimpwdsyncdomain.inet,persistentstore,DC=domain,DC=inet
(Oct 14, 2011 10:42:06 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, /REPLACE TEXT: domaindn ON LINE: 0/
(Oct 14, 2011 10:42:06 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, dn: OU=oimpwdsyncdomain.inet,persistentstore,DC=domain,DC=inet
(Oct 14, 2011 10:42:06 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, /REPLACE TEXT: persistentstore ON LINE: 3/
(Oct 14, 2011 10:42:06 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, OU=oimpwdsyncdomain.inet,ou=IDM-quota,DC=domain,DC=inet
(Oct 14, 2011 10:42:06 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, /REPLACE TEXT: persistentstore ON LINE: 0/
(Oct 14, 2011 10:42:06 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, dn: OU=oimpwdsyncdomain.inet,ou=IDM-quota,DC=domain,DC=inet
(Oct 14, 2011 10:42:06 AM), Install, com.oracle.installshield.adpwd.ldapModify, err, in Create the initial directory context
(Oct 14, 2011 10:42:06 AM), Install, com.oracle.installshield.adpwd.ldapModify, err, Request: 1 cancelled
(Oct 14, 2011 10:42:06 AM), Install, com.oracle.installshield.adpwd.ldapModify, dbg, C:\Program Files\oracle\OIMADPasswordSync\prepAD.ldif
(Oct 14, 2011 10:42:06 AM), Install, com.oracle.installshield.adpwd.ldapModify, err, gen exp
(Oct 14, 2011 10:42:06 AM), Install, com.oracle.installshield.adpwd.ldapModify, err, null
(Oct 14, 2011 10:55:13 AM), Install, com.installshield.wizard.platform.win32.Win32PPKRegistryServiceImpl, dbg.registry, reading VPD from C:\WINDOWS\vpd.properties
(Oct 14, 2011 10:55:23 AM), Install, com.oracle.installshield.adpwd.getAttributeVal, dbg, defaultNamingContext
(Oct 14, 2011 10:55:24 AM), Install, com.oracle.installshield.adpwd.getAttributeVal, err, [LDAP: error code 1 - 00000000: LdapErr: DSID-0C090627, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, vece ]
(Oct 14, 2011 10:55:24 AM), Install, com.oracle.installshield.adpwd.getDomainName, dbg, dnsHostName
(Oct 14, 2011 10:55:24 AM), Install, com.oracle.installshield.adpwd.getDomainName, err, [LDAP: error code 1 - 00000000: LdapErr: DSID-0C090627, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, vece ]
(Oct 14, 2011 10:57:21 AM), Install, com.oracle.installshield.adpwd.pathValidator, err, could not create directory D:\$P(absoluteInstallLocation)
(Oct 14, 2011 10:57:38 AM), Install, com.oracle.installshield.adpwd.pathValidator, dbg, C:\Progra~1\oracle\OIMADPasswordSync\Logs Directory already exists
(Oct 14, 2011 11:00:18 AM), Install, com.installshield.wizard.platform.win32.Win32JVMServiceImpl, dbg.jvm, calculating size from directory C:\DOCUME~1\user\LOCALS~1\Temp\LRE3.tmp
(Oct 14, 2011 11:00:19 AM), Install, com.installshield.wizard.platform.win32.Win32JVMServiceImpl, dbg.jvm, calculating size from directory C:\DOCUME~1\user\LOCALS~1\Temp\LRE3.tmp
(Oct 14, 2011 11:00:21 AM), Install, com.installshield.product.actions.UninstallerJVMResolution, dbg.jvm, attempting to use the current JVM
(Oct 14, 2011 11:00:31 AM), Install, com.installshield.product.actions.UninstallerJVMResolution, dbg.jvm, copying the current JVM
(Oct 14, 2011 11:00:31 AM), Install, com.installshield.wizard.platform.win32.Win32JVMServiceImpl, dbg.jvm, copying directory C:\DOCUME~1\user\LOCALS~1\Temp\LRE3.tmp to C:\Program Files\oracle\OIMADPasswordSync\_jvm
(Oct 14, 2011 11:00:35 AM), Install, com.installshield.wizard.platform.win32.Win32JVMServiceImpl, dbg.jvm, JVM_HOME = C:\Program Files\oracle\OIMADPasswordSync\_jvm
(Oct 14, 2011 11:00:35 AM), Install, com.installshield.wizard.platform.win32.Win32ProductServiceImpl, dbg.install, JVM memory before installing Files (files): free=17418496 total=20971520
(Oct 14, 2011 11:00:35 AM), Install, com.installshield.wizard.platform.win32.Win32ProductServiceImpl, msg1, installing Files (files)
(Oct 14, 2011 11:00:35 AM), Install, com.installshield.wizard.platform.win32.Win32ProductServiceImpl, dbg.install, JVM memory after installing Files (files): free=17160072 total=20971520
(Oct 14, 2011 11:00:35 AM), Install, com.installshield.wizard.platform.win32.Win32ProductServiceImpl, dbg.install, JVM memory before installing Files (dlls): free=17125832 total=20971520
(Oct 14, 2011 11:00:35 AM), Install, com.installshield.wizard.platform.win32.Win32ProductServiceImpl, msg1, installing Files (dlls)
(Oct 14, 2011 11:00:36 AM), Install, com.installshield.wizard.platform.win32.Win32ProductServiceImpl, dbg.install, JVM memory after installing Files (dlls): free=17012768 total=20971520
(Oct 14, 2011 11:00:36 AM), Install, com.installshield.wizard.platform.win32.Win32ProductServiceImpl, dbg.install, JVM memory before installing Win32 Registry Update (registryUpdate): free=16996328 total=20971520
(Oct 14, 2011 11:00:36 AM), Install, com.installshield.wizard.platform.win32.Win32ProductServiceImpl, msg1, installing Win32 Registry Update (registryUpdate)
(Oct 14, 2011 11:00:36 AM), Install, com.installshield.wizard.platform.win32.Win32ProductServiceImpl, dbg.install, JVM memory after installing Win32 Registry Update (registryUpdate): free=16365640 total=20971520
(Oct 14, 2011 11:00:36 AM), Install, com.installshield.wizard.platform.win32.Win32ProductServiceImpl, dbg.install, JVM memory before installing Create Directory (createLogDir): free=16349424 total=20971520
(Oct 14, 2011 11:00:36 AM), Install, com.installshield.wizard.platform.win32.Win32ProductServiceImpl, msg1, installing Create Directory (createLogDir)
(Oct 14, 2011 11:00:36 AM), Install, com.installshield.wizard.platform.win32.Win32ProductServiceImpl, dbg.install, JVM memory after installing Create Directory (createLogDir): free=16294688 total=20971520
(Oct 14, 2011 11:00:36 AM), Install, com.installshield.wizard.platform.win32.Win32PPKRegistryServiceImpl, dbg.registry, writing VPD to C:\WINDOWS\vpd.properties
(Oct 14, 2011 11:00:39 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, Reading in ASCII file C:\Program Files\oracle\OIMADPasswordSync\prepAD.ldif.
(Oct 14, 2011 11:00:39 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, /REPLACE TEXT: orclpwfbasedn ON LINE: 7/
(Oct 14, 2011 11:00:39 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, ou: oimpwdsyncdomain.inet
(Oct 14, 2011 11:00:39 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, /REPLACE TEXT: orclpwfbasedn ON LINE: 5/
(Oct 14, 2011 11:00:39 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, name: oimpwdsyncdomain.inet
(Oct 14, 2011 11:00:39 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, /REPLACE TEXT: orclpwfbasedn ON LINE: 3/
(Oct 14, 2011 11:00:39 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, OU=oimpwdsyncdomain.inet,persistentstore,domaindn
(Oct 14, 2011 11:00:39 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, /REPLACE TEXT: orclpwfbasedn ON LINE: 0/
(Oct 14, 2011 11:00:39 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, dn: OU=oimpwdsyncdomain.inet,persistentstore,domaindn
(Oct 14, 2011 11:00:39 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, /REPLACE TEXT: domaindn ON LINE: 3/
(Oct 14, 2011 11:00:39 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, OU=oimpwdsyncdomain.inet,persistentstore,DC=domain,DC=inet
(Oct 14, 2011 11:00:39 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, /REPLACE TEXT: domaindn ON LINE: 0/
(Oct 14, 2011 11:00:39 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, dn: OU=oimpwdsyncdomain.inet,persistentstore,DC=domain,DC=inet
(Oct 14, 2011 11:00:39 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, /REPLACE TEXT: persistentstore ON LINE: 3/
(Oct 14, 2011 11:00:39 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, OU=oimpwdsyncdomain.inet,ou=storepersistent,DC=domain,DC=inet
(Oct 14, 2011 11:00:39 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, /REPLACE TEXT: persistentstore ON LINE: 0/
(Oct 14, 2011 11:00:39 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, dn: OU=oimpwdsyncdomain.inet,ou=storepersistent,DC=domain,DC=inet
(Oct 14, 2011 11:00:41 AM), Install, com.oracle.installshield.adpwd.ldapModify, err, in Create the initial directory context
(Oct 14, 2011 11:00:41 AM), Install, com.oracle.installshield.adpwd.ldapModify, err, Request: 1 cancelled
(Oct 14, 2011 11:00:41 AM), Install, com.oracle.installshield.adpwd.ldapModify, dbg, C:\Program Files\oracle\OIMADPasswordSync\prepAD.ldif
(Oct 14, 2011 11:00:41 AM), Install, com.oracle.installshield.adpwd.ldapModify, err, gen exp
(Oct 14, 2011 11:00:41 AM), Install, com.oracle.installshield.adpwd.ldapModify, err, nullThis is the contents of prepAD.ldif
dn: OU=oimpwdsyncdomain.inet,ou=IDM,DC=domain,DC=inet
changetype: add
distinguishedName:
OU=oimpwdsyncdomain.inet,ou=IDM,DC=domain,DC=inet
instanceType: 4
name: oimpwdsyncdomain.inet
objectClass: organizationalUnit
ou: oimpwdsyncdomain.inet
Result of manual execution of this file
C:\Program Files\oracle\OIMADPasswordSync>ldifde -i -f prepAD.ldif
Connecting to "SERVER.DOMAIN.INET"
Logging in as current user using SSPI
Importing directory from file "prepAD.ldif"
Loading entries.
Add error on line 1: No Such Object
The server side error is "Directory object not found."
0 entries modified successfully.
An error has occurred in the program
No log files were written. In order to generate a log file, please
specify the log file path via the -j option.
Friends, any suggestions for the solution of this case
Thanks. -
AD Password Sync connector 9.1.1 With OIM 11g R2 - ERROR OVER SSL
I have set up AD password sync with from AD to OIM 11G R2
The password syncs from AD to OIM 11G R2 on non ssl port 389.
But if fails on SSL Port 636.
Errors in OIMMain.Log:_
Debug [10/11/2012 10:49:34 AM] Inside ConnectToADSI
Debug [10/11/2012 10:49:34 AM]
ldap_connect failed with
Debug [10/11/2012 10:49:34 AM] Server Down
Debug [10/11/2012 10:49:34 AM]
Steps Carried Out thus far:_
AD is up and running.
Configured AD Password Sync Connector on 636 and selected ssl.
Created Certificate on OIM host, configured custom identity key store on weblogic. Restarted Weblogic.
Imported Certificate to AD. After this, restarted the AD
I can Telnet port 636 from OIM Box and also connect to AD through LDAP Browser on 636 and view OU and CN, so this seems fine.
Provisioning from OIM through Connector Server to AD works over SSL and this works fine.
Help would be appreciated.
Many ThanksThis question is now been fixed.
Instead of explicitly stating 636 for SSL,
Use the same port 389 for ssl and also configured oim port to be 140001 which is the ssl port for oim in the configuration of OIM Password Sync.
Export Certificates from AD to java security keystore and to weblogic keystore
Export .pem certificate created on OIM host machine to AD.
Restart weblogic, oim and AD
Everything would work fine.
For all the other information, refer to doc.
Thanks -
Password Sync Connector for AD
Hello All,
I am newbie.
In my organization, we are trying to set up a password sync connector to change/update passwords iin microsoft active directory.
We are planning to have a simple form that interacts with OIM. And OIM provisions the password update to the corresponding user record in Active Directory.
Form has
Username:--
Old password:--
New password:--
After the password is updated in the OIM, I am not sure how to provision it to Active directory.
Please help me out with this.
Regards,
VSNSee this post.
Re: how to trigger update in oim attribute to resource
You'll need to trigger the password change from the OIM User Profile onto your target application form. This would then trigger the Password Updated task on that provisioning process definition.
-Kevin -
Password Sync Connector Error 11gR2
Hi all,
I am using following products
IDM 11.1.2.0,
activedirectory-11.1.1.5.0 connector with Patch P14190610_111150_Generic.
MSFT_PSync_91150 for Password Sync.
Please let me know that AD Password Sync Connector 9.1.1.5 can be configured with OIM *11gR2* ?
Because I am getting error *"Password updation failed in child process "* I have used the same connector with OIM 11.1.1.5.0 (11gR1) and it was working fine. do i need to make any changes / settings in the OIM for AD Resource also?
Thanksthanks for your reply,
Please can you help me on the following ....
I have installed AD PasswordSync Connector 9.1.1.5.0 (MSFT_AD_PSync_9.1.1.5.0) with newly released patch MSFT_AD_PSync_9.1.1.5.6 (patch 14627510). I am getting error that Password updation failed in child process
its not making any sence as the same connector was working fine with 11gR1. I have uninstalled and reconfigured the connector but no luck.
Can you through some light on it?
what i think that there is some communication issue between IDM and AD server, I have check the communication and found no issue. is it that SSL is compulsory for this connector although its not mentioned in any of the document.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
ebug [10/09/12 14:09:27] Inside sgsloidi::setParameters
Debug [10/09/12 14:09:27] The SOAP start element is
Debug [10/09/12 14:09:27] <processRequest xmlns=""><sOAPElement>
Debug [10/09/12 14:09:27] The SOAP end element is
Debug [10/09/12 14:09:27] </sOAPElement></processRequest>
Debug [10/09/12 14:09:27] The path is
Debug [10/09/12 14:09:27] /spmlws/OIMProvisioning
Debug [10/09/12 14:09:27] End of sgsloidi::setParameters
Debug [10/09/12 14:09:27] Begin function sgsloidi::queryADUserAttribute()
Debug [10/09/12 14:09:27] Inside sgsladac c-tor
Debug [10/09/12 14:09:27] AD Host
Debug [10/09/12 14:09:27] 172.20.20.135
Debug [10/09/12 14:09:27]
Debug [10/09/12 14:09:27] AD Port
Debug [10/09/12 14:09:27] 389
Debug [10/09/12 14:09:27]
Debug [10/09/12 14:09:27] AD Base DN
Debug [10/09/12 14:09:27] DC=YYYt,DC=vvv,DC=www
Debug [10/09/12 14:09:27]
Debug [10/09/12 14:09:27] Inside ConnectToADSI
Debug [10/09/12 14:09:27]
ADSI Bind success full
Debug [10/09/12 14:09:27] Begin function sgsladac::searchAttrValue()
Debug [10/09/12 14:09:27] [Base DN : DC=yyy,DC=vvv,DC=www]; [Filter : (&(objectClass=user)(samAccountName=IDM005))]; [Attribute : samAccountName]
Debug [10/09/12 14:09:27] Search success with one result.
Debug [10/09/12 14:09:27] End function sgsladac::searchAttrValue()
Debug [10/09/12 14:09:27] End function sgsloidi::queryADUserAttribute()
Debug [10/09/12 14:09:27] Inside sgsladac destructor
Debug [10/09/12 14:09:27] <env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/"><env:Header/><env:Body><env:Fault><faultcode>env:Client</faultcode><faultstring>Unknown method</faultstring></env:Fault></env:Body></env:Envelope>
Debug [10/09/12 14:09:27] Inside sgsloidiOIMGeneralErrorHandler
Debug [10/09/12 14:09:27] Unable to update IDM005. There are error messages in the searchReponse. Please check log for details
Debug [10/09/12 14:09:27] Inside sgsladds::sgslperwriteData YOOOO
Debug [10/09/12 14:09:27] Inside sgsladac c-tor
Debug [10/09/12 14:09:27] AD Host
Debug [10/09/12 14:09:27] 172.20.20.135
Debug [10/09/12 14:09:27]
Debug [10/09/12 14:09:27] AD Port
Debug [10/09/12 14:09:27] 389
Debug [10/09/12 14:09:27]
Debug [10/09/12 14:09:27] AD Base DN
Debug [10/09/12 14:09:27] DC=yyy,DC=vvv,DC=www
Debug [10/09/12 14:09:27]
Debug [10/09/12 14:09:27] Only dataattribute
Debug [10/09/12 14:09:27] Got Registry enteries
Debug [10/09/12 14:09:27] contact
Debug [10/09/12 14:09:27] description
Debug [10/09/12 14:09:27] Got Entiredn
Debug [10/09/12 14:09:27] OU=oimpwdsyncmoetest.gov.kw,ou=OIMADPasswordSync,DC=yyy,DC=vv,DC=wwww
Debug [10/09/12 14:09:27] Encrypted record already exists in Datastore
Debug [10/09/12 14:09:27] Already Exists
Debug [10/09/12 14:09:27] Encrypted record already exists in Datastore
Debug [10/09/12 14:09:27] Already Exists
Debug [10/09/12 14:09:27] Inside sgsladdsSearchUser
Debug [10/09/12 14:09:27] Firing Search Request
Debug [10/09/12 14:09:27] AD search for a user objectGUID is successfull
Debug [10/09/12 14:09:27] Count success
Debug [10/09/12 14:09:27] Search result fetched
Debug [10/09/12 14:09:27] 0:430 6 314 420 AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAn+Kii3Krv0GOKE3aE8a/vwAAAAAmAAAAUABhAHMAcwB3AG8AcgBkACAARQBuAGMAcgBwAHQAaQBvAG4AAAAQZgAAAAEAACAAAADVc9Vqwy5JzRFSKTMKlZcowXUmtY/Giw1nYgIz01HZQgAAAAAOgAAAAAIAACAAAADnr10j8OQlKm35BMRt7yKNNQYNeR2JRPMQrlWheBs3XUAAAAB6it/wjG20tJgo5T9euni2Jldb/agmY5RDsoKVpvLnHAkptSd4OUIIaysGAWkqfv9iK69FtzUuh+DcmgkdSLtOQAAAAGMpkx8yFJaKXwnzoCZyElCZbrzdg5f3GNj+S56lk4/UpVij9hFk5VeysObVw21NClzmGnuiBRtO+WF+LzChEUM=
Debug [10/09/12 14:09:27] --------------------&&&----------------
Debug [10/09/12 14:09:27] Inside sgsladds::sgsladdsgetData NEW Look
Debug [10/09/12 14:09:27] 0:430 6 314 420 AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAn+Kii3Krv0GOKE3aE8a/vwAAAAAmAAAAUABhAHMAcwB3AG8AcgBkACAARQBuAGMAcgBwAHQAaQBvAG4AAAAQZgAAAAEAACAAAADVc9Vqwy5JzRFSKTMKlZcowXUmtY/Giw1nYgIz01HZQgAAAAAOgAAAAAIAACAAAADnr10j8OQlKm35BMRt7yKNNQYNeR2JRPMQrlWheBs3XUAAAAB6it/wjG20tJgo5T9euni2Jldb/agmY5RDsoKVpvLnHAkptSd4OUIIaysGAWkqfv9iK69FtzUuh+DcmgkdSLtOQAAAAGMpkx8yFJaKXwnzoCZyElCZbrzdg5f3GNj+S56lk4/UpVij9hFk5VeysObVw21NClzmGnuiBRtO+WF+LzChEUM=
Debug [10/09/12 14:09:27] Encoded Data Extracted in sgsladdsgetData
Debug [10/09/12 14:09:27] 430 6 314 420 AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAn+Kii3Krv0GOKE3aE8a/vwAAAAAmAAAAUABhAHMAcwB3AG8AcgBkACAARQBuAGMAcgBwAHQAaQBvAG4AAAAQZgAAAAEAACAAAADVc9Vqwy5JzRFSKTMKlZcowXUmtY/Giw1nYgIz01HZQgAAAAAOgAAAAAIAACAAAADnr10j8OQlKm35BMRt7yKNNQYNeR2JRPMQrlWheBs3XUAAAAB6it/wjG20tJgo5T9euni2Jldb/agmY5RDsoKVpvLnHAkptSd4OUIIaysGAWkqfv9iK69FtzUuh+DcmgkdSLtOQAAAAGMpkx8yFJaKXwnzoCZyElCZbrzdg5f3GNj+S56lk4/UpVij9hFk5VeysObVw21NClzmGnuiBRtO+WF+LzChEUM=
Debug [10/09/12 14:09:27] Moving out sgsladdsgetData
Debug [10/09/12 14:09:27] Encoded Data Extracted
Debug [10/09/12 14:09:27] 430 6 314 420 AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAn+Kii3Krv0GOKE3aE8a/vwAAAAAmAAAAUABhAHMAcwB3AG8AcgBkACAARQBuAGMAcgBwAHQAaQBvAG4AAAAQZgAAAAEAACAAAADVc9Vqwy5JzRFSKTMKlZcowXUmtY/Giw1nYgIz01HZQgAAAAAOgAAAAAIAACAAAADnr10j8OQlKm35BMRt7yKNNQYNeR2JRPMQrlWheBs3XUAAAAB6it/wjG20tJgo5T9euni2Jldb/agmY5RDsoKVpvLnHAkptSd4OUIIaysGAWkqfv9iK69FtzUuh+DcmgkdSLtOQAAAAGMpkx8yFJaKXwnzoCZyElCZbrzdg5f3GNj+S56lk4/UpVij9hFk5VeysObVw21NClzmGnuiBRtO+WF+LzChEUM=
Debug [10/09/12 14:09:27] Incrementing the MAX_RETRY LIMIT:
Debug [10/09/12 14:09:27] 1
Debug [10/09/12 14:09:27] numretries ======
Debug [10/09/12 14:09:27] 1
Debug [10/09/12 14:09:27] Inside sgslcodsupdateChild
Debug [10/09/12 14:09:27] 1:430 6 314 420 AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAn+Kii3Krv0GOKE3aE8a/vwAAAAAmAAAAUABhAHMAcwB3AG8AcgBkACAARQBuAGMAcgBwAHQAaQBvAG4AAAAQZgAAAAEAACAAAADVc9Vqwy5JzRFSKTMKlZcowXUmtY/Giw1nYgIz01HZQgAAAAAOgAAAAAIAACAAAADnr10j8OQlKm35BMRt7yKNNQYNeR2JRPMQrlWheBs3XUAAAAB6it/wjG20tJgo5T9euni2Jldb/agmY5RDsoKVpvLnHAkptSd4OUIIaysGAWkqfv9iK69FtzUuh+DcmgkdSLtOQAAAAGMpkx8yFJaKXwnzoCZyElCZbrzdg5f3GNj+S56lk4/UpVij9hFk5VeysObVw21NClzmGnuiBRtO+WF+LzChEUM=
Debug [10/09/12 14:09:27]
Encrypted record data updated successfully
Debug [10/09/12 14:09:27] Inside sgsladac destructor
Debug [10/09/12 14:09:27] End of sgsloidiOIMGeneralErrorHandler
Debug [10/09/12 14:09:27] Password updation failed in child process
Debug [10/09/12 14:09:27]
Relaxing while processing records from datastore
Debug [10/09/12 14:09:29]
About to UNBIND datastore after processing the Records
Debug [10/09/12 14:09:29]
Deleting datastore object pointer
Debug [10/09/12 14:09:30] Datastore --- Connect to AD
Debug [10/09/12 14:09:30]
Maybe you are looking for
-
Can anybody help: I just installed Oracle 10g Release 2 on Windows XP Pro SP2 and receive the following message when starting the Enterprise Manager: DBD Error: OCIServer Attach. Via SQLPlus I can work and the Instance is running. I would appreciate
-
In Stock number in Sales Order Screen includes non-nettable warehouses
The "In Stock" column displayed on the Sales Order row seems to show the total stock for that item across all warehouses. Is there any way to restrict this to one or more specific warehouses (e.g. to exclude a 'Scrap' warehouse). I assumed that "In
-
I'm on a business trip right now (my first with my new MacBook Pro) and when I clicked on the Airport Extreme icon at top, I noticed much more than just the hotel's wireless connection. There are also a couple "Computer-to-Computer" networks listed.
-
Would like tab behavior to be same as with IE when clicking on links in Bookmarks Toolbar
In IE, when I click on a Bookmarks Toolbar link, it opens that link in the tab in which I am currently working. In Firefox, however, it always opens a new tab. I would prefer having Firefox behave such that it only opens a new tab when I specifically
-
Free programs that work with itunes to scan/fix music for tracks that skip
Are there any programs (preferably free) that can scan an entire itunes library for corrupt songs & fix on albums? like songs that skip that came from a scratched CD. With the amount of songs I have now, it would be impossible to go through them all