Password sync error using SSL
Hello All,
I installed password sync in a Windows 2003 server SE.
The application server(websphere 5) is using SSL.
The waveset version is 5.5.
I manualy registered the dll DotNetWrapper.dll but I am still getting the following log:
,110): Version: 'Sun Identity Manager 5.0 (20041020 SP 2)'
pwicsvc.cpp,594): Enter: ReadRegisterySettings
pwicsvc.cpp,637): Error reading USE_SSL from registry.
pwicsvc.cpp,666): Proxy Port: 8080
pwicsvc.cpp,751): Error reading SecurityFlags from registry.
pwicsvc.cpp,763): Error reading ConnectionFlags from registry.
pwicsvc.cpp,779): Exit: ReadRegisterySettings
pwicsvc.cpp,511): WINVER: Windows Active Directory
pwicsvc.cpp,557): Service::svc
pwicsvc.cpp,374): Enter: waitForIntercepts
pwicsvc.cpp,402): Waiting for client.Requests Processed: 0 failures: 0
pwicsvc.cpp,416): read from pipe
pwicsvc.cpp,420): REQUEST: SRTCTkASGZP1++W/mobdreEAtquTHmFJDTpZ+1fsztFSWSU2j5QdZw==
pwicsvc.cpp,441): GETTING NEW SOAP CLIENT
pwicsvc.cpp,228): Enter: GetClient
pwicsvc.cpp,245): Soap client created
pwicsvc.cpp,246): ClientTimeout: 10000
pwicsvc.cpp,256): Proxy server not specified
pwicsvc.cpp,260): EndpointURL: https://servername:443/idm/servlet/rpcrouter2
pwicsvc.cpp,287): SSL Enabled
ptor.cpp,67): RAEncryptor::Decrypt3DES: input length (16) moded to 2
pwicsvc.cpp,301): Login failed error code : -2147467259. Disassembing client
pwicsvc.cpp,321): Exit: GetClient
pwicsvc.cpp,450): **ERROR: Failed to get soap client.
pwicsvc.cpp,402): Waiting for client.Requests Processed: 1 failures: 0
Any help will be appreciated.
Itay.
I would like to add that .NET and IE 6 are installed with the OS (Win2003) by default.
When I surf to the to the endpointURL I get the following message:
ERROR: org.openspml.server.SOAPRouter: GET is unsupported
Similar Messages
-
AD Password Sync Connector in SSL Mode
Hi,
The AD Password Sycn connector works fine with non-SSL , but not in SSL mode.
This is the log generated-
Debug [11/19/12 15:35:08] Start getting config parameters from registry
Debug [11/19/12 15:35:08] oimhost is
Debug [11/19/12 15:35:08] abc.com
Debug [11/19/12 15:35:08]
Debug [11/19/12 15:35:08] oimport is
Debug [11/19/12 15:35:08] 14001
Debug [11/19/12 15:35:08]
Debug [11/19/12 15:35:08] oimsslclient is
Debug [11/19/12 15:35:08] PwdSync
Debug [11/19/12 15:35:08]
Debug [11/19/12 15:35:08] oimuserattr is
Debug [11/19/12 15:35:08] Users.User ID
Debug [11/19/12 15:35:08]
Debug [11/19/12 15:35:08] oimusessl is
Debug [11/19/12 15:35:08] Y
Debug [11/19/12 15:35:08]
Debug [11/19/12 15:35:08] oimappservertype is
Debug [11/19/12 15:35:08] 1
Debug [11/19/12 15:35:08]
Debug [11/19/12 15:35:08] End of sgsloidi::getConfigParamters
Debug [11/19/12 15:35:08] Inside sgsloidi::setParameters
Debug [11/19/12 15:35:08] The SOAP start element is
Debug [11/19/12 15:35:08] <processRequest xmlns=""><sOAPElement>
Debug [11/19/12 15:35:08] The SOAP end element is
Debug [11/19/12 15:35:08] </sOAPElement></processRequest>
Debug [11/19/12 15:35:08] The path is
Debug [11/19/12 15:35:08] /spmlws/OIMProvisioning
Debug [11/19/12 15:35:08] End of sgsloidi::setParameters
Debug [11/19/12 15:35:09] Look for client cert
Debug [11/19/12 15:35:09] Search the opened store
Debug [11/19/12 15:35:09] Inside sgsloidiOIMDownErrorHandler
Please suggest.Instead of explicitly stating 636 for SSL,
Use the same port 389 for ssl and also configure oim port to be same(ex:140001) which is the ssl port for oim in the configuration of OIM Password Sync.
Export Certificates from AD to java security keystore and to weblogic keystore
Export .pem certificate created on OIM host machine to AD.
Restart weblogic, oim and AD
Everything would work fine.
For all the other information, refer to doc. -
Hi, hope someone can help.
have installed 32 bit passwordsysnc.dll on ad server 2003 R2 connecting to sun IDM 8.1.1 using the direct method.
It seems to function correctly and password changes are being synced, but each change results in an event log error on the AD server as follows:
"While processing account gguava, password sync was unable to connect to the servlet to post the synchronization message. Error: ."
The trace log seems to indicate that the password change event is submitted successfully and then the error occurs. i.e:
11/29/2010 13.38.03.834000 [3196] (e:\waveset\build\idm8110-36\src\wps\passwordsync\passwordsyncdll\pwsyncclient.cpp,48): Connecting to leghorn.cdu.edu.au on port 7777
11/29/2010 13.38.03.834000 [3196] (e:\waveset\build\idm8110-36\src\wps\passwordsync\passwordsyncdll\pwsyncclient.cpp,72): Adding request parameter: 'JNDIProperties'=''
11/29/2010 13.38.03.834000 [3196] (e:\waveset\build\idm8110-36\src\wps\passwordsync\passwordsyncdll\pwsyncclient.cpp,72): Adding request parameter: 'accountId'='configurator'
11/29/2010 13.38.03.834000 [3196] (e:\waveset\build\idm8110-36\src\wps\passwordsync\passwordsyncdll\pwsyncclient.cpp,72): Adding request parameter: 'clientEndpoint'='SHOEBILL'
11/29/2010 13.38.03.834000 [3196] (e:\waveset\build\idm8110-36\src\wps\passwordsync\passwordsyncdll\pwsyncclient.cpp,72): Adding request parameter: 'connectionFactory'=''
11/29/2010 13.38.03.834000 [3196] (e:\waveset\build\idm8110-36\src\wps\passwordsync\passwordsyncdll\pwsyncclient.cpp,72): Adding request parameter: 'direct'='true'
11/29/2010 13.38.03.834000 [3196] (e:\waveset\build\idm8110-36\src\wps\passwordsync\passwordsyncdll\pwsyncclient.cpp,72): Adding request parameter: 'email'='[email protected]'
11/29/2010 13.38.03.834000 [3196] (e:\waveset\build\idm8110-36\src\wps\passwordsync\passwordsyncdll\pwsyncclient.cpp,72): Adding request parameter: 'emailEndUser'='false'
11/29/2010 13.38.03.834000 [3196] (e:\waveset\build\idm8110-36\src\wps\passwordsync\passwordsyncdll\pwsyncclient.cpp,72): Adding request parameter: 'jmsPassword'='*******'
11/29/2010 13.38.03.834000 [3196] (e:\waveset\build\idm8110-36\src\wps\passwordsync\passwordsyncdll\pwsyncclient.cpp,72): Adding request parameter: 'jmsUser'=''
11/29/2010 13.38.03.834000 [3196] (e:\waveset\build\idm8110-36\src\wps\passwordsync\passwordsyncdll\pwsyncclient.cpp,72): Adding request parameter: 'password'='*******'
11/29/2010 13.38.03.834000 [3196] (e:\waveset\build\idm8110-36\src\wps\passwordsync\passwordsyncdll\pwsyncclient.cpp,72): Adding request parameter: 'queueName'=''
11/29/2010 13.38.03.834000 [3196] (e:\waveset\build\idm8110-36\src\wps\passwordsync\passwordsyncdll\pwsyncclient.cpp,72): Adding request parameter: 'resourceAccountGUID'='8241442873f21f419938428b3f3e9a23'
11/29/2010 13.38.03.834000 [3196] (e:\waveset\build\idm8110-36\src\wps\passwordsync\passwordsyncdll\pwsyncclient.cpp,72): Adding request parameter: 'resourceAccountId'='CN=gguava(gerri guava),OU=AliceSprings,OU=People,DC=cdu-staff,DC=local'
11/29/2010 13.38.03.834000 [3196] (e:\waveset\build\idm8110-36\src\wps\passwordsync\passwordsyncdll\pwsyncclient.cpp,72): Adding request parameter: 'resourcePassword'='*******'
11/29/2010 13.38.03.834000 [3196] (e:\waveset\build\idm8110-36\src\wps\passwordsync\passwordsyncdll\pwsyncclient.cpp,72): Adding request parameter: 'resourcetype'='Windows Active Directory'
11/29/2010 13.38.03.834000 [3196] (e:\waveset\build\idm8110-36\src\wps\passwordsync\passwordsyncdll\pwsyncclient.cpp,72): Adding request parameter: 'sessionType'=''
11/29/2010 13.38.03.834000 [3196] (e:\waveset\build\idm8110-36\src\wps\passwordsync\passwordsyncdll\pwsyncclient.cpp,97): SendToServlet: opening direct connection
11/29/2010 13.38.08.475000 [3196] (e:\waveset\build\idm8110-36\src\wps\passwordsync\passwordsyncdll\pwsyncclient.cpp,221): httpSendRequest succeeded
11/29/2010 13.38.08.475000 [3196] (e:\waveset\build\idm8110-36\src\wps\passwordsync\passwordsyncdll\pwsyncclient.cpp,336): Info flag 19 returned 400
11/29/2010 13.38.08.475000 [3196] (e:\waveset\build\idm8110-36\src\wps\passwordsync\passwordsyncdll\pwsyncclient.cpp,339): Error retrieving header information from servlet.
11/29/2010 13.38.08.475000 [3196] (e:\waveset\build\idm8110-36\src\wps\passwordsync\passwordsyncdll\pwsyncclient.cpp,320): Failed to convert contentLength
11/29/2010 13.38.08.475000 [3196] (e:\waveset\build\idm8110-36\src\wps\passwordsync\passwordsyncdll\pwsyncclient.cpp,277): servlet contact failed
11/29/2010 13.38.08.475000 [3196] (e:\waveset\build\idm8110-36\src\wps\passwordsync\passwordsyncdll\pwsyncclient.cpp,285): Exit: PwSyncClient::SendToServlet
11/29/2010 13.38.08.475000 [3196] (e:\waveset\build\idm8110-36\src\wps\passwordsync\passwordsyncdll\lhpwic.cpp,96): Enter: writeToEventLog
11/29/2010 13.38.08.475000 [3196] (e:\waveset\build\idm8110-36\src\wps\passwordsync\passwordsyncdll\lhpwic.cpp,118): Exit: writeToEventLog
11/29/2010 13.38.08.475000 [3196] (e:\waveset\build\idm8110-36\src\wps\passwordsync\passwordsyncdll\lhpwic.cpp,351): Enter: EmailNotification
11/29/2010 13.38.08.475000 [3196] (e:\waveset\build\idm8110-36\src\wps\passwordsync\passwordsyncdll\lhpwic.cpp,354): Email is not enabled
11/29/2010 13.38.08.475000 [3196] (e:\waveset\build\idm8110-36\src\wps\passwordsync\passwordsyncdll\lhpwic.cpp,596): Got initialization mutex
11/29/2010 13.38.08.475000 [3196] (e:\waveset\build\idm8110-36\src\wps\passwordsync\passwordsyncdll\lhpwic.cpp,609): Released Mutex
11/29/2010 13.38.08.475000 [3196] (e:\waveset\build\idm8110-36\src\wps\passwordsync\passwordsyncdll\lhpwic.cpp,230): Exit: SyncPassword
I have 8.1.1 password sync working OK in a test environment, the main difference being the port is a more standard 80 (instead of 7777 in production)
Has anyone encountered this? How do I fix it? is it important even?
Thanks in advance.I had this exact error.
For future reference:
Double check the user password and status of the account by loging in the user interface with the account you are using.
I did a password reset on the waveset service account used by the password sync. When I logged in the user interface with that account, it prompted me to enter a new password. Upon entering a new password and reflecting the change in the Password Sync, synchronisation resumed. -
HT4864 "Note: If you receive errors using SSL, try using TLS instead."
My outgoing mail server works with .me when I enable TLS, but not SSL, any security issues?
Appreciate your reply. Please help me in my further questions.
We were using SSL to connect to their server till now, now they want to upgrade it, so they want us to use TLS1.0
In the link I see that TLS1.0 and others are installed but I do not see them on our server. I will have them install it.
Once we have TLS installed and enabled does Biztalk HTTP adapter use TLS 1.0 as default to connect to external system automatically or do I have to change the HTTP send receive port which has a certificate in it.
Also with which tool can I check if Biztalk is actually using TLS or SSL. -
Error using SSL on Receiver Soap Adapter
Hi there,
I'm having some problems on connecting to a third-party application running a webservice (meaning, through Receiver Soap Adapter). The third-party appl. demands us to use a SSL connection (its url starts with https), with user authentication through certificate.
We've installed SAP Java Cryptographic toolkit and have a proper certificate configured on the KeyStorage entry, on Visual Administrator.
On Soap Adapter, I've configured HTTP Transport Protocol and have selected the "configure certificate authentication" option and selected the certificate, filled the mandatory fields (target URL and soap action) but I keep getting this error message on SXMB_MONI: "com.sap.aii.af.ra.ms.api.DeliveryException: unable to create a socket".
Is there anything else than installing SAP Java Cryptographic Toolkit to enable SSL on Soap Adapter? Is there another configurations that need to be done?
Thanks in advance,
Henrique.Hi
can u please tell me, how u r able to resolve the problem
i am also stuck in the same error
basically i am working on SSO b/w three systems.
EP>XI>R/3
i am able to do the SSO between the EP-->XI
but when i try with EP-->XI->R/3 it is giving me error at the receiver side means receiver soap adapter is not accepting the SAP Logon Ticket.
can u please tell me what entries should be given in the certificate authentication fields.
please provide the solution.
Thanks & Regards
Rinku Gangwani -
All,
I get an error when I try to change a password in AD and sync it to OIM.
Debug [5/24/2011 2:41:17 PM]
***********Inside sgslldpcopenLDAPConnection****************
Debug [5/24/2011 2:41:17 PM]
Debugging the code
Debug [5/24/2011 2:41:17 PM]
***********Out of openLDAPConnection****************
Debug [5/24/2011 2:41:17 PM]
Data Read from Orcl Store
Debug [5/24/2011 2:41:17 PM] Inside sgslutilsplitData
Debug [5/24/2011 2:41:17 PM] Putting data into strstream
Debug [5/24/2011 2:41:17 PM] Get userid len for decryption
Debug [5/24/2011 2:41:17 PM] userid len is
Debug [5/24/2011 2:41:17 PM] 6
Debug [5/24/2011 2:41:17 PM] Remove space
Debug [5/24/2011 2:41:17 PM] Get pasword len for decryption
Debug [5/24/2011 2:41:17 PM] password len is
Debug [5/24/2011 2:41:17 PM] 222
Debug [5/24/2011 2:41:17 PM] Remove space
Debug [5/24/2011 2:41:17 PM] Get Encoder String len
Debug [5/24/2011 2:41:17 PM] encode len is
Debug [5/24/2011 2:41:17 PM] 296
Debug [5/24/2011 2:41:17 PM] Remove space
Debug [5/24/2011 2:41:17 PM] Allocate memory for encodeStr
Debug [5/24/2011 2:41:17 PM] Retrieve encodeStr
Debug [5/24/2011 2:41:17 PM] decode encodeStr
Debug [5/24/2011 2:41:17 PM] Free encodeStr
Debug [5/24/2011 2:41:17 PM] Calling unProtectData for decodeStr
Debug [5/24/2011 2:41:17 PM] Getting decryptStr
Debug [5/24/2011 2:41:17 PM] Free password
Debug [5/24/2011 2:41:17 PM] decrypted ...
Debug [5/24/2011 2:41:17 PM] guidlen =
Debug [5/24/2011 2:41:17 PM] 24
Debug [5/24/2011 2:41:17 PM] password length =
Debug [5/24/2011 2:41:17 PM] 9
Debug [5/24/2011 2:41:17 PM] Returning values now
Debug [5/24/2011 2:41:17 PM]
About to encrypt data to be stored in DataStore
Debug [5/24/2011 2:41:17 PM] GUID outside -->
Debug [5/24/2011 2:41:17 PM] EkN1et4PR0ev7z8Oqd6bAg==
Debug [5/24/2011 2:41:17 PM] x02389
Debug [5/24/2011 2:41:17 PM]
Debug [5/24/2011 2:41:17 PM] Inside sgsloidi::sgsloidiupdateOIM
Debug [5/24/2011 2:41:17 PM] Inside sgsloidi::getConfigParamters
Debug [5/24/2011 2:41:17 PM] Start getting config parameters from registry
Debug [5/24/2011 2:41:17 PM] oimhost is
Debug [5/24/2011 2:41:17 PM] oimprd.cityhall.boston.cob
Debug [5/24/2011 2:41:17 PM]
Debug [5/24/2011 2:41:17 PM] oimport is
Debug [5/24/2011 2:41:17 PM] 8080
Debug [5/24/2011 2:41:17 PM]
Debug [5/24/2011 2:41:17 PM] oimsslclient is
Debug [5/24/2011 2:41:17 PM] oimprd.cityhall.boston.cob
Debug [5/24/2011 2:41:17 PM]
Debug [5/24/2011 2:41:17 PM] oimuserattr is
Debug [5/24/2011 2:41:17 PM] Users.User ID
Debug [5/24/2011 2:41:17 PM]
Debug [5/24/2011 2:41:17 PM] oimusessl is
Debug [5/24/2011 2:41:17 PM] Y
Debug [5/24/2011 2:41:17 PM]
Debug [5/24/2011 2:41:17 PM] oimappservertype is
Debug [5/24/2011 2:41:17 PM] 3
Debug [5/24/2011 2:41:17 PM]
Debug [5/24/2011 2:41:17 PM] End of sgsloidi::getConfigParamters
Debug [5/24/2011 2:41:17 PM] Inside sgsloidi::setParameters
Debug [5/24/2011 2:41:17 PM] The SOAP start element is
Debug [5/24/2011 2:41:17 PM] <processRequest xmlns=""><parameters>
Debug [5/24/2011 2:41:17 PM] The SOAP end element is
Debug [5/24/2011 2:41:17 PM] </parameters></processRequest>
Debug [5/24/2011 2:41:17 PM] The path is
Debug [5/24/2011 2:41:17 PM] /spmlws/services/HttpSoap11
Debug [5/24/2011 2:41:17 PM] End of sgsloidi::setParameters
Debug [5/24/2011 2:41:38 PM] Inside sgsloidiOIMDownErrorHandler
Debug [5/24/2011 2:41:38 PM] Inside sgsladds::sgslperwriteData YOOOO
Debug [5/24/2011 2:41:38 PM] Inside sgsladac c-tor
Debug [5/24/2011 2:41:38 PM] AD Host
Debug [5/24/2011 2:41:38 PM] 192.168.252.12
Debug [5/24/2011 2:41:38 PM]
Debug [5/24/2011 2:41:38 PM] AD Port
Debug [5/24/2011 2:41:38 PM] 389
Debug [5/24/2011 2:41:38 PM]
Debug [5/24/2011 2:41:38 PM] AD Base DN
Debug [5/24/2011 2:41:38 PM] DC=admin,DC=mybps,DC=org
Debug [5/24/2011 2:41:38 PM]
Debug [5/24/2011 2:41:38 PM] Only dataattribute
Debug [5/24/2011 2:41:38 PM] Got Registry enteries
Debug [5/24/2011 2:41:38 PM] contact
Debug [5/24/2011 2:41:38 PM] description
Debug [5/24/2011 2:41:38 PM] Got Entiredn
Debug [5/24/2011 2:41:38 PM] OU=oimpwdsyncadmin.mybps.org,DC=admin,DC=mybps,DC=org
Debug [5/24/2011 2:41:38 PM] Encrypted record already exists in Datastore
Debug [5/24/2011 2:41:38 PM] Already Exists
Debug [5/24/2011 2:41:38 PM] Encrypted record already exists in Datastore
Debug [5/24/2011 2:41:38 PM] Already Exists
Debug [5/24/2011 2:41:38 PM] Inside sgsladdsSearchUser
Debug [5/24/2011 2:41:38 PM] Firing Search Request
Debug [5/24/2011 2:41:38 PM] AD search for a user objectGUID is successfull
Debug [5/24/2011 2:41:38 PM] Count success
Debug [5/24/2011 2:41:38 PM] Search result fetched
Debug [5/24/2011 2:41:38 PM] 0:306 6 222 296 AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAJFqp2tiHmkKsyDTbryXNMQAAAAAmAAAAUABhAHMAcwB3AG8AcgBkACAARQBuAGMAcgBwAHQAaQBvAG4AAAADZgAAqAAAABAAAAAWxMIaiONu/zYSVMLyQgnlAAAAAASAAACgAAAAEAAAAMYI1Yk4XmRO8gS1HPYWp38wAAAA9Ys8VA2AJiZp/LBhRAjOqf2rJl5q0kStqNjFTP67HZ7tKjOp0YupW0AwMZWCgPeMFAAAAEeH1/plpCB9/0JXIRtGZDKTOvnq
Debug [5/24/2011 2:41:38 PM] --------------------&&&----------------
Debug [5/24/2011 2:41:38 PM] Inside sgsladds::sgsladdsgetData NEW Look
Debug [5/24/2011 2:41:38 PM] 0:306 6 222 296 AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAJFqp2tiHmkKsyDTbryXNMQAAAAAmAAAAUABhAHMAcwB3AG8AcgBkACAARQBuAGMAcgBwAHQAaQBvAG4AAAADZgAAqAAAABAAAAAWxMIaiONu/zYSVMLyQgnlAAAAAASAAACgAAAAEAAAAMYI1Yk4XmRO8gS1HPYWp38wAAAA9Ys8VA2AJiZp/LBhRAjOqf2rJl5q0kStqNjFTP67HZ7tKjOp0YupW0AwMZWCgPeMFAAAAEeH1/plpCB9/0JXIRtGZDKTOvnq
Debug [5/24/2011 2:41:38 PM] Encoded Data Extracted in sgsladdsgetData
Debug [5/24/2011 2:41:38 PM] 306 6 222 296 AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAJFqp2tiHmkKsyDTbryXNMQAAAAAmAAAAUABhAHMAcwB3AG8AcgBkACAARQBuAGMAcgBwAHQAaQBvAG4AAAADZgAAqAAAABAAAAAWxMIaiONu/zYSVMLyQgnlAAAAAASAAACgAAAAEAAAAMYI1Yk4XmRO8gS1HPYWp38wAAAA9Ys8VA2AJiZp/LBhRAjOqf2rJl5q0kStqNjFTP67HZ7tKjOp0YupW0AwMZWCgPeMFAAAAEeH1/plpCB9/0JXIRtGZDKTOvnq
Debug [5/24/2011 2:41:38 PM] Moving out sgsladdsgetData
Debug [5/24/2011 2:41:38 PM] Encoded Data Extracted
Debug [5/24/2011 2:41:38 PM] 306 6 222 296 AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAJFqp2tiHmkKsyDTbryXNMQAAAAAmAAAAUABhAHMAcwB3AG8AcgBkACAARQBuAGMAcgBwAHQAaQBvAG4AAAADZgAAqAAAABAAAAAWxMIaiONu/zYSVMLyQgnlAAAAAASAAACgAAAAEAAAAMYI1Yk4XmRO8gS1HPYWp38wAAAA9Ys8VA2AJiZp/LBhRAjOqf2rJl5q0kStqNjFTP67HZ7tKjOp0YupW0AwMZWCgPeMFAAAAEeH1/plpCB9/0JXIRtGZDKTOvnq
Debug [5/24/2011 2:41:38 PM] MAX_RETRY LIMIT count is not updated: OIM is down
Debug [5/24/2011 2:41:38 PM] 0
Debug [5/24/2011 2:41:38 PM] numretries ======
Debug [5/24/2011 2:41:38 PM] 0
Debug [5/24/2011 2:41:38 PM] Inside sgslcodsupdateChild
Debug [5/24/2011 2:41:38 PM] 0:306 6 222 296 AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAJFqp2tiHmkKsyDTbryXNMQAAAAAmAAAAUABhAHMAcwB3AG8AcgBkACAARQBuAGMAcgBwAHQAaQBvAG4AAAADZgAAqAAAABAAAAAWxMIaiONu/zYSVMLyQgnlAAAAAASAAACgAAAAEAAAAMYI1Yk4XmRO8gS1HPYWp38wAAAA9Ys8VA2AJiZp/LBhRAjOqf2rJl5q0kStqNjFTP67HZ7tKjOp0YupW0AwMZWCgPeMFAAAAEeH1/plpCB9/0JXIRtGZDKTOvnq
Debug [5/24/2011 2:41:38 PM]
Encrypted record data updated successfully
Debug [5/24/2011 2:41:38 PM] Inside sgsladac destructor
Debug [5/24/2011 2:41:38 PM] Password updation failed in child process
Debug [5/24/2011 2:41:38 PM]
Relaxing while processing records from datastore
Debug [5/24/2011 2:41:40 PM] Inside sgslutilsplitData
Debug [5/24/2011 2:41:40 PM] Putting data into strstream
Debug [5/24/2011 2:41:40 PM] Get userid len for decryption
Debug [5/24/2011 2:41:40 PM] userid len is
Debug [5/24/2011 2:41:40 PM] 6
Debug [5/24/2011 2:41:40 PM] Remove space
Debug [5/24/2011 2:41:40 PM] Get pasword len for decryption
Debug [5/24/2011 2:41:40 PM] password len is
Debug [5/24/2011 2:41:40 PM] 230
Debug [5/24/2011 2:41:40 PM] Remove space
Debug [5/24/2011 2:41:40 PM] Get Encoder String len
Debug [5/24/2011 2:41:40 PM] encode len is
Debug [5/24/2011 2:41:40 PM] 308
Debug [5/24/2011 2:41:40 PM] Remove space
Debug [5/24/2011 2:41:40 PM] Allocate memory for encodeStr
Debug [5/24/2011 2:41:40 PM] Retrieve encodeStr
Debug [5/24/2011 2:41:40 PM] decode encodeStr
Debug [5/24/2011 2:41:40 PM] Free encodeStr
Debug [5/24/2011 2:41:40 PM] Calling unProtectData for decodeStr
Debug [5/24/2011 2:41:40 PM] Getting decryptStr
Debug [5/24/2011 2:41:40 PM] Free password
Debug [5/24/2011 2:41:40 PM] decrypted ...
Debug [5/24/2011 2:41:40 PM] guidlen =
Debug [5/24/2011 2:41:40 PM] 24
Debug [5/24/2011 2:41:40 PM] password length =
Debug [5/24/2011 2:41:40 PM] 10
Debug [5/24/2011 2:41:40 PM] Returning values now
Debug [5/24/2011 2:41:40 PM]
About to encrypt data to be stored in DataStore
Debug [5/24/2011 2:41:40 PM] GUID outside -->
Debug [5/24/2011 2:41:40 PM] nBykQFvfP0iVvCQvyW/aiQ==
Debug [5/24/2011 2:41:40 PM] x02390
Debug [5/24/2011 2:41:40 PM]
Debug [5/24/2011 2:41:40 PM] Inside sgsloidi::sgsloidiupdateOIM
Debug [5/24/2011 2:41:40 PM] Inside sgsloidi::getConfigParamters
Debug [5/24/2011 2:41:40 PM] Start getting config parameters from registry
Debug [5/24/2011 2:41:40 PM] oimhost is
Debug [5/24/2011 2:41:40 PM] oimprd.cityhall.boston.cob
Debug [5/24/2011 2:41:40 PM]
Debug [5/24/2011 2:41:40 PM] oimport is
Debug [5/24/2011 2:41:40 PM] 8080
Debug [5/24/2011 2:41:40 PM]
Debug [5/24/2011 2:41:40 PM] oimsslclient is
Debug [5/24/2011 2:41:40 PM] oimprd.cityhall.boston.cob
Debug [5/24/2011 2:41:40 PM]
Debug [5/24/2011 2:41:41 PM] oimuserattr is
Debug [5/24/2011 2:41:41 PM] Users.User ID
Debug [5/24/2011 2:41:41 PM]
Debug [5/24/2011 2:41:41 PM] oimusessl is
Debug [5/24/2011 2:41:41 PM] Y
Debug [5/24/2011 2:41:41 PM]
Debug [5/24/2011 2:41:41 PM] oimappservertype is
Debug [5/24/2011 2:41:41 PM] 3
Debug [5/24/2011 2:41:41 PM]
Debug [5/24/2011 2:41:41 PM] End of sgsloidi::getConfigParamters
Debug [5/24/2011 2:41:41 PM] Inside sgsloidi::setParameters
Debug [5/24/2011 2:41:41 PM] The SOAP start element is
Debug [5/24/2011 2:41:41 PM] <processRequest xmlns=""><parameters>
Debug [5/24/2011 2:41:41 PM] The SOAP end element is
Debug [5/24/2011 2:41:41 PM] </parameters></processRequest>
Debug [5/24/2011 2:41:41 PM] The path is
Debug [5/24/2011 2:41:41 PM] /spmlws/services/HttpSoap11
Debug [5/24/2011 2:41:41 PM] End of sgsloidi::setParameters
Debug [5/24/2011 2:42:01 PM] Inside sgsloidiOIMDownErrorHandler
Debug [5/24/2011 2:42:01 PM] Inside sgsladds::sgslperwriteData YOOOO
Debug [5/24/2011 2:42:01 PM] Inside sgsladac c-tor
Debug [5/24/2011 2:42:01 PM] AD Host
Debug [5/24/2011 2:42:01 PM] 192.168.252.12
Debug [5/24/2011 2:42:01 PM]
Debug [5/24/2011 2:42:01 PM] AD Port
Debug [5/24/2011 2:42:01 PM] 389
Debug [5/24/2011 2:42:01 PM]
Debug [5/24/2011 2:42:01 PM] AD Base DN
Debug [5/24/2011 2:42:01 PM] DC=admin,DC=mybps,DC=org
Debug [5/24/2011 2:42:01 PM]
Debug [5/24/2011 2:42:01 PM] Only dataattribute
Debug [5/24/2011 2:42:01 PM] Got Registry enteries
Debug [5/24/2011 2:42:01 PM] contact
Debug [5/24/2011 2:42:01 PM] description
Debug [5/24/2011 2:42:01 PM] Got Entiredn
Debug [5/24/2011 2:42:01 PM] OU=oimpwdsyncadmin.mybps.org,DC=admin,DC=mybps,DC=org
Debug [5/24/2011 2:42:01 PM] Encrypted record already exists in Datastore
Debug [5/24/2011 2:42:01 PM] Already Exists
Debug [5/24/2011 2:42:01 PM] Encrypted record already exists in Datastore
Debug [5/24/2011 2:42:01 PM] Already Exists
Debug [5/24/2011 2:42:01 PM] Inside sgsladdsSearchUser
Debug [5/24/2011 2:42:01 PM] Firing Search Request
Debug [5/24/2011 2:42:01 PM] AD search for a user objectGUID is successfull
Debug [5/24/2011 2:42:01 PM] Count success
Debug [5/24/2011 2:42:01 PM] Search result fetched
Debug [5/24/2011 2:42:01 PM] 0:318 6 230 308 AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAJFqp2tiHmkKsyDTbryXNMQAAAAAmAAAAUABhAHMAcwB3AG8AcgBkACAARQBuAGMAcgBwAHQAaQBvAG4AAAADZgAAqAAAABAAAAB4zc1WOQi1O89gt9yPTPQaAAAAAASAAACgAAAAEAAAAO6jrhYFzep1GBjUEY3rhTU4AAAA5YMKvxhm7XLSGZafTPPYXG9eBTKtlwitIWhX4ZSgyEdO7yIatkBoZT2CCBEXfIlVT0tSjF47qTgUAAAA5ppQOjx3VeDh8ps3leGg9D+eSIs=
Debug [5/24/2011 2:42:01 PM] --------------------&&&----------------
Debug [5/24/2011 2:42:01 PM] Inside sgsladds::sgsladdsgetData NEW Look
Debug [5/24/2011 2:42:01 PM] 0:318 6 230 308 AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAJFqp2tiHmkKsyDTbryXNMQAAAAAmAAAAUABhAHMAcwB3AG8AcgBkACAARQBuAGMAcgBwAHQAaQBvAG4AAAADZgAAqAAAABAAAAB4zc1WOQi1O89gt9yPTPQaAAAAAASAAACgAAAAEAAAAO6jrhYFzep1GBjUEY3rhTU4AAAA5YMKvxhm7XLSGZafTPPYXG9eBTKtlwitIWhX4ZSgyEdO7yIatkBoZT2CCBEXfIlVT0tSjF47qTgUAAAA5ppQOjx3VeDh8ps3leGg9D+eSIs=
Debug [5/24/2011 2:42:02 PM] Encoded Data Extracted in sgsladdsgetData
Debug [5/24/2011 2:42:02 PM] 318 6 230 308 AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAJFqp2tiHmkKsyDTbryXNMQAAAAAmAAAAUABhAHMAcwB3AG8AcgBkACAARQBuAGMAcgBwAHQAaQBvAG4AAAADZgAAqAAAABAAAAB4zc1WOQi1O89gt9yPTPQaAAAAAASAAACgAAAAEAAAAO6jrhYFzep1GBjUEY3rhTU4AAAA5YMKvxhm7XLSGZafTPPYXG9eBTKtlwitIWhX4ZSgyEdO7yIatkBoZT2CCBEXfIlVT0tSjF47qTgUAAAA5ppQOjx3VeDh8ps3leGg9D+eSIs=
Debug [5/24/2011 2:42:02 PM] Moving out sgsladdsgetData
Debug [5/24/2011 2:42:02 PM] Encoded Data Extracted
Debug [5/24/2011 2:42:02 PM] 318 6 230 308 AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAJFqp2tiHmkKsyDTbryXNMQAAAAAmAAAAUABhAHMAcwB3AG8AcgBkACAARQBuAGMAcgBwAHQAaQBvAG4AAAADZgAAqAAAABAAAAB4zc1WOQi1O89gt9yPTPQaAAAAAASAAACgAAAAEAAAAO6jrhYFzep1GBjUEY3rhTU4AAAA5YMKvxhm7XLSGZafTPPYXG9eBTKtlwitIWhX4ZSgyEdO7yIatkBoZT2CCBEXfIlVT0tSjF47qTgUAAAA5ppQOjx3VeDh8ps3leGg9D+eSIs=
Debug [5/24/2011 2:42:02 PM] MAXRETRY LIMIT count is not updated: OIM is down_+*
Debug [5/24/2011 2:42:02 PM] 0
Debug [5/24/2011 2:42:02 PM] numretries ======
Debug [5/24/2011 2:42:02 PM] 0
Debug [5/24/2011 2:42:02 PM] Inside sgslcodsupdateChild
Debug [5/24/2011 2:42:02 PM] 0:318 6 230 308 AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAJFqp2tiHmkKsyDTbryXNMQAAAAAmAAAAUABhAHMAcwB3AG8AcgBkACAARQBuAGMAcgBwAHQAaQBvAG4AAAADZgAAqAAAABAAAAB4zc1WOQi1O89gt9yPTPQaAAAAAASAAACgAAAAEAAAAO6jrhYFzep1GBjUEY3rhTU4AAAA5YMKvxhm7XLSGZafTPPYXG9eBTKtlwitIWhX4ZSgyEdO7yIatkBoZT2CCBEXfIlVT0tSjF47qTgUAAAA5ppQOjx3VeDh8ps3leGg9D+eSIs=
Debug [5/24/2011 2:42:02 PM]
Encrypted record data updated successfully
Debug [5/24/2011 2:42:02 PM] Inside sgsladac destructor
Debug [5/24/2011 2:42:02 PM] Password updation failed in child process+_
Debug [5/24/2011 2:42:02 PM]
About to UNBIND datastore after processing the Records
Debug [5/24/2011 2:42:02 PM]
Deleting datastore object pointer
Thanks,
Mincorrect port number
-
Sync error using Desktop v. 6 - what does error message mean
Desktop v6 returns error 0x8004fceb. What does that mean and how do I resolve it? Thank for your assistance.
Apparently, the search method you used had certain limits.
Please directly delete that file:
1. Launch Terminal.app (/Applications/Utilities/Terminal.app)
2. Enter (or copy&paste) the following command into the Terminal window and press Enter:
sudo mv /usr/local/cuda/lib/libcuda.dylib /usr/local/cuda/lib/libcuda.backup.dylib
The command must be entered in one line.
After Enter is pressed, the system will ask to enter your admin account password.
That should be it.
Thank you,
Vlad
Its something to do with the CUDA drivers. Hope it helps this fixed mine
si -
We are trying to get ADDSync to work with Office 365.
servers: Windows 2012 r2
Environment: ADDSYNC
Cloud Service: Office 365
Federated Domain Services are setup and working
Our ADDsync (used to be dirsync) isn’t running properly anymore. We deleted a ton of test accounts, but some of them still existing only in the metaverse, they are gone in office365 and in our local ad. How do we get rid of them, they are getting sync-generic-failures.
I've tried full sync on both connectors but each time it gives sync-generic-failure. How do I remove the item from the metasync. There are accounts about 1400 accounts that only exist in the metaverse. They are no longer in active directory or in the cloud.
I've asked around the office 365 forum but no one seems to know how to get rid of the accounts from the metaverse.
Thanks,
MikeSo If I get this right, you have orphan objects in MV. Not connected to anything.
In that case, If they are only in MV, this is a way to do - not supported though AND NOT RECOMENDED - yet the only option sometimes.
1. Back up the FIMSynchronizationService DB.
2. Go to SQL Database FIMSynchronizationService and run a query
"DELETE * From mms.metaverse where connector is NULL". Please check the syntax of the query as I am not 100% sure. Should be something along those lines.
Run a select before deleting, to see if these are in fact the accounts your are looking for, due diligence, etc.
Nosh Mernacaj, Identity Management Specialist -
DirSync + PwdSync - Passwords not syncing, error 611 Unable to open connection to domain
Hello Everyone.
I've installed and configured DirSync with Password Sync (PwdSync) in a forest with 4 domains.
I'm using the most recent DirSync installation at the date of this post, 6475.0007.
The domain structure is
Parent Domain
- Child Domain 1
-- 'Grand' Child Domain 1
- Child Domain 2
I am successfully syncing users from Child Domain 1 only. I'm using container filtering to sync only 1 selected OU at this stage while I'm testing before deployment.
User's in the selected OU are syncing and AD details are correct. To filter out the domains I didn't want to sync, I had to create an empty OU in each domain and select to sync it. Also in each domain I had to create an account with the
same username and password as the Enterprise account I set up for DirSync.
I enabled Password Sync while using the Windows Azure Active Directory Configuration tool.
After a full sync I receive a 611 error in the Application Log, source Directory Synchronization.
Password synchronization failed for domain: child1.domain.com . Details:
Microsoft.Online.PasswordSynchronization.SynchronizationManagerException: Unable to open connection to domain:
child1.domain.com .
Error: There was an error creating the connection context. ---> Microsoft.Online.PasswordSynchronization.DirectoryReplicationServices.DrsException: There was an error creating the connection context. --->
Microsoft.Online.PasswordSynchronization.DirectoryReplicationServices.DrsSecurityException:
RPC Error 5 : Access is denied. Error creating DRS context handle.
It appears that it's not enough to tick the box to enable Password Sync.
I got a successful sync only after I did the following:
On the DirSync server, opened C:\Program Files\Windows Azure Active Directory Sync\DirSyncConfigShell.psc1
Run the command Enable-MSOnlinePasswordSync
Log in with the Enterprise Admin credentials for the forest
Run the command Start-OnlineCoExistenceSync to begin a sync
I verified the password sync worked successfully with my synced users.
Maybe I missed something in the instructions but I only tried this after reading a blog post by Jethro Seghers. Thanks Jethro!Your 4 steps are essentially already included during the normal setup wizard process, with the exception of #3. Because DirSync runs as a service, you logging in to windows as an enterprise admin is not required. It is possible however that
there were replication or other delays in your multi-domain environment.
Mike Crowley | MVP
My Blog --
Planet Technologies -
AD Password Sync connector 9.1.1 With OIM 11g R2 - ERROR OVER SSL
I have set up AD password sync with from AD to OIM 11G R2
The password syncs from AD to OIM 11G R2 on non ssl port 389.
But if fails on SSL Port 636.
Errors in OIMMain.Log:_
Debug [10/11/2012 10:49:34 AM] Inside ConnectToADSI
Debug [10/11/2012 10:49:34 AM]
ldap_connect failed with
Debug [10/11/2012 10:49:34 AM] Server Down
Debug [10/11/2012 10:49:34 AM]
Steps Carried Out thus far:_
AD is up and running.
Configured AD Password Sync Connector on 636 and selected ssl.
Created Certificate on OIM host, configured custom identity key store on weblogic. Restarted Weblogic.
Imported Certificate to AD. After this, restarted the AD
I can Telnet port 636 from OIM Box and also connect to AD through LDAP Browser on 636 and view OU and CN, so this seems fine.
Provisioning from OIM through Connector Server to AD works over SSL and this works fine.
Help would be appreciated.
Many ThanksThis question is now been fixed.
Instead of explicitly stating 636 for SSL,
Use the same port 389 for ssl and also configured oim port to be 140001 which is the ssl port for oim in the configuration of OIM Password Sync.
Export Certificates from AD to java security keystore and to weblogic keystore
Export .pem certificate created on OIM host machine to AD.
Restart weblogic, oim and AD
Everything would work fine.
For all the other information, refer to doc.
Thanks -
Password Sync Connector Error 11gR2
Hi all,
I am using following products
IDM 11.1.2.0,
activedirectory-11.1.1.5.0 connector with Patch P14190610_111150_Generic.
MSFT_PSync_91150 for Password Sync.
Please let me know that AD Password Sync Connector 9.1.1.5 can be configured with OIM *11gR2* ?
Because I am getting error *"Password updation failed in child process "* I have used the same connector with OIM 11.1.1.5.0 (11gR1) and it was working fine. do i need to make any changes / settings in the OIM for AD Resource also?
Thanksthanks for your reply,
Please can you help me on the following ....
I have installed AD PasswordSync Connector 9.1.1.5.0 (MSFT_AD_PSync_9.1.1.5.0) with newly released patch MSFT_AD_PSync_9.1.1.5.6 (patch 14627510). I am getting error that Password updation failed in child process
its not making any sence as the same connector was working fine with 11gR1. I have uninstalled and reconfigured the connector but no luck.
Can you through some light on it?
what i think that there is some communication issue between IDM and AD server, I have check the communication and found no issue. is it that SSL is compulsory for this connector although its not mentioned in any of the document.
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
ebug [10/09/12 14:09:27] Inside sgsloidi::setParameters
Debug [10/09/12 14:09:27] The SOAP start element is
Debug [10/09/12 14:09:27] <processRequest xmlns=""><sOAPElement>
Debug [10/09/12 14:09:27] The SOAP end element is
Debug [10/09/12 14:09:27] </sOAPElement></processRequest>
Debug [10/09/12 14:09:27] The path is
Debug [10/09/12 14:09:27] /spmlws/OIMProvisioning
Debug [10/09/12 14:09:27] End of sgsloidi::setParameters
Debug [10/09/12 14:09:27] Begin function sgsloidi::queryADUserAttribute()
Debug [10/09/12 14:09:27] Inside sgsladac c-tor
Debug [10/09/12 14:09:27] AD Host
Debug [10/09/12 14:09:27] 172.20.20.135
Debug [10/09/12 14:09:27]
Debug [10/09/12 14:09:27] AD Port
Debug [10/09/12 14:09:27] 389
Debug [10/09/12 14:09:27]
Debug [10/09/12 14:09:27] AD Base DN
Debug [10/09/12 14:09:27] DC=YYYt,DC=vvv,DC=www
Debug [10/09/12 14:09:27]
Debug [10/09/12 14:09:27] Inside ConnectToADSI
Debug [10/09/12 14:09:27]
ADSI Bind success full
Debug [10/09/12 14:09:27] Begin function sgsladac::searchAttrValue()
Debug [10/09/12 14:09:27] [Base DN : DC=yyy,DC=vvv,DC=www]; [Filter : (&(objectClass=user)(samAccountName=IDM005))]; [Attribute : samAccountName]
Debug [10/09/12 14:09:27] Search success with one result.
Debug [10/09/12 14:09:27] End function sgsladac::searchAttrValue()
Debug [10/09/12 14:09:27] End function sgsloidi::queryADUserAttribute()
Debug [10/09/12 14:09:27] Inside sgsladac destructor
Debug [10/09/12 14:09:27] <env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/"><env:Header/><env:Body><env:Fault><faultcode>env:Client</faultcode><faultstring>Unknown method</faultstring></env:Fault></env:Body></env:Envelope>
Debug [10/09/12 14:09:27] Inside sgsloidiOIMGeneralErrorHandler
Debug [10/09/12 14:09:27] Unable to update IDM005. There are error messages in the searchReponse. Please check log for details
Debug [10/09/12 14:09:27] Inside sgsladds::sgslperwriteData YOOOO
Debug [10/09/12 14:09:27] Inside sgsladac c-tor
Debug [10/09/12 14:09:27] AD Host
Debug [10/09/12 14:09:27] 172.20.20.135
Debug [10/09/12 14:09:27]
Debug [10/09/12 14:09:27] AD Port
Debug [10/09/12 14:09:27] 389
Debug [10/09/12 14:09:27]
Debug [10/09/12 14:09:27] AD Base DN
Debug [10/09/12 14:09:27] DC=yyy,DC=vvv,DC=www
Debug [10/09/12 14:09:27]
Debug [10/09/12 14:09:27] Only dataattribute
Debug [10/09/12 14:09:27] Got Registry enteries
Debug [10/09/12 14:09:27] contact
Debug [10/09/12 14:09:27] description
Debug [10/09/12 14:09:27] Got Entiredn
Debug [10/09/12 14:09:27] OU=oimpwdsyncmoetest.gov.kw,ou=OIMADPasswordSync,DC=yyy,DC=vv,DC=wwww
Debug [10/09/12 14:09:27] Encrypted record already exists in Datastore
Debug [10/09/12 14:09:27] Already Exists
Debug [10/09/12 14:09:27] Encrypted record already exists in Datastore
Debug [10/09/12 14:09:27] Already Exists
Debug [10/09/12 14:09:27] Inside sgsladdsSearchUser
Debug [10/09/12 14:09:27] Firing Search Request
Debug [10/09/12 14:09:27] AD search for a user objectGUID is successfull
Debug [10/09/12 14:09:27] Count success
Debug [10/09/12 14:09:27] Search result fetched
Debug [10/09/12 14:09:27] 0:430 6 314 420 AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAn+Kii3Krv0GOKE3aE8a/vwAAAAAmAAAAUABhAHMAcwB3AG8AcgBkACAARQBuAGMAcgBwAHQAaQBvAG4AAAAQZgAAAAEAACAAAADVc9Vqwy5JzRFSKTMKlZcowXUmtY/Giw1nYgIz01HZQgAAAAAOgAAAAAIAACAAAADnr10j8OQlKm35BMRt7yKNNQYNeR2JRPMQrlWheBs3XUAAAAB6it/wjG20tJgo5T9euni2Jldb/agmY5RDsoKVpvLnHAkptSd4OUIIaysGAWkqfv9iK69FtzUuh+DcmgkdSLtOQAAAAGMpkx8yFJaKXwnzoCZyElCZbrzdg5f3GNj+S56lk4/UpVij9hFk5VeysObVw21NClzmGnuiBRtO+WF+LzChEUM=
Debug [10/09/12 14:09:27] --------------------&&&----------------
Debug [10/09/12 14:09:27] Inside sgsladds::sgsladdsgetData NEW Look
Debug [10/09/12 14:09:27] 0:430 6 314 420 AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAn+Kii3Krv0GOKE3aE8a/vwAAAAAmAAAAUABhAHMAcwB3AG8AcgBkACAARQBuAGMAcgBwAHQAaQBvAG4AAAAQZgAAAAEAACAAAADVc9Vqwy5JzRFSKTMKlZcowXUmtY/Giw1nYgIz01HZQgAAAAAOgAAAAAIAACAAAADnr10j8OQlKm35BMRt7yKNNQYNeR2JRPMQrlWheBs3XUAAAAB6it/wjG20tJgo5T9euni2Jldb/agmY5RDsoKVpvLnHAkptSd4OUIIaysGAWkqfv9iK69FtzUuh+DcmgkdSLtOQAAAAGMpkx8yFJaKXwnzoCZyElCZbrzdg5f3GNj+S56lk4/UpVij9hFk5VeysObVw21NClzmGnuiBRtO+WF+LzChEUM=
Debug [10/09/12 14:09:27] Encoded Data Extracted in sgsladdsgetData
Debug [10/09/12 14:09:27] 430 6 314 420 AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAn+Kii3Krv0GOKE3aE8a/vwAAAAAmAAAAUABhAHMAcwB3AG8AcgBkACAARQBuAGMAcgBwAHQAaQBvAG4AAAAQZgAAAAEAACAAAADVc9Vqwy5JzRFSKTMKlZcowXUmtY/Giw1nYgIz01HZQgAAAAAOgAAAAAIAACAAAADnr10j8OQlKm35BMRt7yKNNQYNeR2JRPMQrlWheBs3XUAAAAB6it/wjG20tJgo5T9euni2Jldb/agmY5RDsoKVpvLnHAkptSd4OUIIaysGAWkqfv9iK69FtzUuh+DcmgkdSLtOQAAAAGMpkx8yFJaKXwnzoCZyElCZbrzdg5f3GNj+S56lk4/UpVij9hFk5VeysObVw21NClzmGnuiBRtO+WF+LzChEUM=
Debug [10/09/12 14:09:27] Moving out sgsladdsgetData
Debug [10/09/12 14:09:27] Encoded Data Extracted
Debug [10/09/12 14:09:27] 430 6 314 420 AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAn+Kii3Krv0GOKE3aE8a/vwAAAAAmAAAAUABhAHMAcwB3AG8AcgBkACAARQBuAGMAcgBwAHQAaQBvAG4AAAAQZgAAAAEAACAAAADVc9Vqwy5JzRFSKTMKlZcowXUmtY/Giw1nYgIz01HZQgAAAAAOgAAAAAIAACAAAADnr10j8OQlKm35BMRt7yKNNQYNeR2JRPMQrlWheBs3XUAAAAB6it/wjG20tJgo5T9euni2Jldb/agmY5RDsoKVpvLnHAkptSd4OUIIaysGAWkqfv9iK69FtzUuh+DcmgkdSLtOQAAAAGMpkx8yFJaKXwnzoCZyElCZbrzdg5f3GNj+S56lk4/UpVij9hFk5VeysObVw21NClzmGnuiBRtO+WF+LzChEUM=
Debug [10/09/12 14:09:27] Incrementing the MAX_RETRY LIMIT:
Debug [10/09/12 14:09:27] 1
Debug [10/09/12 14:09:27] numretries ======
Debug [10/09/12 14:09:27] 1
Debug [10/09/12 14:09:27] Inside sgslcodsupdateChild
Debug [10/09/12 14:09:27] 1:430 6 314 420 AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAn+Kii3Krv0GOKE3aE8a/vwAAAAAmAAAAUABhAHMAcwB3AG8AcgBkACAARQBuAGMAcgBwAHQAaQBvAG4AAAAQZgAAAAEAACAAAADVc9Vqwy5JzRFSKTMKlZcowXUmtY/Giw1nYgIz01HZQgAAAAAOgAAAAAIAACAAAADnr10j8OQlKm35BMRt7yKNNQYNeR2JRPMQrlWheBs3XUAAAAB6it/wjG20tJgo5T9euni2Jldb/agmY5RDsoKVpvLnHAkptSd4OUIIaysGAWkqfv9iK69FtzUuh+DcmgkdSLtOQAAAAGMpkx8yFJaKXwnzoCZyElCZbrzdg5f3GNj+S56lk4/UpVij9hFk5VeysObVw21NClzmGnuiBRtO+WF+LzChEUM=
Debug [10/09/12 14:09:27]
Encrypted record data updated successfully
Debug [10/09/12 14:09:27] Inside sgsladac destructor
Debug [10/09/12 14:09:27] End of sgsloidiOIMGeneralErrorHandler
Debug [10/09/12 14:09:27] Password updation failed in child process
Debug [10/09/12 14:09:27]
Relaxing while processing records from datastore
Debug [10/09/12 14:09:29]
About to UNBIND datastore after processing the Records
Debug [10/09/12 14:09:29]
Deleting datastore object pointer
Debug [10/09/12 14:09:30] Datastore --- Connect to AD
Debug [10/09/12 14:09:30] -
Hello All,
I am trying use the password sync util which is part of the Identity Manager aka Waveset Lighthouse to capture the password changes on Active Directory and pass it to an LDAP server.
It intercepts the password change on the Active Directory side but then throws the following error
Can not create the object of the CLSID_IDMgrClient! CoCreateInstance: 0X80040154: , , Class not registered
02/02/2005 16.54.57.547000 [2068] (../../../../src/wps/passwordsync/service/pwicsvc.cpp,321): Exit: GetClient
02/02/2005 16.54.57.547000 [2068] (../../../../src/wps/passwordsync/service/pwicsvc.cpp,450): **ERROR: Failed to get soap client.
02/02/2005 16.54.57.547000 [2068] (../../../../src/wps/passwordsync/service/pwicsvc.cpp,402): Waiting for client.Requests Processed: 1 failures: 0
The AD is on a Windows 2003.
Has anyone tried to use the password sync util, if so can you tell me what I am doing wrong?
Thank you
Cheers
VamsiHi..
Here is what I have done.. and the error log
I have upgraded Sun IDM 5.0 to SP3 and also installed PwSync with .NET 1.1. That went fine. I have also gone through the registry, and changed the 'tracelevel' attribute to level 4.
Now here are the questions-
1) No where I could see the two parameters, 'passwordSyncThreshold' and 'passwordSyncExcludeList' , to which according to the .pdf we have to set. So from where I should set those parameter's values?
2) Some times I get the trace file with errors like ---
07/20/2005 17.46.18.232000 [1940] (../../../src/wps/passwordsync/WSTrace.cpp,150): trace active, level: 4, file: C:\Program Files\Sun\Identity Manager\PasswordSync\pwicsvc.log, maxSize: 10000 KB
07/20/2005 17.46.18.232000 [1940] (../../../src/wps/passwordsync/WSTrace.cpp,109): In WSTrace::init()
07/20/2005 17.46.18.232000 [1940] (../../../src/wps/passwordsync/WSTrace.cpp,110): Version: 'Sun Identity Manager 5.0 (20041020 SP 2)'
07/20/2005 17.46.18.232000 [1940] (../../../../src/wps/passwordsync/service/pwicsvc.cpp,594): Enter: ReadRegisterySettings
07/20/2005 17.46.18.232000 [1940] (../../../../src/wps/passwordsync/service/pwicsvc.cpp,637): Error reading USE_SSL from registry.
07/20/2005 17.46.18.232000 [1940] (../../../../src/wps/passwordsync/service/pwicsvc.cpp,666): Proxy Port: 8080
07/20/2005 17.46.18.232000 [1940] (../../../../src/wps/passwordsync/service/pwicsvc.cpp,751): Error reading SecurityFlags from registry.
07/20/2005 17.46.18.232000 [1940] (../../../../src/wps/passwordsync/service/pwicsvc.cpp,763): Error reading ConnectionFlags from registry.
07/20/2005 17.46.18.242000 [1940] (../../../../src/wps/passwordsync/service/pwicsvc.cpp,779): Exit: ReadRegisterySettings
07/20/2005 17.46.18.252000 [1940] (../../../../src/wps/passwordsync/service/pwicsvc.cpp,511): WINVER: Windows Active Directory
07/20/2005 17.46.18.262000 [1940] (../../../../src/wps/passwordsync/service/pwicsvc.cpp,557): Service::svc
07/20/2005 17.46.18.272000 [1940] (../../../../src/wps/passwordsync/service/pwicsvc.cpp,374): Enter: waitForIntercepts
07/20/2005 17.46.18.282000 [1940] (../../../../src/wps/passwordsync/service/pwicsvc.cpp,402): Waiting for client.Requests Processed: 0 failures: 0
4) And some times :
after registering DotNetWrapper.DLL file manually i get this trace..
read from pipe
Request: TSALL2600J238DMKGK2JDJJ2
Getting new soap client
Enter: GetClient
Soap client created.
Client timesout: 10000
Proxy Server not specified.
Endpont URL: http://10.0.0.10:8080/idm/servlet/rpcrouter2
SSL Disabled
RAEncryptor: Decrypt3DES :Input length (16) moded to 2
Login failed error code: -2147221164 (I am giving Username : configurator, passwd: configurator)
Disassemblling Client
Exit : Get Client
"ERROR: Failed to get soap client
Waiting for client. Request proccessed : 1 Failure: 0
Am I going wrong somewhere...
Plz help me to overcome he problem..
Thanking You in advance... -
Error in installing the Password Sync connector
Hello friends,
I am installing the Active Directory Connector Password Sync on the domain controller, these are the results of the installation log. Any suggestions to solve the problem. thanks
(Oct 14, 2011 9:08:39 AM), Install, com.installshield.wizard.platform.win32.Win32PPKRegistryServiceImpl, dbg.registry, reading VPD from C:\WINDOWS\vpd.properties
(Oct 14, 2011 10:11:33 AM), Install, com.oracle.installshield.adpwd.getAttributeVal, dbg, defaultNamingContext
(Oct 14, 2011 10:11:33 AM), Install, com.oracle.installshield.adpwd.getAttributeVal, err, [LDAP: error code 1 - 00000000: LdapErr: DSID-0C090627, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, vece ]
(Oct 14, 2011 10:11:33 AM), Install, com.oracle.installshield.adpwd.getDomainName, dbg, dnsHostName
(Oct 14, 2011 10:11:33 AM), Install, com.oracle.installshield.adpwd.getDomainName, err, [LDAP: error code 1 - 00000000: LdapErr: DSID-0C090627, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, vece ]
(Oct 14, 2011 10:27:06 AM), Install, com.oracle.installshield.adpwd.pathValidator, err, could not create directory D:\$P(absoluteInstallLocation)
(Oct 14, 2011 10:28:16 AM), Install, com.oracle.installshield.adpwd.pathValidator, err, could not create directory D:\$P(absoluteInstallLocation)
(Oct 14, 2011 10:28:34 AM), Install, com.oracle.installshield.adpwd.pathValidator, err, could not create directory D:\$P(absoluteInstallLocation)
(Oct 14, 2011 10:28:46 AM), Install, com.oracle.installshield.adpwd.pathValidator, err, could not create directory D:\$P(absoluteInstallLocation)
(Oct 14, 2011 10:29:09 AM), Install, com.oracle.installshield.adpwd.pathValidator, dbg, C:\Progra~1\oracle\OIMADPasswordSync\Logs Directory already exists
(Oct 14, 2011 10:30:07 AM), Install, com.oracle.installshield.adpwd.pathValidator, dbg, C:\Progra~1\oracle\OIMADPasswordSync\Logs Directory already exists
(Oct 14, 2011 10:41:49 AM), Install, com.installshield.wizard.platform.win32.Win32JVMServiceImpl, dbg.jvm, calculating size from directory C:\DOCUME~1\user\LOCALS~1\Temp\LRE1.tmp
(Oct 14, 2011 10:41:49 AM), Install, com.installshield.wizard.platform.win32.Win32JVMServiceImpl, dbg.jvm, calculating size from directory C:\DOCUME~1\user\LOCALS~1\Temp\LRE1.tmp
(Oct 14, 2011 10:41:58 AM), Install, com.installshield.product.actions.UninstallerJVMResolution, dbg.jvm, attempting to use the current JVM
(Oct 14, 2011 10:41:58 AM), Install, com.installshield.product.actions.UninstallerJVMResolution, dbg.jvm, copying the current JVM
(Oct 14, 2011 10:41:58 AM), Install, com.installshield.wizard.platform.win32.Win32JVMServiceImpl, dbg.jvm, copying directory C:\DOCUME~1\user\LOCALS~1\Temp\LRE1.tmp to C:\Program Files\oracle\OIMADPasswordSync\_jvm
(Oct 14, 2011 10:42:03 AM), Install, com.installshield.wizard.platform.win32.Win32JVMServiceImpl, dbg.jvm, JVM_HOME = C:\Program Files\oracle\OIMADPasswordSync\_jvm
(Oct 14, 2011 10:42:03 AM), Install, com.installshield.wizard.platform.win32.Win32ProductServiceImpl, dbg.install, JVM memory before installing Files (files): free=16516032 total=20971520
(Oct 14, 2011 10:42:03 AM), Install, com.installshield.wizard.platform.win32.Win32ProductServiceImpl, msg1, installing Files (files)
(Oct 14, 2011 10:42:03 AM), Install, com.installshield.wizard.platform.win32.Win32ProductServiceImpl, dbg.install, JVM memory after installing Files (files): free=16258032 total=20971520
(Oct 14, 2011 10:42:03 AM), Install, com.installshield.wizard.platform.win32.Win32ProductServiceImpl, dbg.install, JVM memory before installing Files (dlls): free=16241712 total=20971520
(Oct 14, 2011 10:42:03 AM), Install, com.installshield.wizard.platform.win32.Win32ProductServiceImpl, msg1, installing Files (dlls)
(Oct 14, 2011 10:42:03 AM), Install, com.installshield.wizard.platform.win32.Win32ProductServiceImpl, dbg.install, JVM memory after installing Files (dlls): free=17534280 total=20971520
(Oct 14, 2011 10:42:03 AM), Install, com.installshield.wizard.platform.win32.Win32ProductServiceImpl, dbg.install, JVM memory before installing Win32 Registry Update (registryUpdate): free=17517840 total=20971520
(Oct 14, 2011 10:42:03 AM), Install, com.installshield.wizard.platform.win32.Win32ProductServiceImpl, msg1, installing Win32 Registry Update (registryUpdate)
(Oct 14, 2011 10:42:03 AM), Install, com.installshield.wizard.platform.win32.Win32ProductServiceImpl, dbg.install, JVM memory after installing Win32 Registry Update (registryUpdate): free=16909032 total=20971520
(Oct 14, 2011 10:42:03 AM), Install, com.installshield.wizard.platform.win32.Win32ProductServiceImpl, dbg.install, JVM memory before installing Create Directory (createLogDir): free=16892816 total=20971520
(Oct 14, 2011 10:42:03 AM), Install, com.installshield.wizard.platform.win32.Win32ProductServiceImpl, msg1, installing Create Directory (createLogDir)
(Oct 14, 2011 10:42:03 AM), Install, com.installshield.wizard.platform.win32.Win32ProductServiceImpl, dbg.install, JVM memory after installing Create Directory (createLogDir): free=16838120 total=20971520
(Oct 14, 2011 10:42:03 AM), Install, com.installshield.wizard.platform.win32.Win32PPKRegistryServiceImpl, dbg.registry, writing VPD to C:\WINDOWS\vpd.properties
(Oct 14, 2011 10:42:06 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, Reading in ASCII file C:\Program Files\oracle\OIMADPasswordSync\prepAD.ldif.
(Oct 14, 2011 10:42:06 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, /REPLACE TEXT: orclpwfbasedn ON LINE: 7/
(Oct 14, 2011 10:42:06 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, ou: oimpwdsyncdomain.inet
(Oct 14, 2011 10:42:06 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, /REPLACE TEXT: orclpwfbasedn ON LINE: 5/
(Oct 14, 2011 10:42:06 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, name: oimpwdsyncdomain.inet
(Oct 14, 2011 10:42:06 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, /REPLACE TEXT: orclpwfbasedn ON LINE: 3/
(Oct 14, 2011 10:42:06 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, OU=oimpwdsyncdomain.inet,persistentstore,domaindn
(Oct 14, 2011 10:42:06 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, /REPLACE TEXT: orclpwfbasedn ON LINE: 0/
(Oct 14, 2011 10:42:06 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, dn: OU=oimpwdsyncdomain.inet,persistentstore,domaindn
(Oct 14, 2011 10:42:06 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, /REPLACE TEXT: domaindn ON LINE: 3/
(Oct 14, 2011 10:42:06 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, OU=oimpwdsyncdomain.inet,persistentstore,DC=domain,DC=inet
(Oct 14, 2011 10:42:06 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, /REPLACE TEXT: domaindn ON LINE: 0/
(Oct 14, 2011 10:42:06 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, dn: OU=oimpwdsyncdomain.inet,persistentstore,DC=domain,DC=inet
(Oct 14, 2011 10:42:06 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, /REPLACE TEXT: persistentstore ON LINE: 3/
(Oct 14, 2011 10:42:06 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, OU=oimpwdsyncdomain.inet,ou=IDM-quota,DC=domain,DC=inet
(Oct 14, 2011 10:42:06 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, /REPLACE TEXT: persistentstore ON LINE: 0/
(Oct 14, 2011 10:42:06 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, dn: OU=oimpwdsyncdomain.inet,ou=IDM-quota,DC=domain,DC=inet
(Oct 14, 2011 10:42:06 AM), Install, com.oracle.installshield.adpwd.ldapModify, err, in Create the initial directory context
(Oct 14, 2011 10:42:06 AM), Install, com.oracle.installshield.adpwd.ldapModify, err, Request: 1 cancelled
(Oct 14, 2011 10:42:06 AM), Install, com.oracle.installshield.adpwd.ldapModify, dbg, C:\Program Files\oracle\OIMADPasswordSync\prepAD.ldif
(Oct 14, 2011 10:42:06 AM), Install, com.oracle.installshield.adpwd.ldapModify, err, gen exp
(Oct 14, 2011 10:42:06 AM), Install, com.oracle.installshield.adpwd.ldapModify, err, null
(Oct 14, 2011 10:55:13 AM), Install, com.installshield.wizard.platform.win32.Win32PPKRegistryServiceImpl, dbg.registry, reading VPD from C:\WINDOWS\vpd.properties
(Oct 14, 2011 10:55:23 AM), Install, com.oracle.installshield.adpwd.getAttributeVal, dbg, defaultNamingContext
(Oct 14, 2011 10:55:24 AM), Install, com.oracle.installshield.adpwd.getAttributeVal, err, [LDAP: error code 1 - 00000000: LdapErr: DSID-0C090627, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, vece ]
(Oct 14, 2011 10:55:24 AM), Install, com.oracle.installshield.adpwd.getDomainName, dbg, dnsHostName
(Oct 14, 2011 10:55:24 AM), Install, com.oracle.installshield.adpwd.getDomainName, err, [LDAP: error code 1 - 00000000: LdapErr: DSID-0C090627, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, vece ]
(Oct 14, 2011 10:57:21 AM), Install, com.oracle.installshield.adpwd.pathValidator, err, could not create directory D:\$P(absoluteInstallLocation)
(Oct 14, 2011 10:57:38 AM), Install, com.oracle.installshield.adpwd.pathValidator, dbg, C:\Progra~1\oracle\OIMADPasswordSync\Logs Directory already exists
(Oct 14, 2011 11:00:18 AM), Install, com.installshield.wizard.platform.win32.Win32JVMServiceImpl, dbg.jvm, calculating size from directory C:\DOCUME~1\user\LOCALS~1\Temp\LRE3.tmp
(Oct 14, 2011 11:00:19 AM), Install, com.installshield.wizard.platform.win32.Win32JVMServiceImpl, dbg.jvm, calculating size from directory C:\DOCUME~1\user\LOCALS~1\Temp\LRE3.tmp
(Oct 14, 2011 11:00:21 AM), Install, com.installshield.product.actions.UninstallerJVMResolution, dbg.jvm, attempting to use the current JVM
(Oct 14, 2011 11:00:31 AM), Install, com.installshield.product.actions.UninstallerJVMResolution, dbg.jvm, copying the current JVM
(Oct 14, 2011 11:00:31 AM), Install, com.installshield.wizard.platform.win32.Win32JVMServiceImpl, dbg.jvm, copying directory C:\DOCUME~1\user\LOCALS~1\Temp\LRE3.tmp to C:\Program Files\oracle\OIMADPasswordSync\_jvm
(Oct 14, 2011 11:00:35 AM), Install, com.installshield.wizard.platform.win32.Win32JVMServiceImpl, dbg.jvm, JVM_HOME = C:\Program Files\oracle\OIMADPasswordSync\_jvm
(Oct 14, 2011 11:00:35 AM), Install, com.installshield.wizard.platform.win32.Win32ProductServiceImpl, dbg.install, JVM memory before installing Files (files): free=17418496 total=20971520
(Oct 14, 2011 11:00:35 AM), Install, com.installshield.wizard.platform.win32.Win32ProductServiceImpl, msg1, installing Files (files)
(Oct 14, 2011 11:00:35 AM), Install, com.installshield.wizard.platform.win32.Win32ProductServiceImpl, dbg.install, JVM memory after installing Files (files): free=17160072 total=20971520
(Oct 14, 2011 11:00:35 AM), Install, com.installshield.wizard.platform.win32.Win32ProductServiceImpl, dbg.install, JVM memory before installing Files (dlls): free=17125832 total=20971520
(Oct 14, 2011 11:00:35 AM), Install, com.installshield.wizard.platform.win32.Win32ProductServiceImpl, msg1, installing Files (dlls)
(Oct 14, 2011 11:00:36 AM), Install, com.installshield.wizard.platform.win32.Win32ProductServiceImpl, dbg.install, JVM memory after installing Files (dlls): free=17012768 total=20971520
(Oct 14, 2011 11:00:36 AM), Install, com.installshield.wizard.platform.win32.Win32ProductServiceImpl, dbg.install, JVM memory before installing Win32 Registry Update (registryUpdate): free=16996328 total=20971520
(Oct 14, 2011 11:00:36 AM), Install, com.installshield.wizard.platform.win32.Win32ProductServiceImpl, msg1, installing Win32 Registry Update (registryUpdate)
(Oct 14, 2011 11:00:36 AM), Install, com.installshield.wizard.platform.win32.Win32ProductServiceImpl, dbg.install, JVM memory after installing Win32 Registry Update (registryUpdate): free=16365640 total=20971520
(Oct 14, 2011 11:00:36 AM), Install, com.installshield.wizard.platform.win32.Win32ProductServiceImpl, dbg.install, JVM memory before installing Create Directory (createLogDir): free=16349424 total=20971520
(Oct 14, 2011 11:00:36 AM), Install, com.installshield.wizard.platform.win32.Win32ProductServiceImpl, msg1, installing Create Directory (createLogDir)
(Oct 14, 2011 11:00:36 AM), Install, com.installshield.wizard.platform.win32.Win32ProductServiceImpl, dbg.install, JVM memory after installing Create Directory (createLogDir): free=16294688 total=20971520
(Oct 14, 2011 11:00:36 AM), Install, com.installshield.wizard.platform.win32.Win32PPKRegistryServiceImpl, dbg.registry, writing VPD to C:\WINDOWS\vpd.properties
(Oct 14, 2011 11:00:39 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, Reading in ASCII file C:\Program Files\oracle\OIMADPasswordSync\prepAD.ldif.
(Oct 14, 2011 11:00:39 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, /REPLACE TEXT: orclpwfbasedn ON LINE: 7/
(Oct 14, 2011 11:00:39 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, ou: oimpwdsyncdomain.inet
(Oct 14, 2011 11:00:39 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, /REPLACE TEXT: orclpwfbasedn ON LINE: 5/
(Oct 14, 2011 11:00:39 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, name: oimpwdsyncdomain.inet
(Oct 14, 2011 11:00:39 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, /REPLACE TEXT: orclpwfbasedn ON LINE: 3/
(Oct 14, 2011 11:00:39 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, OU=oimpwdsyncdomain.inet,persistentstore,domaindn
(Oct 14, 2011 11:00:39 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, /REPLACE TEXT: orclpwfbasedn ON LINE: 0/
(Oct 14, 2011 11:00:39 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, dn: OU=oimpwdsyncdomain.inet,persistentstore,domaindn
(Oct 14, 2011 11:00:39 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, /REPLACE TEXT: domaindn ON LINE: 3/
(Oct 14, 2011 11:00:39 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, OU=oimpwdsyncdomain.inet,persistentstore,DC=domain,DC=inet
(Oct 14, 2011 11:00:39 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, /REPLACE TEXT: domaindn ON LINE: 0/
(Oct 14, 2011 11:00:39 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, dn: OU=oimpwdsyncdomain.inet,persistentstore,DC=domain,DC=inet
(Oct 14, 2011 11:00:39 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, /REPLACE TEXT: persistentstore ON LINE: 3/
(Oct 14, 2011 11:00:39 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, OU=oimpwdsyncdomain.inet,ou=storepersistent,DC=domain,DC=inet
(Oct 14, 2011 11:00:39 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, /REPLACE TEXT: persistentstore ON LINE: 0/
(Oct 14, 2011 11:00:39 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, dn: OU=oimpwdsyncdomain.inet,ou=storepersistent,DC=domain,DC=inet
(Oct 14, 2011 11:00:41 AM), Install, com.oracle.installshield.adpwd.ldapModify, err, in Create the initial directory context
(Oct 14, 2011 11:00:41 AM), Install, com.oracle.installshield.adpwd.ldapModify, err, Request: 1 cancelled
(Oct 14, 2011 11:00:41 AM), Install, com.oracle.installshield.adpwd.ldapModify, dbg, C:\Program Files\oracle\OIMADPasswordSync\prepAD.ldif
(Oct 14, 2011 11:00:41 AM), Install, com.oracle.installshield.adpwd.ldapModify, err, gen exp
(Oct 14, 2011 11:00:41 AM), Install, com.oracle.installshield.adpwd.ldapModify, err, nullThis is the contents of prepAD.ldif
dn: OU=oimpwdsyncdomain.inet,ou=IDM,DC=domain,DC=inet
changetype: add
distinguishedName:
OU=oimpwdsyncdomain.inet,ou=IDM,DC=domain,DC=inet
instanceType: 4
name: oimpwdsyncdomain.inet
objectClass: organizationalUnit
ou: oimpwdsyncdomain.inet
Result of manual execution of this file
C:\Program Files\oracle\OIMADPasswordSync>ldifde -i -f prepAD.ldif
Connecting to "SERVER.DOMAIN.INET"
Logging in as current user using SSPI
Importing directory from file "prepAD.ldif"
Loading entries.
Add error on line 1: No Such Object
The server side error is "Directory object not found."
0 entries modified successfully.
An error has occurred in the program
No log files were written. In order to generate a log file, please
specify the log file path via the -j option.
Friends, any suggestions for the solution of this case
Thanks. -
Error while trying to provision OIM user to Active Directory using SSL
Hi All,
I am able to see the users through LDAP browser using SSL but am getting the following error while trying to provision OIM users to AD using SSL.
I am using Microsoft Active Directory connector type 9.11.
Response: Connection Error encountered
Response Description: Error encountered while connecting to target system
I did some testing using "Diagnostic Dashboard" and the following are the results.
Test Name: Target System SSL Trust Verification: Passed
Test Name: Test Basic Connectivity: Failed
Exceptions:
ITResource information values are not correct. Enter the correct values.
java.lang.reflect.InvocationTargetException
javax.naming.CommunicationException: simple bind failed:
unable to find valid certification path to requested target.Test Name: Test Provisioning:Failed
Note: Without SLL all the above tests got Passed.
Can anybody help me out from this issue.
Thanks in advance.
Pradeep Kumar.I am able to connect to AD using 636 port number from LDAP browser and as the following test got Passed i think that my certificatee should be correct.
Test Name: Target System SSL Trust Verification.
Input Parameters
Target System: idm.orademo.com
Port: 636 Certificate Store
Location: /usr/java/jdk1.6.0_14/jre/lib/security/cacerts
Result : Passed
ITResource Values:
ADAM LockoutThreshold Value
ADGroup LookUp Definition Lookup.ADReconciliation.GroupLookup
Admin FQDN cn=Administrator,cn=Users,dc=orademo,dc=com
Admin Password *******
Allow Password Provisioning yes
AtMap ADGroup AtMap.ADGroup
AtMap ADUser AtMap.AD
Invert Display Name no
Port Number 636
Remote Manager Prov Lookup AtMap.AD.RemoteScriptlookUp
Remote Manager Prov Script Path
Root Context dc=orademo,dc=com
Server Address idm.orademo.com
Target Locale: TimeZone GMT
UPN Domain orademo.com
Use SSL yes
isADAM no
isLookupDN no
isUserDeleteLeafNode no
Thansk & Regards,
Pradeep Kumar. -
Connecting Using SSL Authentication Without Username and Password
Hi,
We're on RedHat Linux 4.0 using 10.2.0.3 (server/client). We're trying to figure out a way to connect to the database using instantclient and JDBC-OCI and SSL authentication without using a username or password. According to the documentation this should be possible but no sample code is given.
LD_LIBRARY_PATH is set /opt/app/oracle/product/10.2.0/db_1/lib:/usr/lib:/home/oracle/instantclient where the instantclient was installed from the 10.2.0.1 client software
and we are using JDK version 1.6.0_03.
We're also referencing the following paper:
http://www.oracle.com/technology/tech/java/sqlj_jdbc/pdf/wp-oracle-jdbc_thin_ssl_2007.pdf
We've got our client and server wallets configured and the sample code we tried looks like this:
import java.sql.*;
import java.sql.*;
import java.io.*;
import java.util.*;
import oracle.net.ns.*;
import oracle.net.ano.*;
import oracle.jdbc.*;
import oracle.jdbc.pool.*;
import java.security.*;
import oracle.jdbc.pool.OracleDataSource;
public static void main(String[] argv) throws Exception {
DriverManager.registerDriver(new oracle.jdbc.driver.OracleDriver());
Security.addProvider(new oracle.security.pki.OraclePKIProvider());
System.setProperty("oracle.net.tns_admin", "/opt/app/oracle/product/10.2.0/db_1/network/admin");
String url = "jdbc:oracle:thin:@orcl";
java.util.Properties props = new java.util.Properties();
props.setProperty("oracle.net.authentication_services","(TCPS)");
props.setProperty("javax.net.ssl.trustStore",
"/opt/app/oracle/product/10.2.0/db_1/admin/wallet/server/cwallet.sso");
props.setProperty("javax.net.ssl.trustStoreType","SSO");
props.setProperty("javax.net.ssl.keyStore", "/opt/app/oracle/product/10.2.0/db_1/admin/wallet/client/cwallet.sso");
props.setProperty("javax.net.ssl.keyStoreType","SSO");
props.put ("oracle.net.ssl_version","3.0");
props.put ("oracle.net.wallet_location", "(SOURCE=(METHOD=file)(METHOD_DATA=(DIRECTORY=/opt/app/oracle/product/10.2.0/db_1/admin/wallet/client)))");
System.out.println("At Here...");
OracleDataSource ods = new OracleDataSource();
//ods.setUser("scott");
//ods.setPassword("tiger");
ods.setURL(url);
ods.setConnectionProperties(props);
System.out.println("At Here1...");
Connection conn = ods.getConnection();
System.out.println("At Here2...");
Statement stmt = conn.createStatement();
ResultSet rset = stmt.executeQuery("select 'Hello Thin driver SSL "
+ "tester ' from dual");
while (rset.next())
System.out.println(rset.getString(1));
rset.close();
stmt.close();
conn.close();
When this code is compiled and run, the following error is thrown:
Exception in thread "main" java.sql.SQLException: invalid arguments in call
at oracle.jdbc.driver.DatabaseError.throwSqlException(DatabaseError.java:112)
If a username and password is supplied, the code works. So does anyone have a working of using SSL to authenticate without supplying username/password?
Thanks
mohammedHi,
I just solved this. I noticed from another thread that I was not using the OCI driver (see below):
String url = "jdbc:oracle:thin:@pki14";
Once I changed it to:
String url = "jdbc:oracle:oci:@pki14";
The code worked perfectly. One more setting that you'll have to do is to create the user you want to connect as externally:
create user scott identified externally as
'CN=acme, OU=development, O=acme, C=US';
grant connect,create session to scott;
Note that the DN should be the same as the SSL certificate that you created in your wallet.
hth
mohammed
Maybe you are looking for
-
Scheduling a report in background and passing data for processing
Hi all, Using code (in a report1) ...i want to execute a report (report2) in background.....but at the same time i want to pass data (an internal table and a variable) to that report2. is it possible to pass data like internal table to a executable
-
Media Coder Failing with MPEG2-DVD and H.264 Blu-Ray Encode
I am useing Adobe Media Encoder CC 2014 8.0.0.173 build. I am a CC subscriber. I am importing a Premiere Pro CC 2014 timeline. I also have Premiere Pro CS6, Photoshop CC and CS6, Encore CS6, Lightroom 5, Indesign CC and CS6 installed. Just updated a
-
IS IT JUST ME OR IS EVRYONE WITH THE IPHONE 5 HAVING THIS PROBLEM?
-
Problem when we log into the Webclient with IC_AGENT business role
Hello, We are facing a problem when we log into the interaction center ( with IC_AGENT business role) after the login screen ( we fill the correct user and password) then system starts the application, but a error appears. We dont knon why but it is
-
I've noticed that every time I open a page, I am automatically redirected to the bottom of the page, after scrolling up to the top I can only go a few minutes on that page before Firefox refreshes to the bottom of the page again without my doing anyt