Password sync error using SSL

Hello All,
I installed password sync in a Windows 2003 server SE.
The application server(websphere 5) is using SSL.
The waveset version is 5.5.
I manualy registered the dll DotNetWrapper.dll but I am still getting the following log:
,110): Version: 'Sun Identity Manager 5.0 (20041020 SP 2)'
pwicsvc.cpp,594): Enter: ReadRegisterySettings
pwicsvc.cpp,637): Error reading USE_SSL from registry.
pwicsvc.cpp,666): Proxy Port: 8080
pwicsvc.cpp,751): Error reading SecurityFlags from registry.
pwicsvc.cpp,763): Error reading ConnectionFlags from registry.
pwicsvc.cpp,779): Exit: ReadRegisterySettings
pwicsvc.cpp,511): WINVER: Windows Active Directory
pwicsvc.cpp,557): Service::svc
pwicsvc.cpp,374): Enter: waitForIntercepts
pwicsvc.cpp,402): Waiting for client.Requests Processed: 0 failures: 0
pwicsvc.cpp,416): read from pipe
pwicsvc.cpp,420): REQUEST: SRTCTkASGZP1++W/mobdreEAtquTHmFJDTpZ+1fsztFSWSU2j5QdZw==
pwicsvc.cpp,441):           GETTING NEW SOAP CLIENT
pwicsvc.cpp,228): Enter: GetClient
pwicsvc.cpp,245): Soap client created
pwicsvc.cpp,246): ClientTimeout: 10000
pwicsvc.cpp,256): Proxy server not specified
pwicsvc.cpp,260): EndpointURL: https://servername:443/idm/servlet/rpcrouter2
pwicsvc.cpp,287): SSL Enabled
ptor.cpp,67): RAEncryptor::Decrypt3DES: input length (16) moded to 2
pwicsvc.cpp,301): Login failed error code : -2147467259. Disassembing client
pwicsvc.cpp,321): Exit: GetClient
pwicsvc.cpp,450): **ERROR: Failed to get soap client.
pwicsvc.cpp,402): Waiting for client.Requests Processed: 1 failures: 0
Any help will be appreciated.
Itay.

I would like to add that .NET and IE 6 are installed with the OS (Win2003) by default.
When I surf to the to the endpointURL I get the following message:
ERROR: org.openspml.server.SOAPRouter: GET is unsupported

Similar Messages

  • AD Password Sync Connector in SSL Mode

    Hi,
    The AD Password Sycn connector works fine with non-SSL , but not in SSL mode.
    This is the log generated-
    Debug [11/19/12 15:35:08] Start getting config parameters from registry
    Debug [11/19/12 15:35:08] oimhost is
    Debug [11/19/12 15:35:08] abc.com
    Debug [11/19/12 15:35:08]
    Debug [11/19/12 15:35:08] oimport is
    Debug [11/19/12 15:35:08] 14001
    Debug [11/19/12 15:35:08]
    Debug [11/19/12 15:35:08] oimsslclient is
    Debug [11/19/12 15:35:08] PwdSync
    Debug [11/19/12 15:35:08]
    Debug [11/19/12 15:35:08] oimuserattr is
    Debug [11/19/12 15:35:08] Users.User ID
    Debug [11/19/12 15:35:08]
    Debug [11/19/12 15:35:08] oimusessl is
    Debug [11/19/12 15:35:08] Y
    Debug [11/19/12 15:35:08]
    Debug [11/19/12 15:35:08] oimappservertype is
    Debug [11/19/12 15:35:08] 1
    Debug [11/19/12 15:35:08]
    Debug [11/19/12 15:35:08] End of sgsloidi::getConfigParamters
    Debug [11/19/12 15:35:08] Inside sgsloidi::setParameters
    Debug [11/19/12 15:35:08] The SOAP start element is
    Debug [11/19/12 15:35:08] <processRequest xmlns=""><sOAPElement>
    Debug [11/19/12 15:35:08] The SOAP end element is
    Debug [11/19/12 15:35:08] </sOAPElement></processRequest>
    Debug [11/19/12 15:35:08] The path is
    Debug [11/19/12 15:35:08] /spmlws/OIMProvisioning
    Debug [11/19/12 15:35:08] End of sgsloidi::setParameters
    Debug [11/19/12 15:35:09] Look for client cert
    Debug [11/19/12 15:35:09] Search the opened store
    Debug [11/19/12 15:35:09] Inside sgsloidiOIMDownErrorHandler
    Please suggest.

    Instead of explicitly stating 636 for SSL,
    Use the same port 389 for ssl and also configure oim port to be same(ex:140001) which is the ssl port for oim in the configuration of OIM Password Sync.
    Export Certificates from AD to java security keystore and to weblogic keystore
    Export .pem certificate created on OIM host machine to AD.
    Restart weblogic, oim and AD
    Everything would work fine.
    For all the other information, refer to doc.

  • Password Sync Error Message

    Hi, hope someone can help.
    have installed 32 bit passwordsysnc.dll on ad server 2003 R2 connecting to sun IDM 8.1.1 using the direct method.
    It seems to function correctly and password changes are being synced, but each change results in an event log error on the AD server as follows:
    "While processing account gguava, password sync was unable to connect to the servlet to post the synchronization message. Error: ."
    The trace log seems to indicate that the password change event is submitted successfully and then the error occurs. i.e:
    11/29/2010 13.38.03.834000 [3196] (e:\waveset\build\idm8110-36\src\wps\passwordsync\passwordsyncdll\pwsyncclient.cpp,48): Connecting to leghorn.cdu.edu.au on port 7777
    11/29/2010 13.38.03.834000 [3196] (e:\waveset\build\idm8110-36\src\wps\passwordsync\passwordsyncdll\pwsyncclient.cpp,72): Adding request parameter: 'JNDIProperties'=''
    11/29/2010 13.38.03.834000 [3196] (e:\waveset\build\idm8110-36\src\wps\passwordsync\passwordsyncdll\pwsyncclient.cpp,72): Adding request parameter: 'accountId'='configurator'
    11/29/2010 13.38.03.834000 [3196] (e:\waveset\build\idm8110-36\src\wps\passwordsync\passwordsyncdll\pwsyncclient.cpp,72): Adding request parameter: 'clientEndpoint'='SHOEBILL'
    11/29/2010 13.38.03.834000 [3196] (e:\waveset\build\idm8110-36\src\wps\passwordsync\passwordsyncdll\pwsyncclient.cpp,72): Adding request parameter: 'connectionFactory'=''
    11/29/2010 13.38.03.834000 [3196] (e:\waveset\build\idm8110-36\src\wps\passwordsync\passwordsyncdll\pwsyncclient.cpp,72): Adding request parameter: 'direct'='true'
    11/29/2010 13.38.03.834000 [3196] (e:\waveset\build\idm8110-36\src\wps\passwordsync\passwordsyncdll\pwsyncclient.cpp,72): Adding request parameter: 'email'='[email protected]'
    11/29/2010 13.38.03.834000 [3196] (e:\waveset\build\idm8110-36\src\wps\passwordsync\passwordsyncdll\pwsyncclient.cpp,72): Adding request parameter: 'emailEndUser'='false'
    11/29/2010 13.38.03.834000 [3196] (e:\waveset\build\idm8110-36\src\wps\passwordsync\passwordsyncdll\pwsyncclient.cpp,72): Adding request parameter: 'jmsPassword'='*******'
    11/29/2010 13.38.03.834000 [3196] (e:\waveset\build\idm8110-36\src\wps\passwordsync\passwordsyncdll\pwsyncclient.cpp,72): Adding request parameter: 'jmsUser'=''
    11/29/2010 13.38.03.834000 [3196] (e:\waveset\build\idm8110-36\src\wps\passwordsync\passwordsyncdll\pwsyncclient.cpp,72): Adding request parameter: 'password'='*******'
    11/29/2010 13.38.03.834000 [3196] (e:\waveset\build\idm8110-36\src\wps\passwordsync\passwordsyncdll\pwsyncclient.cpp,72): Adding request parameter: 'queueName'=''
    11/29/2010 13.38.03.834000 [3196] (e:\waveset\build\idm8110-36\src\wps\passwordsync\passwordsyncdll\pwsyncclient.cpp,72): Adding request parameter: 'resourceAccountGUID'='8241442873f21f419938428b3f3e9a23'
    11/29/2010 13.38.03.834000 [3196] (e:\waveset\build\idm8110-36\src\wps\passwordsync\passwordsyncdll\pwsyncclient.cpp,72): Adding request parameter: 'resourceAccountId'='CN=gguava(gerri guava),OU=AliceSprings,OU=People,DC=cdu-staff,DC=local'
    11/29/2010 13.38.03.834000 [3196] (e:\waveset\build\idm8110-36\src\wps\passwordsync\passwordsyncdll\pwsyncclient.cpp,72): Adding request parameter: 'resourcePassword'='*******'
    11/29/2010 13.38.03.834000 [3196] (e:\waveset\build\idm8110-36\src\wps\passwordsync\passwordsyncdll\pwsyncclient.cpp,72): Adding request parameter: 'resourcetype'='Windows Active Directory'
    11/29/2010 13.38.03.834000 [3196] (e:\waveset\build\idm8110-36\src\wps\passwordsync\passwordsyncdll\pwsyncclient.cpp,72): Adding request parameter: 'sessionType'=''
    11/29/2010 13.38.03.834000 [3196] (e:\waveset\build\idm8110-36\src\wps\passwordsync\passwordsyncdll\pwsyncclient.cpp,97): SendToServlet: opening direct connection
    11/29/2010 13.38.08.475000 [3196] (e:\waveset\build\idm8110-36\src\wps\passwordsync\passwordsyncdll\pwsyncclient.cpp,221): httpSendRequest succeeded
    11/29/2010 13.38.08.475000 [3196] (e:\waveset\build\idm8110-36\src\wps\passwordsync\passwordsyncdll\pwsyncclient.cpp,336): Info flag 19 returned 400
    11/29/2010 13.38.08.475000 [3196] (e:\waveset\build\idm8110-36\src\wps\passwordsync\passwordsyncdll\pwsyncclient.cpp,339): Error retrieving header information from servlet.
    11/29/2010 13.38.08.475000 [3196] (e:\waveset\build\idm8110-36\src\wps\passwordsync\passwordsyncdll\pwsyncclient.cpp,320): Failed to convert contentLength
    11/29/2010 13.38.08.475000 [3196] (e:\waveset\build\idm8110-36\src\wps\passwordsync\passwordsyncdll\pwsyncclient.cpp,277): servlet contact failed
    11/29/2010 13.38.08.475000 [3196] (e:\waveset\build\idm8110-36\src\wps\passwordsync\passwordsyncdll\pwsyncclient.cpp,285): Exit: PwSyncClient::SendToServlet
    11/29/2010 13.38.08.475000 [3196] (e:\waveset\build\idm8110-36\src\wps\passwordsync\passwordsyncdll\lhpwic.cpp,96): Enter: writeToEventLog
    11/29/2010 13.38.08.475000 [3196] (e:\waveset\build\idm8110-36\src\wps\passwordsync\passwordsyncdll\lhpwic.cpp,118): Exit: writeToEventLog
    11/29/2010 13.38.08.475000 [3196] (e:\waveset\build\idm8110-36\src\wps\passwordsync\passwordsyncdll\lhpwic.cpp,351): Enter: EmailNotification
    11/29/2010 13.38.08.475000 [3196] (e:\waveset\build\idm8110-36\src\wps\passwordsync\passwordsyncdll\lhpwic.cpp,354): Email is not enabled
    11/29/2010 13.38.08.475000 [3196] (e:\waveset\build\idm8110-36\src\wps\passwordsync\passwordsyncdll\lhpwic.cpp,596): Got initialization mutex
    11/29/2010 13.38.08.475000 [3196] (e:\waveset\build\idm8110-36\src\wps\passwordsync\passwordsyncdll\lhpwic.cpp,609): Released Mutex
    11/29/2010 13.38.08.475000 [3196] (e:\waveset\build\idm8110-36\src\wps\passwordsync\passwordsyncdll\lhpwic.cpp,230): Exit: SyncPassword
    I have 8.1.1 password sync working OK in a test environment, the main difference being the port is a more standard 80 (instead of 7777 in production)
    Has anyone encountered this? How do I fix it? is it important even?
    Thanks in advance.

    I had this exact error.
    For future reference:
    Double check the user password and status of the account by loging in the user interface with the account you are using.
    I did a password reset on the waveset service account used by the password sync. When I logged in the user interface with that account, it prompted me to enter a new password. Upon entering a new password and reflecting the change in the Password Sync, synchronisation resumed.

  • HT4864 "Note: If you receive errors using SSL, try using TLS instead."

    My outgoing mail server works with .me when I enable TLS, but not SSL, any security issues?

    Appreciate your reply. Please help me in my further questions.
    We were using SSL to connect to their server till now, now they want to upgrade it, so they want us to use TLS1.0
    In the link I see that TLS1.0 and others are installed but I do not see them on our server. I will have them install it. 
    Once we have TLS installed and enabled does Biztalk HTTP adapter use TLS 1.0 as default to connect to external system automatically or do I have to change the HTTP send receive port which has a certificate in it.
    Also with which tool can I check if Biztalk is actually using TLS or SSL.

  • Error using SSL on Receiver Soap Adapter

    Hi there,
    I'm having some problems on connecting to a third-party application running a webservice (meaning, through Receiver Soap Adapter). The third-party appl. demands us to use a SSL connection (its url starts with https), with user authentication through certificate.
    We've installed SAP Java Cryptographic toolkit and have a proper certificate configured on the KeyStorage entry, on Visual Administrator.
    On Soap Adapter, I've configured HTTP Transport Protocol and have selected the "configure certificate authentication" option and selected the certificate, filled the mandatory fields (target URL and soap action) but I keep getting this error message on SXMB_MONI: "com.sap.aii.af.ra.ms.api.DeliveryException: unable to create a socket".
    Is there anything else than installing SAP Java Cryptographic Toolkit to enable SSL on Soap Adapter? Is there another configurations that need to be done?
    Thanks in advance,
    Henrique.

    Hi
    can u please tell me, how u r able to resolve the problem
    i am also stuck in the same error
    basically i am working on SSO b/w three systems.
    EP>XI>R/3
    i am able to do the SSO between the EP-->XI
    but  when i try with EP-->XI->R/3 it is giving me error at the receiver side means receiver soap adapter is not accepting the SAP Logon Ticket.
    can u please tell me what entries should be given in the certificate authentication fields.
    please provide the solution.
    Thanks & Regards
    Rinku Gangwani

  • AD Password Sync Error

    All,
    I get an error when I try to change a password in AD and sync it to OIM.
    Debug [5/24/2011 2:41:17 PM]
    ***********Inside sgslldpcopenLDAPConnection****************
    Debug [5/24/2011 2:41:17 PM]
    Debugging the code
    Debug [5/24/2011 2:41:17 PM]
    ***********Out of openLDAPConnection****************
    Debug [5/24/2011 2:41:17 PM]
    Data Read from Orcl Store
    Debug [5/24/2011 2:41:17 PM] Inside sgslutilsplitData
    Debug [5/24/2011 2:41:17 PM] Putting data into strstream
    Debug [5/24/2011 2:41:17 PM] Get userid len for decryption
    Debug [5/24/2011 2:41:17 PM] userid len is
    Debug [5/24/2011 2:41:17 PM] 6
    Debug [5/24/2011 2:41:17 PM] Remove space
    Debug [5/24/2011 2:41:17 PM] Get pasword len for decryption
    Debug [5/24/2011 2:41:17 PM] password len is
    Debug [5/24/2011 2:41:17 PM] 222
    Debug [5/24/2011 2:41:17 PM] Remove space
    Debug [5/24/2011 2:41:17 PM] Get Encoder String len
    Debug [5/24/2011 2:41:17 PM] encode len is
    Debug [5/24/2011 2:41:17 PM] 296
    Debug [5/24/2011 2:41:17 PM] Remove space
    Debug [5/24/2011 2:41:17 PM] Allocate memory for encodeStr
    Debug [5/24/2011 2:41:17 PM] Retrieve encodeStr
    Debug [5/24/2011 2:41:17 PM] decode encodeStr
    Debug [5/24/2011 2:41:17 PM] Free encodeStr
    Debug [5/24/2011 2:41:17 PM] Calling unProtectData for decodeStr
    Debug [5/24/2011 2:41:17 PM] Getting decryptStr
    Debug [5/24/2011 2:41:17 PM] Free password
    Debug [5/24/2011 2:41:17 PM] decrypted ...
    Debug [5/24/2011 2:41:17 PM] guidlen =
    Debug [5/24/2011 2:41:17 PM] 24
    Debug [5/24/2011 2:41:17 PM] password length =
    Debug [5/24/2011 2:41:17 PM] 9
    Debug [5/24/2011 2:41:17 PM] Returning values now
    Debug [5/24/2011 2:41:17 PM]
    About to encrypt data to be stored in DataStore
    Debug [5/24/2011 2:41:17 PM] GUID outside -->
    Debug [5/24/2011 2:41:17 PM] EkN1et4PR0ev7z8Oqd6bAg==
    Debug [5/24/2011 2:41:17 PM] x02389
    Debug [5/24/2011 2:41:17 PM]
    Debug [5/24/2011 2:41:17 PM] Inside sgsloidi::sgsloidiupdateOIM
    Debug [5/24/2011 2:41:17 PM] Inside sgsloidi::getConfigParamters
    Debug [5/24/2011 2:41:17 PM] Start getting config parameters from registry
    Debug [5/24/2011 2:41:17 PM] oimhost is
    Debug [5/24/2011 2:41:17 PM] oimprd.cityhall.boston.cob
    Debug [5/24/2011 2:41:17 PM]
    Debug [5/24/2011 2:41:17 PM] oimport is
    Debug [5/24/2011 2:41:17 PM] 8080
    Debug [5/24/2011 2:41:17 PM]
    Debug [5/24/2011 2:41:17 PM] oimsslclient is
    Debug [5/24/2011 2:41:17 PM] oimprd.cityhall.boston.cob
    Debug [5/24/2011 2:41:17 PM]
    Debug [5/24/2011 2:41:17 PM] oimuserattr is
    Debug [5/24/2011 2:41:17 PM] Users.User ID
    Debug [5/24/2011 2:41:17 PM]
    Debug [5/24/2011 2:41:17 PM] oimusessl is
    Debug [5/24/2011 2:41:17 PM] Y
    Debug [5/24/2011 2:41:17 PM]
    Debug [5/24/2011 2:41:17 PM] oimappservertype is
    Debug [5/24/2011 2:41:17 PM] 3
    Debug [5/24/2011 2:41:17 PM]
    Debug [5/24/2011 2:41:17 PM] End of sgsloidi::getConfigParamters
    Debug [5/24/2011 2:41:17 PM] Inside sgsloidi::setParameters
    Debug [5/24/2011 2:41:17 PM] The SOAP start element is
    Debug [5/24/2011 2:41:17 PM] <processRequest xmlns=""><parameters>
    Debug [5/24/2011 2:41:17 PM] The SOAP end element is
    Debug [5/24/2011 2:41:17 PM] </parameters></processRequest>
    Debug [5/24/2011 2:41:17 PM] The path is
    Debug [5/24/2011 2:41:17 PM] /spmlws/services/HttpSoap11
    Debug [5/24/2011 2:41:17 PM] End of sgsloidi::setParameters
    Debug [5/24/2011 2:41:38 PM] Inside sgsloidiOIMDownErrorHandler
    Debug [5/24/2011 2:41:38 PM] Inside sgsladds::sgslperwriteData YOOOO
    Debug [5/24/2011 2:41:38 PM] Inside sgsladac c-tor
    Debug [5/24/2011 2:41:38 PM] AD Host
    Debug [5/24/2011 2:41:38 PM] 192.168.252.12
    Debug [5/24/2011 2:41:38 PM]
    Debug [5/24/2011 2:41:38 PM] AD Port
    Debug [5/24/2011 2:41:38 PM] 389
    Debug [5/24/2011 2:41:38 PM]
    Debug [5/24/2011 2:41:38 PM] AD Base DN
    Debug [5/24/2011 2:41:38 PM] DC=admin,DC=mybps,DC=org
    Debug [5/24/2011 2:41:38 PM]
    Debug [5/24/2011 2:41:38 PM] Only dataattribute
    Debug [5/24/2011 2:41:38 PM] Got Registry enteries
    Debug [5/24/2011 2:41:38 PM] contact
    Debug [5/24/2011 2:41:38 PM] description
    Debug [5/24/2011 2:41:38 PM] Got Entiredn
    Debug [5/24/2011 2:41:38 PM] OU=oimpwdsyncadmin.mybps.org,DC=admin,DC=mybps,DC=org
    Debug [5/24/2011 2:41:38 PM] Encrypted record already exists in Datastore
    Debug [5/24/2011 2:41:38 PM] Already Exists
    Debug [5/24/2011 2:41:38 PM] Encrypted record already exists in Datastore
    Debug [5/24/2011 2:41:38 PM] Already Exists
    Debug [5/24/2011 2:41:38 PM] Inside sgsladdsSearchUser
    Debug [5/24/2011 2:41:38 PM] Firing Search Request
    Debug [5/24/2011 2:41:38 PM] AD search for a user objectGUID is successfull
    Debug [5/24/2011 2:41:38 PM] Count success
    Debug [5/24/2011 2:41:38 PM] Search result fetched
    Debug [5/24/2011 2:41:38 PM] 0:306 6 222 296 AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAJFqp2tiHmkKsyDTbryXNMQAAAAAmAAAAUABhAHMAcwB3AG8AcgBkACAARQBuAGMAcgBwAHQAaQBvAG4AAAADZgAAqAAAABAAAAAWxMIaiONu/zYSVMLyQgnlAAAAAASAAACgAAAAEAAAAMYI1Yk4XmRO8gS1HPYWp38wAAAA9Ys8VA2AJiZp/LBhRAjOqf2rJl5q0kStqNjFTP67HZ7tKjOp0YupW0AwMZWCgPeMFAAAAEeH1/plpCB9/0JXIRtGZDKTOvnq
    Debug [5/24/2011 2:41:38 PM] --------------------&&&----------------
    Debug [5/24/2011 2:41:38 PM] Inside sgsladds::sgsladdsgetData NEW Look
    Debug [5/24/2011 2:41:38 PM] 0:306 6 222 296 AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAJFqp2tiHmkKsyDTbryXNMQAAAAAmAAAAUABhAHMAcwB3AG8AcgBkACAARQBuAGMAcgBwAHQAaQBvAG4AAAADZgAAqAAAABAAAAAWxMIaiONu/zYSVMLyQgnlAAAAAASAAACgAAAAEAAAAMYI1Yk4XmRO8gS1HPYWp38wAAAA9Ys8VA2AJiZp/LBhRAjOqf2rJl5q0kStqNjFTP67HZ7tKjOp0YupW0AwMZWCgPeMFAAAAEeH1/plpCB9/0JXIRtGZDKTOvnq
    Debug [5/24/2011 2:41:38 PM] Encoded Data Extracted in sgsladdsgetData
    Debug [5/24/2011 2:41:38 PM] 306 6 222 296 AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAJFqp2tiHmkKsyDTbryXNMQAAAAAmAAAAUABhAHMAcwB3AG8AcgBkACAARQBuAGMAcgBwAHQAaQBvAG4AAAADZgAAqAAAABAAAAAWxMIaiONu/zYSVMLyQgnlAAAAAASAAACgAAAAEAAAAMYI1Yk4XmRO8gS1HPYWp38wAAAA9Ys8VA2AJiZp/LBhRAjOqf2rJl5q0kStqNjFTP67HZ7tKjOp0YupW0AwMZWCgPeMFAAAAEeH1/plpCB9/0JXIRtGZDKTOvnq
    Debug [5/24/2011 2:41:38 PM] Moving out sgsladdsgetData
    Debug [5/24/2011 2:41:38 PM] Encoded Data Extracted
    Debug [5/24/2011 2:41:38 PM] 306 6 222 296 AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAJFqp2tiHmkKsyDTbryXNMQAAAAAmAAAAUABhAHMAcwB3AG8AcgBkACAARQBuAGMAcgBwAHQAaQBvAG4AAAADZgAAqAAAABAAAAAWxMIaiONu/zYSVMLyQgnlAAAAAASAAACgAAAAEAAAAMYI1Yk4XmRO8gS1HPYWp38wAAAA9Ys8VA2AJiZp/LBhRAjOqf2rJl5q0kStqNjFTP67HZ7tKjOp0YupW0AwMZWCgPeMFAAAAEeH1/plpCB9/0JXIRtGZDKTOvnq
    Debug [5/24/2011 2:41:38 PM] MAX_RETRY LIMIT count is not updated: OIM is down
    Debug [5/24/2011 2:41:38 PM] 0
    Debug [5/24/2011 2:41:38 PM] numretries ======
    Debug [5/24/2011 2:41:38 PM] 0
    Debug [5/24/2011 2:41:38 PM] Inside sgslcodsupdateChild
    Debug [5/24/2011 2:41:38 PM] 0:306 6 222 296 AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAJFqp2tiHmkKsyDTbryXNMQAAAAAmAAAAUABhAHMAcwB3AG8AcgBkACAARQBuAGMAcgBwAHQAaQBvAG4AAAADZgAAqAAAABAAAAAWxMIaiONu/zYSVMLyQgnlAAAAAASAAACgAAAAEAAAAMYI1Yk4XmRO8gS1HPYWp38wAAAA9Ys8VA2AJiZp/LBhRAjOqf2rJl5q0kStqNjFTP67HZ7tKjOp0YupW0AwMZWCgPeMFAAAAEeH1/plpCB9/0JXIRtGZDKTOvnq
    Debug [5/24/2011 2:41:38 PM]
    Encrypted record data updated successfully
    Debug [5/24/2011 2:41:38 PM] Inside sgsladac destructor
    Debug [5/24/2011 2:41:38 PM] Password updation failed in child process
    Debug [5/24/2011 2:41:38 PM]
    Relaxing while processing records from datastore
    Debug [5/24/2011 2:41:40 PM] Inside sgslutilsplitData
    Debug [5/24/2011 2:41:40 PM] Putting data into strstream
    Debug [5/24/2011 2:41:40 PM] Get userid len for decryption
    Debug [5/24/2011 2:41:40 PM] userid len is
    Debug [5/24/2011 2:41:40 PM] 6
    Debug [5/24/2011 2:41:40 PM] Remove space
    Debug [5/24/2011 2:41:40 PM] Get pasword len for decryption
    Debug [5/24/2011 2:41:40 PM] password len is
    Debug [5/24/2011 2:41:40 PM] 230
    Debug [5/24/2011 2:41:40 PM] Remove space
    Debug [5/24/2011 2:41:40 PM] Get Encoder String len
    Debug [5/24/2011 2:41:40 PM] encode len is
    Debug [5/24/2011 2:41:40 PM] 308
    Debug [5/24/2011 2:41:40 PM] Remove space
    Debug [5/24/2011 2:41:40 PM] Allocate memory for encodeStr
    Debug [5/24/2011 2:41:40 PM] Retrieve encodeStr
    Debug [5/24/2011 2:41:40 PM] decode encodeStr
    Debug [5/24/2011 2:41:40 PM] Free encodeStr
    Debug [5/24/2011 2:41:40 PM] Calling unProtectData for decodeStr
    Debug [5/24/2011 2:41:40 PM] Getting decryptStr
    Debug [5/24/2011 2:41:40 PM] Free password
    Debug [5/24/2011 2:41:40 PM] decrypted ...
    Debug [5/24/2011 2:41:40 PM] guidlen =
    Debug [5/24/2011 2:41:40 PM] 24
    Debug [5/24/2011 2:41:40 PM] password length =
    Debug [5/24/2011 2:41:40 PM] 10
    Debug [5/24/2011 2:41:40 PM] Returning values now
    Debug [5/24/2011 2:41:40 PM]
    About to encrypt data to be stored in DataStore
    Debug [5/24/2011 2:41:40 PM] GUID outside -->
    Debug [5/24/2011 2:41:40 PM] nBykQFvfP0iVvCQvyW/aiQ==
    Debug [5/24/2011 2:41:40 PM] x02390
    Debug [5/24/2011 2:41:40 PM]
    Debug [5/24/2011 2:41:40 PM] Inside sgsloidi::sgsloidiupdateOIM
    Debug [5/24/2011 2:41:40 PM] Inside sgsloidi::getConfigParamters
    Debug [5/24/2011 2:41:40 PM] Start getting config parameters from registry
    Debug [5/24/2011 2:41:40 PM] oimhost is
    Debug [5/24/2011 2:41:40 PM] oimprd.cityhall.boston.cob
    Debug [5/24/2011 2:41:40 PM]
    Debug [5/24/2011 2:41:40 PM] oimport is
    Debug [5/24/2011 2:41:40 PM] 8080
    Debug [5/24/2011 2:41:40 PM]
    Debug [5/24/2011 2:41:40 PM] oimsslclient is
    Debug [5/24/2011 2:41:40 PM] oimprd.cityhall.boston.cob
    Debug [5/24/2011 2:41:40 PM]
    Debug [5/24/2011 2:41:41 PM] oimuserattr is
    Debug [5/24/2011 2:41:41 PM] Users.User ID
    Debug [5/24/2011 2:41:41 PM]
    Debug [5/24/2011 2:41:41 PM] oimusessl is
    Debug [5/24/2011 2:41:41 PM] Y
    Debug [5/24/2011 2:41:41 PM]
    Debug [5/24/2011 2:41:41 PM] oimappservertype is
    Debug [5/24/2011 2:41:41 PM] 3
    Debug [5/24/2011 2:41:41 PM]
    Debug [5/24/2011 2:41:41 PM] End of sgsloidi::getConfigParamters
    Debug [5/24/2011 2:41:41 PM] Inside sgsloidi::setParameters
    Debug [5/24/2011 2:41:41 PM] The SOAP start element is
    Debug [5/24/2011 2:41:41 PM] <processRequest xmlns=""><parameters>
    Debug [5/24/2011 2:41:41 PM] The SOAP end element is
    Debug [5/24/2011 2:41:41 PM] </parameters></processRequest>
    Debug [5/24/2011 2:41:41 PM] The path is
    Debug [5/24/2011 2:41:41 PM] /spmlws/services/HttpSoap11
    Debug [5/24/2011 2:41:41 PM] End of sgsloidi::setParameters
    Debug [5/24/2011 2:42:01 PM] Inside sgsloidiOIMDownErrorHandler
    Debug [5/24/2011 2:42:01 PM] Inside sgsladds::sgslperwriteData YOOOO
    Debug [5/24/2011 2:42:01 PM] Inside sgsladac c-tor
    Debug [5/24/2011 2:42:01 PM] AD Host
    Debug [5/24/2011 2:42:01 PM] 192.168.252.12
    Debug [5/24/2011 2:42:01 PM]
    Debug [5/24/2011 2:42:01 PM] AD Port
    Debug [5/24/2011 2:42:01 PM] 389
    Debug [5/24/2011 2:42:01 PM]
    Debug [5/24/2011 2:42:01 PM] AD Base DN
    Debug [5/24/2011 2:42:01 PM] DC=admin,DC=mybps,DC=org
    Debug [5/24/2011 2:42:01 PM]
    Debug [5/24/2011 2:42:01 PM] Only dataattribute
    Debug [5/24/2011 2:42:01 PM] Got Registry enteries
    Debug [5/24/2011 2:42:01 PM] contact
    Debug [5/24/2011 2:42:01 PM] description
    Debug [5/24/2011 2:42:01 PM] Got Entiredn
    Debug [5/24/2011 2:42:01 PM] OU=oimpwdsyncadmin.mybps.org,DC=admin,DC=mybps,DC=org
    Debug [5/24/2011 2:42:01 PM] Encrypted record already exists in Datastore
    Debug [5/24/2011 2:42:01 PM] Already Exists
    Debug [5/24/2011 2:42:01 PM] Encrypted record already exists in Datastore
    Debug [5/24/2011 2:42:01 PM] Already Exists
    Debug [5/24/2011 2:42:01 PM] Inside sgsladdsSearchUser
    Debug [5/24/2011 2:42:01 PM] Firing Search Request
    Debug [5/24/2011 2:42:01 PM] AD search for a user objectGUID is successfull
    Debug [5/24/2011 2:42:01 PM] Count success
    Debug [5/24/2011 2:42:01 PM] Search result fetched
    Debug [5/24/2011 2:42:01 PM] 0:318 6 230 308 AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAJFqp2tiHmkKsyDTbryXNMQAAAAAmAAAAUABhAHMAcwB3AG8AcgBkACAARQBuAGMAcgBwAHQAaQBvAG4AAAADZgAAqAAAABAAAAB4zc1WOQi1O89gt9yPTPQaAAAAAASAAACgAAAAEAAAAO6jrhYFzep1GBjUEY3rhTU4AAAA5YMKvxhm7XLSGZafTPPYXG9eBTKtlwitIWhX4ZSgyEdO7yIatkBoZT2CCBEXfIlVT0tSjF47qTgUAAAA5ppQOjx3VeDh8ps3leGg9D+eSIs=
    Debug [5/24/2011 2:42:01 PM] --------------------&&&----------------
    Debug [5/24/2011 2:42:01 PM] Inside sgsladds::sgsladdsgetData NEW Look
    Debug [5/24/2011 2:42:01 PM] 0:318 6 230 308 AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAJFqp2tiHmkKsyDTbryXNMQAAAAAmAAAAUABhAHMAcwB3AG8AcgBkACAARQBuAGMAcgBwAHQAaQBvAG4AAAADZgAAqAAAABAAAAB4zc1WOQi1O89gt9yPTPQaAAAAAASAAACgAAAAEAAAAO6jrhYFzep1GBjUEY3rhTU4AAAA5YMKvxhm7XLSGZafTPPYXG9eBTKtlwitIWhX4ZSgyEdO7yIatkBoZT2CCBEXfIlVT0tSjF47qTgUAAAA5ppQOjx3VeDh8ps3leGg9D+eSIs=
    Debug [5/24/2011 2:42:02 PM] Encoded Data Extracted in sgsladdsgetData
    Debug [5/24/2011 2:42:02 PM] 318 6 230 308 AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAJFqp2tiHmkKsyDTbryXNMQAAAAAmAAAAUABhAHMAcwB3AG8AcgBkACAARQBuAGMAcgBwAHQAaQBvAG4AAAADZgAAqAAAABAAAAB4zc1WOQi1O89gt9yPTPQaAAAAAASAAACgAAAAEAAAAO6jrhYFzep1GBjUEY3rhTU4AAAA5YMKvxhm7XLSGZafTPPYXG9eBTKtlwitIWhX4ZSgyEdO7yIatkBoZT2CCBEXfIlVT0tSjF47qTgUAAAA5ppQOjx3VeDh8ps3leGg9D+eSIs=
    Debug [5/24/2011 2:42:02 PM] Moving out sgsladdsgetData
    Debug [5/24/2011 2:42:02 PM] Encoded Data Extracted
    Debug [5/24/2011 2:42:02 PM] 318 6 230 308 AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAJFqp2tiHmkKsyDTbryXNMQAAAAAmAAAAUABhAHMAcwB3AG8AcgBkACAARQBuAGMAcgBwAHQAaQBvAG4AAAADZgAAqAAAABAAAAB4zc1WOQi1O89gt9yPTPQaAAAAAASAAACgAAAAEAAAAO6jrhYFzep1GBjUEY3rhTU4AAAA5YMKvxhm7XLSGZafTPPYXG9eBTKtlwitIWhX4ZSgyEdO7yIatkBoZT2CCBEXfIlVT0tSjF47qTgUAAAA5ppQOjx3VeDh8ps3leGg9D+eSIs=
    Debug [5/24/2011 2:42:02 PM] MAXRETRY LIMIT count is not updated: OIM is down_+*
    Debug [5/24/2011 2:42:02 PM] 0
    Debug [5/24/2011 2:42:02 PM] numretries ======
    Debug [5/24/2011 2:42:02 PM] 0
    Debug [5/24/2011 2:42:02 PM] Inside sgslcodsupdateChild
    Debug [5/24/2011 2:42:02 PM] 0:318 6 230 308 AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAJFqp2tiHmkKsyDTbryXNMQAAAAAmAAAAUABhAHMAcwB3AG8AcgBkACAARQBuAGMAcgBwAHQAaQBvAG4AAAADZgAAqAAAABAAAAB4zc1WOQi1O89gt9yPTPQaAAAAAASAAACgAAAAEAAAAO6jrhYFzep1GBjUEY3rhTU4AAAA5YMKvxhm7XLSGZafTPPYXG9eBTKtlwitIWhX4ZSgyEdO7yIatkBoZT2CCBEXfIlVT0tSjF47qTgUAAAA5ppQOjx3VeDh8ps3leGg9D+eSIs=
    Debug [5/24/2011 2:42:02 PM]
    Encrypted record data updated successfully
    Debug [5/24/2011 2:42:02 PM] Inside sgsladac destructor
    Debug [5/24/2011 2:42:02 PM] Password updation failed in child process+_
    Debug [5/24/2011 2:42:02 PM]
    About to UNBIND datastore after processing the Records
    Debug [5/24/2011 2:42:02 PM]
    Deleting datastore object pointer
    Thanks,
    M

    incorrect port number

  • Sync error using Desktop v. 6 - what does error message mean

    Desktop v6 returns error 0x8004fceb. What does that mean and how do I resolve it? Thank for your assistance.

    Apparently, the search method you used had certain limits.
    Please directly delete that file:
    1. Launch Terminal.app (/Applications/Utilities/Terminal.app)
    2. Enter (or copy&paste) the following command into the Terminal window and press Enter:
        sudo mv /usr/local/cuda/lib/libcuda.dylib /usr/local/cuda/lib/libcuda.backup.dylib
      The command must be entered in one line.
      After Enter is pressed, the system will ask to enter your admin account password.
    That should be it.
    Thank you,
    Vlad
    Its something to do with the CUDA drivers. Hope it helps this fixed mine
    si

  • Sync errors using ADDSync

    We are trying to get ADDSync to work with Office 365.
    servers: Windows 2012 r2
    Environment: ADDSYNC
    Cloud Service: Office 365
    Federated Domain Services are setup and working
    Our ADDsync (used to be dirsync) isn’t running properly anymore. We deleted a ton of test accounts, but some of them still existing only in the metaverse, they are gone in office365 and in our local ad. How do we get rid of them, they are getting sync-generic-failures.
    I've tried full sync on both connectors but each time it gives sync-generic-failure. How do I remove the item from the metasync. There are accounts about 1400 accounts that only exist in the metaverse. They are no longer in active directory or in the cloud.
    I've asked around the office 365 forum but no one seems to know how to get rid of the accounts from the metaverse.
    Thanks,
    Mike

    So If I get this right, you have orphan objects in MV. Not connected to anything.
    In that case, If they are only in MV, this is a way to do - not supported though AND NOT RECOMENDED - yet the only option sometimes.
    1. Back up the FIMSynchronizationService DB.
    2. Go to SQL Database FIMSynchronizationService and run a query
    "DELETE * From mms.metaverse where connector is NULL". Please check the syntax of the query as I am not 100% sure. Should be something along those lines.
    Run a select before deleting, to see if these are in fact the accounts your are looking for, due diligence, etc.
    Nosh Mernacaj, Identity Management Specialist

  • DirSync + PwdSync - Passwords not syncing, error 611 Unable to open connection to domain

    Hello Everyone.
    I've installed and configured DirSync with Password Sync (PwdSync) in a forest with 4 domains.
    I'm using the most recent DirSync installation at the date of this post, 6475.0007.
    The domain structure is
    Parent Domain
    - Child Domain 1
    -- 'Grand' Child Domain 1
    - Child Domain 2
    I am successfully syncing users from Child Domain 1 only. I'm using container filtering to sync only 1 selected OU at this stage while I'm testing before deployment.
    User's in the selected OU are syncing and AD details are correct. To filter out the domains I didn't want to sync, I had to create an empty OU in each domain and select to sync it. Also in each domain I had to create an account with the
    same username and password as the Enterprise account I set up for DirSync.
    I enabled Password Sync while using the Windows Azure Active Directory Configuration tool.
    After a full sync I receive a 611 error in the Application Log, source Directory Synchronization.
    Password synchronization failed for domain: child1.domain.com . Details:
    Microsoft.Online.PasswordSynchronization.SynchronizationManagerException: Unable to open connection to domain:
    child1.domain.com .
    Error: There was an error creating the connection context. ---> Microsoft.Online.PasswordSynchronization.DirectoryReplicationServices.DrsException: There was an error creating the connection context. --->
    Microsoft.Online.PasswordSynchronization.DirectoryReplicationServices.DrsSecurityException:
    RPC Error 5 : Access is denied. Error creating DRS context handle.
    It appears that it's not enough to tick the box to enable Password Sync.
    I got a successful sync only after I did the following:
    On the DirSync server, opened C:\Program Files\Windows Azure Active Directory Sync\DirSyncConfigShell.psc1
    Run the command Enable-MSOnlinePasswordSync
    Log in with the Enterprise Admin credentials for the forest
    Run the command Start-OnlineCoExistenceSync to begin a sync
    I verified the password sync worked successfully with my synced users.
    Maybe I missed something in the instructions but I only tried this after reading a blog post by Jethro Seghers. Thanks Jethro!

    Your 4 steps are essentially already included during the normal setup wizard process, with the exception of #3.  Because DirSync runs as a service, you logging in to windows as an enterprise admin is not required.  It is possible however that
    there were replication or other delays in your multi-domain environment. 
    Mike Crowley | MVP
    My Blog --
    Planet Technologies

  • AD Password Sync connector 9.1.1 With OIM 11g R2 - ERROR OVER SSL

    I have set up AD password sync with from AD to OIM 11G R2
    The password syncs from AD to OIM 11G R2 on non ssl port 389.
    But if fails on SSL Port 636.
    Errors in OIMMain.Log:_
    Debug [10/11/2012 10:49:34 AM] Inside ConnectToADSI
    Debug [10/11/2012 10:49:34 AM]
    ldap_connect failed with
    Debug [10/11/2012 10:49:34 AM] Server Down
    Debug [10/11/2012 10:49:34 AM]
    Steps Carried Out thus far:_
    AD is up and running.
    Configured AD Password Sync Connector on 636 and selected ssl.
    Created Certificate on OIM host, configured custom identity key store on weblogic. Restarted Weblogic.
    Imported Certificate to AD. After this, restarted the AD
    I can Telnet port 636 from OIM Box and also connect to AD through LDAP Browser on 636 and view OU and CN, so this seems fine.
    Provisioning from OIM through Connector Server to AD works over SSL and this works fine.
    Help would be appreciated.
    Many Thanks

    This question is now been fixed.
    Instead of explicitly stating 636 for SSL,
    Use the same port 389 for ssl and also configured oim port to be 140001 which is the ssl port for oim in the configuration of OIM Password Sync.
    Export Certificates from AD to java security keystore and to weblogic keystore
    Export .pem certificate created on OIM host machine to AD.
    Restart weblogic, oim and AD
    Everything would work fine.
    For all the other information, refer to doc.
    Thanks

  • Password Sync Connector Error 11gR2

    Hi all,
    I am using following products
    IDM 11.1.2.0,
    activedirectory-11.1.1.5.0 connector with Patch P14190610_111150_Generic.
    MSFT_PSync_91150 for Password Sync.
    Please let me know that AD Password Sync Connector 9.1.1.5 can be configured with OIM *11gR2* ?
    Because I am getting error *"Password updation failed in child process "* I have used the same connector with OIM 11.1.1.5.0 (11gR1) and it was working fine. do i need to make any changes / settings in the OIM for AD Resource also?
    Thanks

    thanks for your reply,
    Please can you help me on the following ....
    I have installed AD PasswordSync Connector 9.1.1.5.0 (MSFT_AD_PSync_9.1.1.5.0) with newly released patch MSFT_AD_PSync_9.1.1.5.6 (patch 14627510). I am getting error that Password updation failed in child process
    its not making any sence as the same connector was working fine with 11gR1. I have uninstalled and reconfigured the connector but no luck.
    Can you through some light on it?
    what i think that there is some communication issue between IDM and AD server, I have check the communication and found no issue. is it that SSL is compulsory for this connector although its not mentioned in any of the document.
    +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
    ebug [10/09/12 14:09:27] Inside sgsloidi::setParameters
    Debug [10/09/12 14:09:27] The SOAP start element is
    Debug [10/09/12 14:09:27] <processRequest xmlns=""><sOAPElement>
    Debug [10/09/12 14:09:27] The SOAP end element is
    Debug [10/09/12 14:09:27] </sOAPElement></processRequest>
    Debug [10/09/12 14:09:27] The path is
    Debug [10/09/12 14:09:27] /spmlws/OIMProvisioning
    Debug [10/09/12 14:09:27] End of sgsloidi::setParameters
    Debug [10/09/12 14:09:27] Begin function sgsloidi::queryADUserAttribute()
    Debug [10/09/12 14:09:27] Inside sgsladac c-tor
    Debug [10/09/12 14:09:27] AD Host
    Debug [10/09/12 14:09:27] 172.20.20.135
    Debug [10/09/12 14:09:27]
    Debug [10/09/12 14:09:27] AD Port
    Debug [10/09/12 14:09:27] 389
    Debug [10/09/12 14:09:27]
    Debug [10/09/12 14:09:27] AD Base DN
    Debug [10/09/12 14:09:27] DC=YYYt,DC=vvv,DC=www
    Debug [10/09/12 14:09:27]
    Debug [10/09/12 14:09:27] Inside ConnectToADSI
    Debug [10/09/12 14:09:27]
    ADSI Bind success full
    Debug [10/09/12 14:09:27] Begin function sgsladac::searchAttrValue()
    Debug [10/09/12 14:09:27] [Base DN : DC=yyy,DC=vvv,DC=www]; [Filter : (&(objectClass=user)(samAccountName=IDM005))]; [Attribute : samAccountName]
    Debug [10/09/12 14:09:27] Search success with one result.
    Debug [10/09/12 14:09:27] End function sgsladac::searchAttrValue()
    Debug [10/09/12 14:09:27] End function sgsloidi::queryADUserAttribute()
    Debug [10/09/12 14:09:27] Inside sgsladac destructor
    Debug [10/09/12 14:09:27] <env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/"><env:Header/><env:Body><env:Fault><faultcode>env:Client</faultcode><faultstring>Unknown method</faultstring></env:Fault></env:Body></env:Envelope>
    Debug [10/09/12 14:09:27] Inside sgsloidiOIMGeneralErrorHandler
    Debug [10/09/12 14:09:27] Unable to update IDM005. There are error messages in the searchReponse. Please check log for details
    Debug [10/09/12 14:09:27] Inside sgsladds::sgslperwriteData YOOOO
    Debug [10/09/12 14:09:27] Inside sgsladac c-tor
    Debug [10/09/12 14:09:27] AD Host
    Debug [10/09/12 14:09:27] 172.20.20.135
    Debug [10/09/12 14:09:27]
    Debug [10/09/12 14:09:27] AD Port
    Debug [10/09/12 14:09:27] 389
    Debug [10/09/12 14:09:27]
    Debug [10/09/12 14:09:27] AD Base DN
    Debug [10/09/12 14:09:27] DC=yyy,DC=vvv,DC=www
    Debug [10/09/12 14:09:27]
    Debug [10/09/12 14:09:27] Only dataattribute
    Debug [10/09/12 14:09:27] Got Registry enteries
    Debug [10/09/12 14:09:27] contact
    Debug [10/09/12 14:09:27] description
    Debug [10/09/12 14:09:27] Got Entiredn
    Debug [10/09/12 14:09:27] OU=oimpwdsyncmoetest.gov.kw,ou=OIMADPasswordSync,DC=yyy,DC=vv,DC=wwww
    Debug [10/09/12 14:09:27] Encrypted record already exists in Datastore
    Debug [10/09/12 14:09:27] Already Exists
    Debug [10/09/12 14:09:27] Encrypted record already exists in Datastore
    Debug [10/09/12 14:09:27] Already Exists
    Debug [10/09/12 14:09:27] Inside sgsladdsSearchUser
    Debug [10/09/12 14:09:27] Firing Search Request
    Debug [10/09/12 14:09:27] AD search for a user objectGUID is successfull
    Debug [10/09/12 14:09:27] Count success
    Debug [10/09/12 14:09:27] Search result fetched
    Debug [10/09/12 14:09:27] 0:430 6 314 420 AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAn+Kii3Krv0GOKE3aE8a/vwAAAAAmAAAAUABhAHMAcwB3AG8AcgBkACAARQBuAGMAcgBwAHQAaQBvAG4AAAAQZgAAAAEAACAAAADVc9Vqwy5JzRFSKTMKlZcowXUmtY/Giw1nYgIz01HZQgAAAAAOgAAAAAIAACAAAADnr10j8OQlKm35BMRt7yKNNQYNeR2JRPMQrlWheBs3XUAAAAB6it/wjG20tJgo5T9euni2Jldb/agmY5RDsoKVpvLnHAkptSd4OUIIaysGAWkqfv9iK69FtzUuh+DcmgkdSLtOQAAAAGMpkx8yFJaKXwnzoCZyElCZbrzdg5f3GNj+S56lk4/UpVij9hFk5VeysObVw21NClzmGnuiBRtO+WF+LzChEUM=
    Debug [10/09/12 14:09:27] --------------------&&&----------------
    Debug [10/09/12 14:09:27] Inside sgsladds::sgsladdsgetData NEW Look
    Debug [10/09/12 14:09:27] 0:430 6 314 420 AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAn+Kii3Krv0GOKE3aE8a/vwAAAAAmAAAAUABhAHMAcwB3AG8AcgBkACAARQBuAGMAcgBwAHQAaQBvAG4AAAAQZgAAAAEAACAAAADVc9Vqwy5JzRFSKTMKlZcowXUmtY/Giw1nYgIz01HZQgAAAAAOgAAAAAIAACAAAADnr10j8OQlKm35BMRt7yKNNQYNeR2JRPMQrlWheBs3XUAAAAB6it/wjG20tJgo5T9euni2Jldb/agmY5RDsoKVpvLnHAkptSd4OUIIaysGAWkqfv9iK69FtzUuh+DcmgkdSLtOQAAAAGMpkx8yFJaKXwnzoCZyElCZbrzdg5f3GNj+S56lk4/UpVij9hFk5VeysObVw21NClzmGnuiBRtO+WF+LzChEUM=
    Debug [10/09/12 14:09:27] Encoded Data Extracted in sgsladdsgetData
    Debug [10/09/12 14:09:27] 430 6 314 420 AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAn+Kii3Krv0GOKE3aE8a/vwAAAAAmAAAAUABhAHMAcwB3AG8AcgBkACAARQBuAGMAcgBwAHQAaQBvAG4AAAAQZgAAAAEAACAAAADVc9Vqwy5JzRFSKTMKlZcowXUmtY/Giw1nYgIz01HZQgAAAAAOgAAAAAIAACAAAADnr10j8OQlKm35BMRt7yKNNQYNeR2JRPMQrlWheBs3XUAAAAB6it/wjG20tJgo5T9euni2Jldb/agmY5RDsoKVpvLnHAkptSd4OUIIaysGAWkqfv9iK69FtzUuh+DcmgkdSLtOQAAAAGMpkx8yFJaKXwnzoCZyElCZbrzdg5f3GNj+S56lk4/UpVij9hFk5VeysObVw21NClzmGnuiBRtO+WF+LzChEUM=
    Debug [10/09/12 14:09:27] Moving out sgsladdsgetData
    Debug [10/09/12 14:09:27] Encoded Data Extracted
    Debug [10/09/12 14:09:27] 430 6 314 420 AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAn+Kii3Krv0GOKE3aE8a/vwAAAAAmAAAAUABhAHMAcwB3AG8AcgBkACAARQBuAGMAcgBwAHQAaQBvAG4AAAAQZgAAAAEAACAAAADVc9Vqwy5JzRFSKTMKlZcowXUmtY/Giw1nYgIz01HZQgAAAAAOgAAAAAIAACAAAADnr10j8OQlKm35BMRt7yKNNQYNeR2JRPMQrlWheBs3XUAAAAB6it/wjG20tJgo5T9euni2Jldb/agmY5RDsoKVpvLnHAkptSd4OUIIaysGAWkqfv9iK69FtzUuh+DcmgkdSLtOQAAAAGMpkx8yFJaKXwnzoCZyElCZbrzdg5f3GNj+S56lk4/UpVij9hFk5VeysObVw21NClzmGnuiBRtO+WF+LzChEUM=
    Debug [10/09/12 14:09:27] Incrementing the MAX_RETRY LIMIT:
    Debug [10/09/12 14:09:27] 1
    Debug [10/09/12 14:09:27] numretries ======
    Debug [10/09/12 14:09:27] 1
    Debug [10/09/12 14:09:27] Inside sgslcodsupdateChild
    Debug [10/09/12 14:09:27] 1:430 6 314 420 AQAAANCMnd8BFdERjHoAwE/Cl+sBAAAAn+Kii3Krv0GOKE3aE8a/vwAAAAAmAAAAUABhAHMAcwB3AG8AcgBkACAARQBuAGMAcgBwAHQAaQBvAG4AAAAQZgAAAAEAACAAAADVc9Vqwy5JzRFSKTMKlZcowXUmtY/Giw1nYgIz01HZQgAAAAAOgAAAAAIAACAAAADnr10j8OQlKm35BMRt7yKNNQYNeR2JRPMQrlWheBs3XUAAAAB6it/wjG20tJgo5T9euni2Jldb/agmY5RDsoKVpvLnHAkptSd4OUIIaysGAWkqfv9iK69FtzUuh+DcmgkdSLtOQAAAAGMpkx8yFJaKXwnzoCZyElCZbrzdg5f3GNj+S56lk4/UpVij9hFk5VeysObVw21NClzmGnuiBRtO+WF+LzChEUM=
    Debug [10/09/12 14:09:27]
    Encrypted record data updated successfully
    Debug [10/09/12 14:09:27] Inside sgsladac destructor
    Debug [10/09/12 14:09:27] End of sgsloidiOIMGeneralErrorHandler
    Debug [10/09/12 14:09:27] Password updation failed in child process
    Debug [10/09/12 14:09:27]
    Relaxing while processing records from datastore
    Debug [10/09/12 14:09:29]
    About to UNBIND datastore after processing the Records
    Debug [10/09/12 14:09:29]
    Deleting datastore object pointer
    Debug [10/09/12 14:09:30] Datastore --- Connect to AD
    Debug [10/09/12 14:09:30]

  • Password Sync using Waveset

    Hello All,
    I am trying use the password sync util which is part of the Identity Manager aka Waveset Lighthouse to capture the password changes on Active Directory and pass it to an LDAP server.
    It intercepts the password change on the Active Directory side but then throws the following error
    Can not create the object of the CLSID_IDMgrClient! CoCreateInstance: 0X80040154: , , Class not registered
    02/02/2005 16.54.57.547000 [2068] (../../../../src/wps/passwordsync/service/pwicsvc.cpp,321): Exit: GetClient
    02/02/2005 16.54.57.547000 [2068] (../../../../src/wps/passwordsync/service/pwicsvc.cpp,450): **ERROR: Failed to get soap client.
    02/02/2005 16.54.57.547000 [2068] (../../../../src/wps/passwordsync/service/pwicsvc.cpp,402): Waiting for client.Requests Processed: 1 failures: 0
    The AD is on a Windows 2003.
    Has anyone tried to use the password sync util, if so can you tell me what I am doing wrong?
    Thank you
    Cheers
    Vamsi

    Hi..
    Here is what I have done.. and the error log
    I have upgraded Sun IDM 5.0 to SP3 and also installed PwSync with .NET 1.1. That went fine. I have also gone through the registry, and changed the 'tracelevel' attribute to level 4.
    Now here are the questions-
    1) No where I could see the two parameters, 'passwordSyncThreshold' and 'passwordSyncExcludeList' , to which according to the .pdf we have to set. So from where I should set those parameter's values?
    2) Some times I get the trace file with errors like ---
    07/20/2005 17.46.18.232000 [1940] (../../../src/wps/passwordsync/WSTrace.cpp,150): trace active, level: 4, file: C:\Program Files\Sun\Identity Manager\PasswordSync\pwicsvc.log, maxSize: 10000 KB
    07/20/2005 17.46.18.232000 [1940] (../../../src/wps/passwordsync/WSTrace.cpp,109): In WSTrace::init()
    07/20/2005 17.46.18.232000 [1940] (../../../src/wps/passwordsync/WSTrace.cpp,110): Version: 'Sun Identity Manager 5.0 (20041020 SP 2)'
    07/20/2005 17.46.18.232000 [1940] (../../../../src/wps/passwordsync/service/pwicsvc.cpp,594): Enter: ReadRegisterySettings
    07/20/2005 17.46.18.232000 [1940] (../../../../src/wps/passwordsync/service/pwicsvc.cpp,637): Error reading USE_SSL from registry.
    07/20/2005 17.46.18.232000 [1940] (../../../../src/wps/passwordsync/service/pwicsvc.cpp,666): Proxy Port: 8080
    07/20/2005 17.46.18.232000 [1940] (../../../../src/wps/passwordsync/service/pwicsvc.cpp,751): Error reading SecurityFlags from registry.
    07/20/2005 17.46.18.232000 [1940] (../../../../src/wps/passwordsync/service/pwicsvc.cpp,763): Error reading ConnectionFlags from registry.
    07/20/2005 17.46.18.242000 [1940] (../../../../src/wps/passwordsync/service/pwicsvc.cpp,779): Exit: ReadRegisterySettings
    07/20/2005 17.46.18.252000 [1940] (../../../../src/wps/passwordsync/service/pwicsvc.cpp,511): WINVER: Windows Active Directory
    07/20/2005 17.46.18.262000 [1940] (../../../../src/wps/passwordsync/service/pwicsvc.cpp,557): Service::svc
    07/20/2005 17.46.18.272000 [1940] (../../../../src/wps/passwordsync/service/pwicsvc.cpp,374): Enter: waitForIntercepts
    07/20/2005 17.46.18.282000 [1940] (../../../../src/wps/passwordsync/service/pwicsvc.cpp,402): Waiting for client.Requests Processed: 0 failures: 0
    4) And some times :
    after registering DotNetWrapper.DLL file manually i get this trace..
    read from pipe
    Request: TSALL2600J238DMKGK2JDJJ2
    Getting new soap client
    Enter: GetClient
    Soap client created.
    Client timesout: 10000
    Proxy Server not specified.
    Endpont URL: http://10.0.0.10:8080/idm/servlet/rpcrouter2
    SSL Disabled
    RAEncryptor: Decrypt3DES :Input length (16) moded to 2
    Login failed error code: -2147221164 (I am giving Username : configurator, passwd: configurator)
    Disassemblling Client
    Exit : Get Client
    "ERROR: Failed to get soap client
    Waiting for client. Request proccessed : 1 Failure: 0
    Am I going wrong somewhere...
    Plz help me to overcome he problem..
    Thanking You in advance...

  • Error in installing the Password Sync connector

    Hello friends,
    I am installing the Active Directory Connector Password Sync on the domain controller, these are the results of the installation log. Any suggestions to solve the problem. thanks
    (Oct 14, 2011 9:08:39 AM), Install, com.installshield.wizard.platform.win32.Win32PPKRegistryServiceImpl, dbg.registry, reading VPD from C:\WINDOWS\vpd.properties
    (Oct 14, 2011 10:11:33 AM), Install, com.oracle.installshield.adpwd.getAttributeVal, dbg, defaultNamingContext
    (Oct 14, 2011 10:11:33 AM), Install, com.oracle.installshield.adpwd.getAttributeVal, err, [LDAP: error code 1 - 00000000: LdapErr: DSID-0C090627, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, vece ]
    (Oct 14, 2011 10:11:33 AM), Install, com.oracle.installshield.adpwd.getDomainName, dbg, dnsHostName
    (Oct 14, 2011 10:11:33 AM), Install, com.oracle.installshield.adpwd.getDomainName, err, [LDAP: error code 1 - 00000000: LdapErr: DSID-0C090627, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, vece ]
    (Oct 14, 2011 10:27:06 AM), Install, com.oracle.installshield.adpwd.pathValidator, err, could not create directory D:\$P(absoluteInstallLocation)
    (Oct 14, 2011 10:28:16 AM), Install, com.oracle.installshield.adpwd.pathValidator, err, could not create directory D:\$P(absoluteInstallLocation)
    (Oct 14, 2011 10:28:34 AM), Install, com.oracle.installshield.adpwd.pathValidator, err, could not create directory D:\$P(absoluteInstallLocation)
    (Oct 14, 2011 10:28:46 AM), Install, com.oracle.installshield.adpwd.pathValidator, err, could not create directory D:\$P(absoluteInstallLocation)
    (Oct 14, 2011 10:29:09 AM), Install, com.oracle.installshield.adpwd.pathValidator, dbg, C:\Progra~1\oracle\OIMADPasswordSync\Logs Directory already exists
    (Oct 14, 2011 10:30:07 AM), Install, com.oracle.installshield.adpwd.pathValidator, dbg, C:\Progra~1\oracle\OIMADPasswordSync\Logs Directory already exists
    (Oct 14, 2011 10:41:49 AM), Install, com.installshield.wizard.platform.win32.Win32JVMServiceImpl, dbg.jvm, calculating size from directory C:\DOCUME~1\user\LOCALS~1\Temp\LRE1.tmp
    (Oct 14, 2011 10:41:49 AM), Install, com.installshield.wizard.platform.win32.Win32JVMServiceImpl, dbg.jvm, calculating size from directory C:\DOCUME~1\user\LOCALS~1\Temp\LRE1.tmp
    (Oct 14, 2011 10:41:58 AM), Install, com.installshield.product.actions.UninstallerJVMResolution, dbg.jvm, attempting to use the current JVM
    (Oct 14, 2011 10:41:58 AM), Install, com.installshield.product.actions.UninstallerJVMResolution, dbg.jvm, copying the current JVM
    (Oct 14, 2011 10:41:58 AM), Install, com.installshield.wizard.platform.win32.Win32JVMServiceImpl, dbg.jvm, copying directory C:\DOCUME~1\user\LOCALS~1\Temp\LRE1.tmp to C:\Program Files\oracle\OIMADPasswordSync\_jvm
    (Oct 14, 2011 10:42:03 AM), Install, com.installshield.wizard.platform.win32.Win32JVMServiceImpl, dbg.jvm, JVM_HOME = C:\Program Files\oracle\OIMADPasswordSync\_jvm
    (Oct 14, 2011 10:42:03 AM), Install, com.installshield.wizard.platform.win32.Win32ProductServiceImpl, dbg.install, JVM memory before installing Files (files): free=16516032 total=20971520
    (Oct 14, 2011 10:42:03 AM), Install, com.installshield.wizard.platform.win32.Win32ProductServiceImpl, msg1, installing Files (files)
    (Oct 14, 2011 10:42:03 AM), Install, com.installshield.wizard.platform.win32.Win32ProductServiceImpl, dbg.install, JVM memory after installing Files (files): free=16258032 total=20971520
    (Oct 14, 2011 10:42:03 AM), Install, com.installshield.wizard.platform.win32.Win32ProductServiceImpl, dbg.install, JVM memory before installing Files (dlls): free=16241712 total=20971520
    (Oct 14, 2011 10:42:03 AM), Install, com.installshield.wizard.platform.win32.Win32ProductServiceImpl, msg1, installing Files (dlls)
    (Oct 14, 2011 10:42:03 AM), Install, com.installshield.wizard.platform.win32.Win32ProductServiceImpl, dbg.install, JVM memory after installing Files (dlls): free=17534280 total=20971520
    (Oct 14, 2011 10:42:03 AM), Install, com.installshield.wizard.platform.win32.Win32ProductServiceImpl, dbg.install, JVM memory before installing Win32 Registry Update (registryUpdate): free=17517840 total=20971520
    (Oct 14, 2011 10:42:03 AM), Install, com.installshield.wizard.platform.win32.Win32ProductServiceImpl, msg1, installing Win32 Registry Update (registryUpdate)
    (Oct 14, 2011 10:42:03 AM), Install, com.installshield.wizard.platform.win32.Win32ProductServiceImpl, dbg.install, JVM memory after installing Win32 Registry Update (registryUpdate): free=16909032 total=20971520
    (Oct 14, 2011 10:42:03 AM), Install, com.installshield.wizard.platform.win32.Win32ProductServiceImpl, dbg.install, JVM memory before installing Create Directory (createLogDir): free=16892816 total=20971520
    (Oct 14, 2011 10:42:03 AM), Install, com.installshield.wizard.platform.win32.Win32ProductServiceImpl, msg1, installing Create Directory (createLogDir)
    (Oct 14, 2011 10:42:03 AM), Install, com.installshield.wizard.platform.win32.Win32ProductServiceImpl, dbg.install, JVM memory after installing Create Directory (createLogDir): free=16838120 total=20971520
    (Oct 14, 2011 10:42:03 AM), Install, com.installshield.wizard.platform.win32.Win32PPKRegistryServiceImpl, dbg.registry, writing VPD to C:\WINDOWS\vpd.properties
    (Oct 14, 2011 10:42:06 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, Reading in ASCII file C:\Program Files\oracle\OIMADPasswordSync\prepAD.ldif.
    (Oct 14, 2011 10:42:06 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, /REPLACE TEXT: orclpwfbasedn ON LINE: 7/
    (Oct 14, 2011 10:42:06 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, ou: oimpwdsyncdomain.inet
    (Oct 14, 2011 10:42:06 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, /REPLACE TEXT: orclpwfbasedn ON LINE: 5/
    (Oct 14, 2011 10:42:06 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, name: oimpwdsyncdomain.inet
    (Oct 14, 2011 10:42:06 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, /REPLACE TEXT: orclpwfbasedn ON LINE: 3/
    (Oct 14, 2011 10:42:06 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, OU=oimpwdsyncdomain.inet,persistentstore,domaindn
    (Oct 14, 2011 10:42:06 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, /REPLACE TEXT: orclpwfbasedn ON LINE: 0/
    (Oct 14, 2011 10:42:06 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, dn: OU=oimpwdsyncdomain.inet,persistentstore,domaindn
    (Oct 14, 2011 10:42:06 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, /REPLACE TEXT: domaindn ON LINE: 3/
    (Oct 14, 2011 10:42:06 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, OU=oimpwdsyncdomain.inet,persistentstore,DC=domain,DC=inet
    (Oct 14, 2011 10:42:06 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, /REPLACE TEXT: domaindn ON LINE: 0/
    (Oct 14, 2011 10:42:06 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, dn: OU=oimpwdsyncdomain.inet,persistentstore,DC=domain,DC=inet
    (Oct 14, 2011 10:42:06 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, /REPLACE TEXT: persistentstore ON LINE: 3/
    (Oct 14, 2011 10:42:06 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, OU=oimpwdsyncdomain.inet,ou=IDM-quota,DC=domain,DC=inet
    (Oct 14, 2011 10:42:06 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, /REPLACE TEXT: persistentstore ON LINE: 0/
    (Oct 14, 2011 10:42:06 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, dn: OU=oimpwdsyncdomain.inet,ou=IDM-quota,DC=domain,DC=inet
    (Oct 14, 2011 10:42:06 AM), Install, com.oracle.installshield.adpwd.ldapModify, err, in Create the initial directory context
    (Oct 14, 2011 10:42:06 AM), Install, com.oracle.installshield.adpwd.ldapModify, err, Request: 1 cancelled
    (Oct 14, 2011 10:42:06 AM), Install, com.oracle.installshield.adpwd.ldapModify, dbg, C:\Program Files\oracle\OIMADPasswordSync\prepAD.ldif
    (Oct 14, 2011 10:42:06 AM), Install, com.oracle.installshield.adpwd.ldapModify, err, gen exp
    (Oct 14, 2011 10:42:06 AM), Install, com.oracle.installshield.adpwd.ldapModify, err, null
    (Oct 14, 2011 10:55:13 AM), Install, com.installshield.wizard.platform.win32.Win32PPKRegistryServiceImpl, dbg.registry, reading VPD from C:\WINDOWS\vpd.properties
    (Oct 14, 2011 10:55:23 AM), Install, com.oracle.installshield.adpwd.getAttributeVal, dbg, defaultNamingContext
    (Oct 14, 2011 10:55:24 AM), Install, com.oracle.installshield.adpwd.getAttributeVal, err, [LDAP: error code 1 - 00000000: LdapErr: DSID-0C090627, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, vece ]
    (Oct 14, 2011 10:55:24 AM), Install, com.oracle.installshield.adpwd.getDomainName, dbg, dnsHostName
    (Oct 14, 2011 10:55:24 AM), Install, com.oracle.installshield.adpwd.getDomainName, err, [LDAP: error code 1 - 00000000: LdapErr: DSID-0C090627, comment: In order to perform this operation a successful bind must be completed on the connection., data 0, vece ]
    (Oct 14, 2011 10:57:21 AM), Install, com.oracle.installshield.adpwd.pathValidator, err, could not create directory D:\$P(absoluteInstallLocation)
    (Oct 14, 2011 10:57:38 AM), Install, com.oracle.installshield.adpwd.pathValidator, dbg, C:\Progra~1\oracle\OIMADPasswordSync\Logs Directory already exists
    (Oct 14, 2011 11:00:18 AM), Install, com.installshield.wizard.platform.win32.Win32JVMServiceImpl, dbg.jvm, calculating size from directory C:\DOCUME~1\user\LOCALS~1\Temp\LRE3.tmp
    (Oct 14, 2011 11:00:19 AM), Install, com.installshield.wizard.platform.win32.Win32JVMServiceImpl, dbg.jvm, calculating size from directory C:\DOCUME~1\user\LOCALS~1\Temp\LRE3.tmp
    (Oct 14, 2011 11:00:21 AM), Install, com.installshield.product.actions.UninstallerJVMResolution, dbg.jvm, attempting to use the current JVM
    (Oct 14, 2011 11:00:31 AM), Install, com.installshield.product.actions.UninstallerJVMResolution, dbg.jvm, copying the current JVM
    (Oct 14, 2011 11:00:31 AM), Install, com.installshield.wizard.platform.win32.Win32JVMServiceImpl, dbg.jvm, copying directory C:\DOCUME~1\user\LOCALS~1\Temp\LRE3.tmp to C:\Program Files\oracle\OIMADPasswordSync\_jvm
    (Oct 14, 2011 11:00:35 AM), Install, com.installshield.wizard.platform.win32.Win32JVMServiceImpl, dbg.jvm, JVM_HOME = C:\Program Files\oracle\OIMADPasswordSync\_jvm
    (Oct 14, 2011 11:00:35 AM), Install, com.installshield.wizard.platform.win32.Win32ProductServiceImpl, dbg.install, JVM memory before installing Files (files): free=17418496 total=20971520
    (Oct 14, 2011 11:00:35 AM), Install, com.installshield.wizard.platform.win32.Win32ProductServiceImpl, msg1, installing Files (files)
    (Oct 14, 2011 11:00:35 AM), Install, com.installshield.wizard.platform.win32.Win32ProductServiceImpl, dbg.install, JVM memory after installing Files (files): free=17160072 total=20971520
    (Oct 14, 2011 11:00:35 AM), Install, com.installshield.wizard.platform.win32.Win32ProductServiceImpl, dbg.install, JVM memory before installing Files (dlls): free=17125832 total=20971520
    (Oct 14, 2011 11:00:35 AM), Install, com.installshield.wizard.platform.win32.Win32ProductServiceImpl, msg1, installing Files (dlls)
    (Oct 14, 2011 11:00:36 AM), Install, com.installshield.wizard.platform.win32.Win32ProductServiceImpl, dbg.install, JVM memory after installing Files (dlls): free=17012768 total=20971520
    (Oct 14, 2011 11:00:36 AM), Install, com.installshield.wizard.platform.win32.Win32ProductServiceImpl, dbg.install, JVM memory before installing Win32 Registry Update (registryUpdate): free=16996328 total=20971520
    (Oct 14, 2011 11:00:36 AM), Install, com.installshield.wizard.platform.win32.Win32ProductServiceImpl, msg1, installing Win32 Registry Update (registryUpdate)
    (Oct 14, 2011 11:00:36 AM), Install, com.installshield.wizard.platform.win32.Win32ProductServiceImpl, dbg.install, JVM memory after installing Win32 Registry Update (registryUpdate): free=16365640 total=20971520
    (Oct 14, 2011 11:00:36 AM), Install, com.installshield.wizard.platform.win32.Win32ProductServiceImpl, dbg.install, JVM memory before installing Create Directory (createLogDir): free=16349424 total=20971520
    (Oct 14, 2011 11:00:36 AM), Install, com.installshield.wizard.platform.win32.Win32ProductServiceImpl, msg1, installing Create Directory (createLogDir)
    (Oct 14, 2011 11:00:36 AM), Install, com.installshield.wizard.platform.win32.Win32ProductServiceImpl, dbg.install, JVM memory after installing Create Directory (createLogDir): free=16294688 total=20971520
    (Oct 14, 2011 11:00:36 AM), Install, com.installshield.wizard.platform.win32.Win32PPKRegistryServiceImpl, dbg.registry, writing VPD to C:\WINDOWS\vpd.properties
    (Oct 14, 2011 11:00:39 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, Reading in ASCII file C:\Program Files\oracle\OIMADPasswordSync\prepAD.ldif.
    (Oct 14, 2011 11:00:39 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, /REPLACE TEXT: orclpwfbasedn ON LINE: 7/
    (Oct 14, 2011 11:00:39 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, ou: oimpwdsyncdomain.inet
    (Oct 14, 2011 11:00:39 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, /REPLACE TEXT: orclpwfbasedn ON LINE: 5/
    (Oct 14, 2011 11:00:39 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, name: oimpwdsyncdomain.inet
    (Oct 14, 2011 11:00:39 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, /REPLACE TEXT: orclpwfbasedn ON LINE: 3/
    (Oct 14, 2011 11:00:39 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, OU=oimpwdsyncdomain.inet,persistentstore,domaindn
    (Oct 14, 2011 11:00:39 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, /REPLACE TEXT: orclpwfbasedn ON LINE: 0/
    (Oct 14, 2011 11:00:39 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, dn: OU=oimpwdsyncdomain.inet,persistentstore,domaindn
    (Oct 14, 2011 11:00:39 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, /REPLACE TEXT: domaindn ON LINE: 3/
    (Oct 14, 2011 11:00:39 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, OU=oimpwdsyncdomain.inet,persistentstore,DC=domain,DC=inet
    (Oct 14, 2011 11:00:39 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, /REPLACE TEXT: domaindn ON LINE: 0/
    (Oct 14, 2011 11:00:39 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, dn: OU=oimpwdsyncdomain.inet,persistentstore,DC=domain,DC=inet
    (Oct 14, 2011 11:00:39 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, /REPLACE TEXT: persistentstore ON LINE: 3/
    (Oct 14, 2011 11:00:39 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, OU=oimpwdsyncdomain.inet,ou=storepersistent,DC=domain,DC=inet
    (Oct 14, 2011 11:00:39 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, /REPLACE TEXT: persistentstore ON LINE: 0/
    (Oct 14, 2011 11:00:39 AM), Install, com.installshield.wizardx.ascii.ModifyFile, msg2, dn: OU=oimpwdsyncdomain.inet,ou=storepersistent,DC=domain,DC=inet
    (Oct 14, 2011 11:00:41 AM), Install, com.oracle.installshield.adpwd.ldapModify, err, in Create the initial directory context
    (Oct 14, 2011 11:00:41 AM), Install, com.oracle.installshield.adpwd.ldapModify, err, Request: 1 cancelled
    (Oct 14, 2011 11:00:41 AM), Install, com.oracle.installshield.adpwd.ldapModify, dbg, C:\Program Files\oracle\OIMADPasswordSync\prepAD.ldif
    (Oct 14, 2011 11:00:41 AM), Install, com.oracle.installshield.adpwd.ldapModify, err, gen exp
    (Oct 14, 2011 11:00:41 AM), Install, com.oracle.installshield.adpwd.ldapModify, err, null

    This is the contents of prepAD.ldif
    dn: OU=oimpwdsyncdomain.inet,ou=IDM,DC=domain,DC=inet
    changetype: add
    distinguishedName:
    OU=oimpwdsyncdomain.inet,ou=IDM,DC=domain,DC=inet
    instanceType: 4
    name: oimpwdsyncdomain.inet
    objectClass: organizationalUnit
    ou: oimpwdsyncdomain.inet
    Result of manual execution of this file
    C:\Program Files\oracle\OIMADPasswordSync>ldifde -i -f prepAD.ldif
    Connecting to "SERVER.DOMAIN.INET"
    Logging in as current user using SSPI
    Importing directory from file "prepAD.ldif"
    Loading entries.
    Add error on line 1: No Such Object
    The server side error is "Directory object not found."
    0 entries modified successfully.
    An error has occurred in the program
    No log files were written. In order to generate a log file, please
    specify the log file path via the -j option.
    Friends, any suggestions for the solution of this case
    Thanks.

  • Error while trying to provision OIM user to Active Directory using SSL

    Hi All,
    I am able to see the users through LDAP browser using SSL but am getting the following error while trying to provision OIM users to AD using SSL.
    I am using Microsoft Active Directory connector type 9.11.
    Response: Connection Error encountered
    Response Description: Error encountered while connecting to target system
    I did some testing using "Diagnostic Dashboard" and the following are the results.
    Test Name: Target System SSL Trust Verification: Passed
    Test Name: Test Basic Connectivity: Failed
    Exceptions:
    ITResource information values are not correct. Enter the correct values.
    java.lang.reflect.InvocationTargetException
    javax.naming.CommunicationException: simple bind failed:
    unable to find valid certification path to requested target.Test Name: Test Provisioning:Failed
    Note: Without SLL all the above tests got Passed.
    Can anybody help me out from this issue.
    Thanks in advance.
    Pradeep Kumar.

    I am able to connect to AD using 636 port number from LDAP browser and as the following test got Passed i think that my certificatee should be correct.
    Test Name: Target System SSL Trust Verification.
    Input Parameters
    Target System: idm.orademo.com
    Port: 636 Certificate Store
    Location: /usr/java/jdk1.6.0_14/jre/lib/security/cacerts
    Result : Passed
    ITResource Values:
    ADAM LockoutThreshold Value     
    ADGroup LookUp Definition     Lookup.ADReconciliation.GroupLookup
    Admin FQDN     cn=Administrator,cn=Users,dc=orademo,dc=com
    Admin Password     *******
    Allow Password Provisioning     yes
    AtMap ADGroup     AtMap.ADGroup
    AtMap ADUser     AtMap.AD
    Invert Display Name     no
    Port Number     636
    Remote Manager Prov Lookup     AtMap.AD.RemoteScriptlookUp
    Remote Manager Prov Script Path     
    Root Context     dc=orademo,dc=com
    Server Address     idm.orademo.com
    Target Locale: TimeZone     GMT
    UPN Domain     orademo.com
    Use SSL     yes
    isADAM     no
    isLookupDN     no
    isUserDeleteLeafNode     no
    Thansk & Regards,
    Pradeep Kumar.

  • Connecting Using SSL Authentication Without Username and Password

    Hi,
    We're on RedHat Linux 4.0 using 10.2.0.3 (server/client). We're trying to figure out a way to connect to the database using instantclient and JDBC-OCI and SSL authentication without using a username or password. According to the documentation this should be possible but no sample code is given.
    LD_LIBRARY_PATH is set /opt/app/oracle/product/10.2.0/db_1/lib:/usr/lib:/home/oracle/instantclient where the instantclient was installed from the 10.2.0.1 client software
    and we are using JDK version 1.6.0_03.
    We're also referencing the following paper:
    http://www.oracle.com/technology/tech/java/sqlj_jdbc/pdf/wp-oracle-jdbc_thin_ssl_2007.pdf
    We've got our client and server wallets configured and the sample code we tried looks like this:
    import java.sql.*;
    import java.sql.*;
    import java.io.*;
    import java.util.*;
    import oracle.net.ns.*;
    import oracle.net.ano.*;
    import oracle.jdbc.*;
    import oracle.jdbc.pool.*;
    import java.security.*;
    import oracle.jdbc.pool.OracleDataSource;
    public static void main(String[] argv) throws Exception {
    DriverManager.registerDriver(new oracle.jdbc.driver.OracleDriver());
    Security.addProvider(new oracle.security.pki.OraclePKIProvider());
    System.setProperty("oracle.net.tns_admin", "/opt/app/oracle/product/10.2.0/db_1/network/admin");
    String url = "jdbc:oracle:thin:@orcl";
    java.util.Properties props = new java.util.Properties();
    props.setProperty("oracle.net.authentication_services","(TCPS)");
    props.setProperty("javax.net.ssl.trustStore",
    "/opt/app/oracle/product/10.2.0/db_1/admin/wallet/server/cwallet.sso");
    props.setProperty("javax.net.ssl.trustStoreType","SSO");
    props.setProperty("javax.net.ssl.keyStore", "/opt/app/oracle/product/10.2.0/db_1/admin/wallet/client/cwallet.sso");
    props.setProperty("javax.net.ssl.keyStoreType","SSO");
    props.put ("oracle.net.ssl_version","3.0");
    props.put ("oracle.net.wallet_location", "(SOURCE=(METHOD=file)(METHOD_DATA=(DIRECTORY=/opt/app/oracle/product/10.2.0/db_1/admin/wallet/client)))");
    System.out.println("At Here...");
    OracleDataSource ods = new OracleDataSource();
    //ods.setUser("scott");
    //ods.setPassword("tiger");
    ods.setURL(url);
    ods.setConnectionProperties(props);
    System.out.println("At Here1...");
    Connection conn = ods.getConnection();
    System.out.println("At Here2...");
    Statement stmt = conn.createStatement();
    ResultSet rset = stmt.executeQuery("select 'Hello Thin driver SSL "
    + "tester ' from dual");
    while (rset.next())
    System.out.println(rset.getString(1));
    rset.close();
    stmt.close();
    conn.close();
    When this code is compiled and run, the following error is thrown:
    Exception in thread "main" java.sql.SQLException: invalid arguments in call
    at oracle.jdbc.driver.DatabaseError.throwSqlException(DatabaseError.java:112)
    If a username and password is supplied, the code works. So does anyone have a working of using SSL to authenticate without supplying username/password?
    Thanks
    mohammed

    Hi,
    I just solved this. I noticed from another thread that I was not using the OCI driver (see below):
    String url = "jdbc:oracle:thin:@pki14";
    Once I changed it to:
    String url = "jdbc:oracle:oci:@pki14";
    The code worked perfectly. One more setting that you'll have to do is to create the user you want to connect as externally:
    create user scott identified externally as
    'CN=acme, OU=development, O=acme, C=US';
    grant connect,create session to scott;
    Note that the DN should be the same as the SSL certificate that you created in your wallet.
    hth
    mohammed

Maybe you are looking for