Mucho strangeness: passwords not propagating to AD, and other annoyances

Hi all,
I'm dealing with a few problems in IDM at the moment, and am looking at a small grab-bag of symptoms, which may or may not be linked to each other or to the problem at all.
The main current problem is that passwords aren't propagating into our Active Directory servers, although they did in the past.
First a quick summary of our environment, we are running IDM 5.5, we have a central mysql DB which is the source of user infromation, 3 different tables, one for each class of user. Activesync is in use to watch these tables, and we have a custom user form for each table too.
We are feeding account data into an LDAP server, which is working fine, and to a pair of Active Directory Servers, one for testing/development, and one intended to be for production, except the 'production' server isn't actually in production yet.
Password information is held in the mysql tables, in 2 different forms, 1) pre-encrypted unix hashes, and pgp-encrypted plaintext, we use the pgp-encrypted plaintext to feed the AD servers, and the unix-hashes for the LDAP.
Amongst other things the custom forms are calling locally written java code to reverse the pgp-encryption.
Because the AD boxes weren't in production, we don't know when things broke, or what may have changed to cause the breakage.
The symptoms I've found are as follows:
- account creation on AD works, including the initial password,
- password changes are not going through to the AD servers,
- changes to other fields in the mysql tables, do propagate (ie, changes to names, email adresses, vacation settings),
- Our custom user form gets run 3 times, on any change to an account within the mysql tables,
- The first time the form is run, the waveset.accountId is, sometimes, null, (maybe this is on account creation?)
- The first time the form is run, activeSync.pgp_pass (our pgp encrypted plaintext password) is always null,
- on an attempted password change, the task log doesn't show that it is trying to change the password, only that the Acocunt was 'updated',
- on changing any other field, the task log shows that it was changing that field, although it does show other fields that may have been changed,
- the catalina.out (we run tomcat), does show that the passwords are being correctly decrypted from the pgp form,
I'm stuck at this point, can anyone make any suggestions?

Hi Again,
This reply is just to let people know what happened with the issues I listed above.
- The user form being run 3 times, I don't fully understand this one, but I did reduce the amount of work the form did by turning the pgp decryption from a Expansion, to a Derivation field type.
- the empty attributes, the first time the form is run, does appear to be due to the first appearance of a user account, ie waveset.accountId is empty because it hadn't been generated yet for this user,
The basic problem of the passwords not puching out was a naming issue, when we first developed the software to decrypt the passwords, we put it in global.pass, and in the schema maps, placed entries like pass->userPasswordAt that point the system worked, then we decided to be more explicit and decided to name the attribute password instead.
Which meant the schema map was now working with the password. namespace and the password.password attribute, which in turn meant the password distribution failed, because we didn't set password.confirmPassword, or the pasword.selectAll attributes.
We were lazy, and didn't expect what looked like a attribute name change to be able to change anything, so we didn't notice the passwords stopped propagating.
As you can see from the above we are still learning how this all works :-(

Similar Messages

  • My webcam is not working for skype and other appli...

    Hello,
    My webcam is not working for skype and other applications i have used tinychat and tango..i have updated all version of skype as you said in other topics but all of them is not working for me...my device name is vimicro usb 2.0 and i have accidently deleted that device now i have installed that device again but its not working i have seen all topics please help me  ...
    i will be very thankful to you

    Please,  run the DirectX diagnostics tool.
    Go to Windows Start and in the Run box type dxdiag.exe and press the OK button. This will start the DirectX diagnostics program. Run this diagnostics and save the results to a file. Please, attach this file to your post.
    Be aware that you will have to zip this file before attaching it here.

  • HT3986 I installed windows 7 successfull, but when I start the mac in windows I does not see the wifi, and others things. How do I get the drivers?

    I installed windows 7 successfull, but when I start the mac in windows I does not see the wifi, and others things. How do I get the drivers?
    I remember that with Snow Leopard you could download them from the Apple website.
    Cheers!

    Read the Boot Camp Documentation while you run Boot Camp Assistant to download the Windows Support Software which was the first step in the Boot Camp Setup procedure.

  • Some notes disappeared from iphone, and others are not synchronizing on ipad, mac, and iphone. What to do?

    Some notes disappeared from iphone, and others are not synchronizing on ipad, mac, and iphone. What to do?

    Hi, MPiaM.  
    Thank you for visiting Apple Support Communities.  
    I would need clarification on if you are experiencing an issue with syncing photos via iTunes or iCloud to provide a better answer.  However, here are a couple troubleshooting articles that cover both scenarios.    
    iTunes: Unable to sync photos
    http://support.apple.com/en-us/TS3697
    Get help using My Photo Stream
    http://support.apple.com/en-us/HT203511
    -Jason H.  

  • MacAir does not synchronize outbound (iPhone and other MacBook) but it does it inbound

    MacAir does not synchronize outbound (iPhone and other MacBook) but it does it OK inbound

    Using Windows? Read here:
    http://support.apple.com/kb/TS1538
    Follow the directions to the letter.

  • My password  not woking on mac and iPhone all of the sudden

    My mac book and my iphone are have trouble keep saying password not good  but it is the right on and it works on icloud.com just fine. I was working fine yesterday morning and then in the evening it started this

    Hello Jodi216,
    It sounds like you are unable to access your email in the mail account becuase you are being told the password is incorrect, and you have removed the email account and re added it. I recommend starting by deleting the mail account as you had before. Then close the open apps on your phone:
    iOS: Force an app to close
    http://support.apple.com/kb/ht5137
    Double-click the Home button.
    Swipe left or right until you have located the app you wish to close.
    Swipe the app up to close it.
    When you have done that and restart the phone and test the issue by signing back into the account in Settings, and testing the issue again:
    iOS: Turning off and on (restarting) and resetting
    http://support.apple.com/kb/ht1430
    If it persists, I would next backup your device to iTunes with this article:
    iOS: How to back up and restore your content
    http://support.apple.com/kb/HT1766
    And restore it from your backup with this article to delete the current iOS 7 installation and install a fresh copy:
    Use iTunes to restore your iOS device to factory settings
    http://support.apple.com/kb/ht1414
    Thank you for using Apple Support Communities.
    Take care,
    Sterling

  • Not getting Facebook Notifications and other issues

    Okay. I have been dealing with this since last night and I don't know what else to do. I have not been receiving any push notification from Facebook. I thought it was an issue with the device so I power cycled the device and when I tried to access the Facebook app, it asked me to sign in. As I proceeded to enter my log in information, I get an Error Code 2602 and was not able to log in until I uninstalled the app and then reinstalled it. What is going on? I have seen THOUSANDS of feedback posts in teh App World about this and it has not been addressed. It is things like this that make companies like Instagram not build apps for the Baclkberry platform. PLEASE FIX THIS IMMEDIATELY!!!!!

    My guess would be that Facebook and/or RIM has done something and jacked up all Blackberry users. Hopefully they will get their act together and fix it... Android phones are looking better and better to me at this point, and I am considering not waiting the year and just buying one out right.

  • I recently upgraded to os x mavericks,but i am getting this type of message from key chain password,even i gave password for this but again that window will appear and asks for password , bcoz of this safari and other apps aren't responding,plz help thnx

    it asks password for i cloud helper and messenger agent calendar agent , adress book sync , think that i will give correct password for 1 st one , after that 2nd keychain window will ask password i will try three password it will take one password , this continues for 5 keychain windows and 1st keychain password window will appear again what i have given password at first it won't take it again if i give another password it will take , and keychain password window reappear again and again

    See my anwser here.
    https://discussions.apple.com/message/23498909#23498909

  • I cant update nor download any applications. My password was always invalid. And other username is prompted richardca0521@yahoo.ca which is not my account. How to get rid of this apple id and use my account for download? I have registered this to itunes.

    I can't update nor download any apps in itunes. Prompted invalid password, upon checking the apple id was not mine. The id was [email protected] whic is not mine. Pls. Help how to get rid of this. Thank you.

    try and delete the apps and re-add them

  • ICloud password not accepted, intermittent failure and must be reset each time

    So, my wife is becoming manic depressant when she tries to use her phone, computer, whatever...  on icloud.  It will work fine for a week or two, then suddenly the password for the same account she has had no problem with for the last 4 years doesn't work any more.  I then get called in to reset her password, re-sign in all of her devices, and she and I are happy once again.  This has happened a ******** amount of times, (more than 10).  I have went through the entire process of resetting all of the security questions... blah, blah... tech support... turn off,  sign out all devices, blah blah...  turn on, sign back in, on and on... update the computer, soft reset,  hard reset, "upgrade" to the new stupid operating system that she really hates, blah blah,  update the phone to an even worse OS,...  on and on.  Honest.  I've tried everything.   Everything is the latest model, and software version.
    Does anyone out there actually know how to fix this intermittent problem?  There is no solid pattern to the time intervals. It can happen within hours, or weeks of me resetting the password and signing in.
    Lately, I have spent more intimate time with my wifes Apple devices than her, and this is very disturbing for me. (and her)

    Hi,
    Whilst Apple IDs that end in either @mac.com or @me.com they registration pages do not tell you that if you are going to be using it as an AIM Screen Name the password has to be 16 characters otr less.  (This is an AIM server limit)
    At some point you will need to update the password.
    10:08 PM      Friday; March 23, 2012
    Please, if posting Logs, do not post any Log info after the line "Binary Images for iChat"
      iMac 2.5Ghz 5i 2011 (Lion 10.7.3)
     G4/1GhzDual MDD (Leopard 10.5.8)
     MacBookPro 2Gb (Snow Leopard 10.6.8)
     Mac OS X (10.6.8),
    "Limit the Logs to the Bits above Binary Images."  No, Seriously

  • Help--admin password not working after archive and reinstall

    I reinstalled leopard and did an archive and install...when it restarts it goes to the logon screen...and asks for my password... and it doesnt work. what should i do? i have all the data i need and also i have a time machine back ups.
    i dont want to go through a another hour or 2 re-installing leopard. im typing this off my boot volume on my external.
    what do i do about the password?

    use this [link|http://docs.info.apple.com/article.html?path=Mac/10.5/en/11627.html].

  • TC not found after reboot (and other problems)

    Hi there,
    After I have gone through the Airport utility to setup my new TimeCapsule (TC) as router (connected with a DSL-modem), Airport utility rebooted TC, but then an error occurred, saying TC could not be found after reboot. This is the last in a series of strange behaviours and occurred directly after I reset TC to factory settings.
    I also had tried adding TC to an existing network. This appeared to work (no error message, green LED). However, I could not select TC as TimeMachine's backup drive. TimeMachine did find TC, asked me for the password and verified the password, however immediately switched back to the status "not configured".
    Any ideas? Thanks in advance
    -mat

    Dear fellow sufferers,
    it is solved! I decided to wait with a return and meanwhile the solution in another thread. All problems went away after I turned all security off from my network (do do this, I had to temporarily connect my TC by wire). This may be related to the fact that I am using a slightly aged PowerBook (latest Titanium model). Using fixed channel instead of automatic further accelerated the connection.
    Well, it is not really solved since I want to use some security in my network, but I suppose that will come with the next Leopard update (Cupertino, do you hear me!!!????).
    ...Cupertino, do you hear me!!???

  • Help with new Airport Extreme (and network name) not recognizing Time Capsule and other Airports in the home

    I had a Time Capsule running in an AV Cabinet and it made too much noise as it backed up and ruined soft/quiet music passages (and created far too much warmth as well).  So, I visited the local Apple store and the guy I met worked through a few solutions with me.  I decided on an Airport Extreme for the audio cabinet, and would move the Time Capsule to another room where it would not create noise interference.
    So, I have the Airport up and running perfectly well.  I changed my wireless network name and password.
    I cannot get the Airport Express and Time Capsule to show up on my network.  They both just blink that brown/orange color on the front.  When I go to the Airport Utility, it does not pick up the Time Capsule or Airport Express.  I have tried unplugging and plugging back in and scanning for devices, but dont know what else to do.  Are they still looking for my old network?  Is there a way to reset them??
    Thanks for any help.

    I've tried the option key on both--the AEBS offers 14 options, including Automatic, while the TC offers 8 options, and no Automatic. The AEBS lists (among others) 802.11 a/n-b/g compatible, 802.11 a-b/g compatible, or 802.11 n (5 GHz)-b/g compatible. The TC offers 802.11.n (b/g compatible), 802.11n only (2.4 GHz), and 802.11n only (5 GHz), among others...
    I had already followed the instructions in the link you supplied, except that the wireless options don't quite match...
    I am currently trying 802.11n (5GHz)-b/g compatible on the AEBS and 802.11 (5GHz) on the TC, which gives me a rate of 270 on my n devices and 54 on my g devices, according to the Airport Utility.
    This might be the best I can do, without buying a new TC. Thanks for any advice you can give...
    C.

  • Safari will not open home page and other glitches since upgrade

    Strange stuff happening since I did the Combo Upgrade 10.4.11. Safari will not open to my home page. I have used preferences to set the home page but closing Safari and restarting still opens a blank page with no URL in the address box. I also noticed that several pages I have opened that have log in fields don't allow tabbing to the next field. I have checked all the preferences and every thing seems right. I have trashed Safari and its preference folder, downloaded the upgrade and used Pacifist to reinstall Safari. I used Disk Utility to repair permissions. Still I can't can't get a home page to load. Before the reinstall, I synched with .Mac to save my bookmarks and synched again afterwards to bring them into the fresh install of Safari. What should I do now?

    Here is a culmination of my searching and efforts that fixed this issue for me. I find it necessary to run Disk Utility more frequently.
    1) Trash Safari preferences in all user accounts:
    Computer/Library/Preferences/com.apple.Safari.plist
    User/Library/Preferences/com.apple.Safari.plist
    2) Empty trash
    3) Move files from Input manager to desktop
    /Users/YourUsername/Library/InputManagers/
    /Library/InputManagers/
    4) Restart computer
    5) Close Safari if automatically opens on restart
    6) Open disk utility: Applications/Utilities/Disk Utility
    7) Verify permissions
    8) Repair permissions
    9) Reopen Safari
    10) Return Input Manager files from Step 3, ONE FILE AT A TIME from Desktop to Input Manager Folder and Restart between moves.

  • How can I set Safari 7.0.3 NOT to save logins and other website info

    After using Firefox for a very long time, am trying to use Safari pretty exclusively.  I would like to know how to set it to NOT keep any passwords, logons, etc., and have looked in prefs and don't see a way to do that. Surely Apple has that in Safari???  When I return to a website I logged into the day before, it automatically logs me in, and I do NOT like that.
    Thanks.

    From the Safari menu bar click Safari > Preferences then select the Passwords tab.
    Deselect:  Autofill user names and passwords
    Then hold down the Shift key and select all Websites llisted then click Remove All.
    To avoid autofill on sites, open Keychain Access located in Applications > Utilities
    Select Passwords on the left.
    Type in the name of a website that autofills.
    Then right or control click that keychain then click Delete.
    Ditto for others.

Maybe you are looking for

  • Connecting with external time recording system

    Hi,  I need to know how an in-house Java Time Recordins System can communicate with SAP.  The plan is for this system to send raw data, clock in, clock out to SAP work schedules.  Employees are mostly positive and have occasionnaly shift differential

  • Firefox aborts its http request silently within 60 seconds

    duplicate of [/questions/1047223] *Summary Firefox aborts its http request within almost 60 seconds(period till timeout varies) and tells nothing to users. This happened with both of Nginx and Apache. *Environment Client browser: Firefox 35.0.1 Clien

  • I am not able to copy to ipod

    I am not able to copy any further to the ipod. I have utilised about 600 MB of space. Still a lot of space left on it. I have restored it. after restoration again it will copy only about 600 mb only. I have changed usb ports, I have re-installed xp,

  • Convert Selection For iPod--Video Problems

    I've got video in iTunes, that's not the problem. I've checked, iTunes and QuickTime are both up-to-date. When I try and sync the videos to my 80gig iPod, it tells me that they can not be synced because they are not the right format. They're all .mp4

  • Adobe Photoshop CS6 crashes when loading files

    Basically what it says. When I load a gile it crashes. I've only tried loading JPG's. I have also uninstalled and re-installed it. Thanks Sean