Hi, I could see secondary domain and AD users with following config. But that config contains some properties with spaces. isn't this something we need to fix?
<UserStoreManager class="org.wso2.carbon.user.core.ldap.ActiveDirectoryUserStoreManager"> <Property name="defaultRealmName">WSO2.ORG</Property> <Property name="Disabled">false</Property> * <Property name="Diabled">false</Property>* <Property name="kdcEnabled">false</Property> <Property name="ConnectionName">CN=Administrator,CN=Users,DC=wso2,DC=test</Property> * <Property name="Connection Name">CN=Administrator,CN=Users,DC=wso2,DC=test</Property>* <Property name="ConnectionURL">ldaps://192.168.18.13:636</Property> *<Property name="Connection URL">ldaps://192.168.18.13:636 <http://192.168.18.13:636></Property>* <Property name="ConnectionPassword">pass#word2</Property> * <Property name="Connection Password">pass#word2</Property>* <Property name="UserSearchBase">CN=Users,DC=wso2,DC=test</Property> * <Property name="User Search Base">CN=Users,DC=wso2,DC=test</Property>* <Property name="passwordHashMethod">PLAIN_TEXT</Property> * <Property name="User Search Filter">(&(objectClass=user)(cn=?))</Property> <Property name="User Object Class">(objectClass=user)</Property> <Property name="User Entry Object Class">user</Property>* <Property name="UserEntryObjectClass">user</Property> <Property name="UserNameAttribute">cn</Property> * <Property name="Username Attribute">cn</Property>* <Property name="isADLDSRole">false</Property> <Property name="userAccountControl">512</Property> <Property name="UserNameListFilter">(objectClass=user)</Property> <Property name="UserNameSearchFilter">(&(objectClass=user)(cn=?))</Property> <Property name="UsernameJavaRegEx">[a-zA-Z0-9._-|//]{3,30}$</Property> <Property name="UsernameJavaScriptRegEx">^[\S]{3,30}$</Property> <Property name="PasswordJavaScriptRegEx">^[\S]{5,30}$</Property> <Property name="RolenameJavaScriptRegEx">^[\S]{3,30}$</Property> <Property name="RolenameJavaRegEx">[a-zA-Z0-9._-|//]{3,30}$</Property> <Property name="ReadGroups">true</Property> <Property name="WriteGroups">true</Property> <Property name="EmptyRolesAllowed">true</Property> <Property name="GroupSearchBase">CN=Users,DC=WSO2,DC=Com</Property> <Property name="GroupEntryObjectClass">group</Property> <Property name="GroupNameAttribute">cn</Property> <Property name="SharedGroupNameAttribute">cn</Property> <Property name="SharedGroupSearchBase">ou=SharedGroups,dc=wso2,dc=org</Property> <Property name="SharedGroupEntryObjectClass">groups</Property> <Property name="SharedTenantNameListFilter">(object=organizationalUnit)</Property> <Property name="SharedTenantNameAttribute">ou</Property> <Property name="SharedTenantObjectClass">organizationalUnit</Property> <Property name="MembershipAttribute">member</Property> <Property name="GroupNameListFilter">(objectcategory=group)</Property> <Property name="GroupNameSearchFilter">(&(objectClass=group)(cn=?))</Property> <Property name="UserRolesCacheEnabled">true</Property> <Property name="Referral">follow</Property> <Property name="BackLinksEnabled">true</Property> <Property name="MaxRoleNameListLength">100</Property> <Property name="MaxUserNameListLength">100</Property> <Property name="SCIMEnabled">false</Property> <Property name="DomainName">AD2</Property> </UserStoreManager> On Thu, Jun 4, 2015 at 12:07 PM, Amalka Subasinghe <ama...@wso2.com> wrote: > Hi, > > I'm trying to setup AD as secondary user store in EMM 1.1.0. > > When I try to create it via UI it creates the xml file as [1]. each > property contains a space between words > then the carbon log gives an error [2] saying "Required ConnectionURL > property is not set at the LDAP configurations" > Then I removed the space in between property "Connection URL" and save. > Then carbon log gives another error [3] - "Required mandatory property > Connection URL is not defined!" > So I gave both "Connection URL" and "ConnectionURL" in xml file to solve > the issue with ConnectionURL > > Same as above, I had to specify the same property with and without space > to fix the errors in carbon log and there were some properties missing in > the xml file too. had to add those manually. > [4] shows the xml file after fixing all the errors. [missing properties > shows in red color.] > > Still I can't see the Secondary user domain and users of the AD in users > page. How can I fix this? > > [1] > > <?xml version="1.0" encoding="UTF-8"?><UserStoreManager > class="org.wso2.carbon.user.core.ldap.ActiveDirectoryUserStoreManager"> > <Property name="*Connection Name* > ">CN=Administrator,CN=Users,DC=wso2,DC=test</Property> > <Property name="Connection URL">ldaps://192.168.18.13:636</Property> > <Property name="Connection Password">pass#word2</Property> > <Property name="User Search Base">CN=Users,DC=wso2,DC=test</Property> > <Property name="Diabled">false</Property> > <Property name="User Object Class">(objectClass=user)</Property> > <Property name="Username Attribute">cn</Property> > <Property name="User Search > Filter">(&(objectClass=user)(cn=?))</Property> > <Property name="User Entry Object Class">user</Property> > <Property name="Group Entry Object Class">group</Property> > <Property name="Maximum User List Length">100</Property> > <Property name="Maximum Role List Length">100</Property> > <Property name="Enable User Role Cache">true</Property> > <Property name="Enable SCIM">false</Property> > <Property name="ReadGroups">true</Property> > <Property name="Group Search Base">CN=Users,DC=WSO2,DC=Com</Property> > <Property name="Group Object Class">(objectcategory=group)</Property> > <Property name="Group Name Attribute">cn</Property> > <Property name="Membership Attribute">member</Property> > <Property name="Member Of Attribute"/> > <Property name="Group Search > Filter">(&(objectClass=group)(cn=?))</Property> > <Property name="Password Hashing Algorithm">PLAIN_TEXT</Property> > <Property name="Password RegEx (Javascript)">^[\S]{5,30}$</Property> > <Property name="Username RegEx (Javascript)">^[\S]{3,30}$</Property> > <Property name="Username RegEx > (Java)">[a-zA-Z0-9._-|//]{3,30}$</Property> > <Property name="Role Name RegEx (Javascript)">^[\S]{3,30}$</Property> > <Property name="Role Name RegEx > (Java)">[a-zA-Z0-9._-|//]{3,30}$</Property> > <Property name="Enable Write Groups">true</Property> > <Property name="User DN > Pattern">uid={0},ou=Users,dc=wso2,dc=org</Property> > <Property name="Allow Empty Roles">true</Property> > <Property name="Default Realm Name">WSO2.ORG</Property> > <Property name="Enable KDC">false</Property> > <Property name="Display Name Attribute">cn</Property> > <Property name="Is ADLDS Role">false</Property> > <Property name="User Account Control">512</Property> > <Property name="Referral">follow</Property> > <Property name="Enable Back Links">true</Property> > <Property name="DomainName">AD</Property> > <Property name="Description"/> > </UserStoreManager> > > [2] > > [2015-06-04 11:32:59,024] ERROR > {org.wso2.carbon.user.core.common.AbstractUserStoreManager} - Cannot > create org.wso2.carbon.user.core.ldap.ActiveDirectoryUserStoreManager > java.lang.reflect.InvocationTargetException > at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native > Method) > at > sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:57) > at > sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45) > at java.lang.reflect.Constructor.newInstance(Constructor.java:526) > at > org.wso2.carbon.user.core.common.AbstractUserStoreManager.createSecondaryUserStoreManager(AbstractUserStoreManager.java:3469) > at > org.wso2.carbon.user.core.common.AbstractUserStoreManager.addSecondaryUserStoreManager(AbstractUserStoreManager.java:3525) > at > org.wso2.carbon.user.core.common.UserStoreDeploymentManager.deploy(UserStoreDeploymentManager.java:65) > at > org.wso2.carbon.identity.user.store.configuration.deployer.UserStoreConfigurationDeployer.deploy(UserStoreConfigurationDeployer.java:58) > at > org.apache.axis2.deployment.repository.util.DeploymentFileData.deploy(DeploymentFileData.java:136) > at > org.apache.axis2.deployment.DeploymentEngine.doDeploy(DeploymentEngine.java:807) > at > org.apache.axis2.deployment.repository.util.WSInfoList.update(WSInfoList.java:144) > at > org.apache.axis2.deployment.RepositoryListener.update(RepositoryListener.java:377) > at > org.apache.axis2.deployment.RepositoryListener.checkServices(RepositoryListener.java:254) > at > org.apache.axis2.deployment.DeploymentEngine.loadServices(DeploymentEngine.java:135) > at > org.wso2.carbon.core.CarbonAxisConfigurator.loadServices(CarbonAxisConfigurator.java:464) > at > org.apache.axis2.context.ConfigurationContextFactory.createConfigurationContext(ConfigurationContextFactory.java:95) > at > org.wso2.carbon.core.CarbonConfigurationContextFactory.createNewConfigurationContext(CarbonConfigurationContextFactory.java:65) > at > org.wso2.carbon.core.init.CarbonServerManager.initializeCarbon(CarbonServerManager.java:398) > at > org.wso2.carbon.core.init.CarbonServerManager.start(CarbonServerManager.java:219) > at > org.wso2.carbon.core.internal.CarbonCoreServiceComponent.activate(CarbonCoreServiceComponent.java:77) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) > at > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) > at java.lang.reflect.Method.invoke(Method.java:606) > at > org.eclipse.equinox.internal.ds.model.ServiceComponent.activate(ServiceComponent.java:260) > at > org.eclipse.equinox.internal.ds.model.ServiceComponentProp.activate(ServiceComponentProp.java:146) > at > org.eclipse.equinox.internal.ds.model.ServiceComponentProp.build(ServiceComponentProp.java:347) > at > org.eclipse.equinox.internal.ds.InstanceProcess.buildComponent(InstanceProcess.java:620) > at > org.eclipse.equinox.internal.ds.InstanceProcess.buildComponents(InstanceProcess.java:197) > at > org.eclipse.equinox.internal.ds.Resolver.getEligible(Resolver.java:343) > at > org.eclipse.equinox.internal.ds.SCRManager.serviceChanged(SCRManager.java:222) > at > org.eclipse.osgi.internal.serviceregistry.FilteredServiceListener.serviceChanged(FilteredServiceListener.java:107) > at > org.eclipse.osgi.framework.internal.core.BundleContextImpl.dispatchEvent(BundleContextImpl.java:861) > at > org.eclipse.osgi.framework.eventmgr.EventManager.dispatchEvent(EventManager.java:230) > at > org.eclipse.osgi.framework.eventmgr.ListenerQueue.dispatchEventSynchronous(ListenerQueue.java:148) > at > org.eclipse.osgi.internal.serviceregistry.ServiceRegistry.publishServiceEventPrivileged(ServiceRegistry.java:819) > at > org.eclipse.osgi.internal.serviceregistry.ServiceRegistry.publishServiceEvent(ServiceRegistry.java:771) > at > org.eclipse.osgi.internal.serviceregistry.ServiceRegistrationImpl.register(ServiceRegistrationImpl.java:130) > at > org.eclipse.osgi.internal.serviceregistry.ServiceRegistry.registerService(ServiceRegistry.java:214) > at > org.eclipse.osgi.framework.internal.core.BundleContextImpl.registerService(BundleContextImpl.java:433) > at > org.eclipse.equinox.http.servlet.internal.Activator.registerHttpService(Activator.java:81) > at > org.eclipse.equinox.http.servlet.internal.Activator.addProxyServlet(Activator.java:60) > at > org.eclipse.equinox.http.servlet.internal.ProxyServlet.init(ProxyServlet.java:40) > at > org.wso2.carbon.tomcat.ext.servlet.DelegationServlet.init(DelegationServlet.java:38) > at > org.apache.catalina.core.StandardWrapper.initServlet(StandardWrapper.java:1267) > at > org.apache.catalina.core.StandardWrapper.loadServlet(StandardWrapper.java:1186) > at > org.apache.catalina.core.StandardWrapper.load(StandardWrapper.java:1081) > at > org.apache.catalina.core.StandardContext.loadOnStartup(StandardContext.java:5027) > at > org.apache.catalina.core.StandardContext.startInternal(StandardContext.java:5314) > at org.apache.catalina.util.LifecycleBase.start(LifecycleBase.java:150) > at > org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1559) > at > org.apache.catalina.core.ContainerBase$StartChild.call(ContainerBase.java:1549) > at java.util.concurrent.FutureTask.run(FutureTask.java:262) > at > java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) > at > java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) > at java.lang.Thread.run(Thread.java:745) > Caused by: org.wso2.carbon.user.core.UserStoreException: Required > ConnectionURL property is not set at the LDAP configurations > at > org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager.checkRequiredUserStoreConfigurations(ReadOnlyLDAPUserStoreManager.java:214) > at > org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager.checkRequiredUserStoreConfigurations(ReadWriteLDAPUserStoreManager.java:1682) > at > org.wso2.carbon.user.core.ldap.ActiveDirectoryUserStoreManager.checkRequiredUserStoreConfigurations(ActiveDirectoryUserStoreManager.java:398) > at > org.wso2.carbon.user.core.ldap.ReadOnlyLDAPUserStoreManager.<init>(ReadOnlyLDAPUserStoreManager.java:133) > at > org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager.<init>(ReadWriteLDAPUserStoreManager.java:102) > at > org.wso2.carbon.user.core.ldap.ActiveDirectoryUserStoreManager.<init>(ActiveDirectoryUserStoreManager.java:85) > ... 56 more > > [3] > > [2015-06-04 11:35:34,128] ERROR > {org.wso2.carbon.user.core.config.XMLProcessorUtils} - Required mandatory > property Connection URL is not defined! > [2015-06-04 11:35:34,129] ERROR > {org.wso2.carbon.user.core.config.UserStoreConfigXMLProcessor} - Error > while building user store manager from file > org.wso2.carbon.user.core.UserStoreException: A required mandatory field > is missing. > at > org.wso2.carbon.user.core.config.UserStoreConfigXMLProcessor.buildUserStoreConfiguration(UserStoreConfigXMLProcessor.java:106) > at > org.wso2.carbon.user.core.config.UserStoreConfigXMLProcessor.buildUserStoreConfigurationFromFile(UserStoreConfigXMLProcessor.java:70) > at > org.wso2.carbon.user.core.common.UserStoreDeploymentManager.deploy(UserStoreDeploymentManager.java:43) > at > org.wso2.carbon.identity.user.store.configuration.deployer.UserStoreConfigurationDeployer.deploy(UserStoreConfigurationDeployer.java:58) > at > org.apache.axis2.deployment.repository.util.DeploymentFileData.deploy(DeploymentFileData.java:136) > at > org.apache.axis2.deployment.DeploymentEngine.doDeploy(DeploymentEngine.java:807) > at > org.apache.axis2.deployment.repository.util.WSInfoList.update(WSInfoList.java:144) > at > org.apache.axis2.deployment.RepositoryListener.update(RepositoryListener.java:377) > at > org.apache.axis2.deployment.RepositoryListener.checkServices(RepositoryListener.java:254) > at > org.apache.axis2.deployment.RepositoryListener.startListener(RepositoryListener.java:371) > at > org.apache.axis2.deployment.scheduler.SchedulerTask.checkRepository(SchedulerTask.java:59) > at > org.apache.axis2.deployment.scheduler.SchedulerTask.run(SchedulerTask.java:67) > at > org.wso2.carbon.core.deployment.CarbonDeploymentSchedulerTask.runAxisDeployment(CarbonDeploymentSchedulerTask.java:79) > at > org.wso2.carbon.core.deployment.CarbonDeploymentSchedulerTask.run(CarbonDeploymentSchedulerTask.java:124) > at > java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471) > at java.util.concurrent.FutureTask.runAndReset(FutureTask.java:304) > at > java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$301(ScheduledThreadPoolExecutor.java:178) > at > java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:293) > at > java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) > at > java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) > at java.lang.Thread.run(Thread.java:745) > [2015-06-04 11:35:34,129] INFO > {org.apache.axis2.deployment.DeploymentEngine} - > org.apache.axis2.deployment.DeploymentException: The deployment of AD.xml > is not valid. > > [4] > > <?xml version="1.0" encoding="UTF-8"?><UserStoreManager > class="org.wso2.carbon.user.core.ldap.ActiveDirectoryUserStoreManager"> > <Property name="Connection > Name">CN=Administrator,CN=Users,DC=wso2,DC=test</Property> > * <Property > name="ConnectionName">CN=Administrator,CN=Users,DC=wso2,DC=test</Property>* > <Property name="Connection URL">ldaps://192.168.18.13:636</Property> > * <Property name="ConnectionURL">ldaps://192.168.18.13:636 > <http://192.168.18.13:636></Property>* > <Property name="Connection Password">pass#word2</Property> > * <Property name="ConnectionPassword">pass#word2</Property>* > <Property name="User Search Base">CN=Users,DC=wso2,DC=test</Property> > * <Property name="UserSearchBase">CN=Users,DC=wso2,DC=test</Property>* > <Property name="Diabled">false</Property> > <Property name="User Object Class">(objectClass=user)</Property> > * <Property name="UserNameListFilter">(objectClass=user)</Property>* > <Property name="Username Attribute">cn</Property> > <Property name="UserNameAttribute">cn</Property> > <Property name="User Search > Filter">(&(objectClass=user)(cn=?))</Property> > * <Property > name="UserNameSearchFilter">(&(objectClass=user)(cn=?))</Property>* > <Property name="User Entry Object Class">user</Property> > * <Property name="UserEntryObjectClass">user</Property>* > <Property name="Group Entry Object Class">group</Property> > * <Property name="GroupEntryObjectClass">group</Property>* > <Property name="Maximum User List Length">100</Property> > <Property name="Maximum Role List Length">100</Property> > <Property name="Enable User Role Cache">true</Property> > <Property name="Enable SCIM">false</Property> > <Property name="ReadGroups">true</Property> > <Property name="Group Search Base">CN=Users,DC=WSO2,DC=Com</Property> > * <Property name="GroupSearchBase">CN=Users,DC=WSO2,DC=Com</Property>* > <Property name="Group Object Class">(objectcategory=group)</Property> > * <Property > name="GroupNameListFilter">(objectcategory=group)</Property>* > <Property name="Group Name Attribute">cn</Property> > <Property name="GroupNameAttribute">cn</Property> > <Property name="Membership Attribute">member</Property> > <Property name="MembershipAttribute">member</Property> > <Property name="Member Of Attribute"/> > <Property name="Group Search > Filter">(&(objectClass=group)(cn=?))</Property> > * <Property > name="GroupNameSearchFilter">(&(objectClass=group)(cn=?))</Property> * > > <Property name="Password Hashing Algorithm">PLAIN_TEXT</Property> > <Property name="Password RegEx (Javascript)">^[\S]{5,30}$</Property> > <Property name="Username RegEx (Javascript)">^[\S]{3,30}$</Property> > <Property name="Username RegEx > (Java)">[a-zA-Z0-9._-|//]{3,30}$</Property> > <Property name="Role Name RegEx (Javascript)">^[\S]{3,30}$</Property> > <Property name="Role Name RegEx > (Java)">[a-zA-Z0-9._-|//]{3,30}$</Property> > <Property name="Enable Write Groups">true</Property> > <Property name="User DN > Pattern">uid={0},ou=Users,dc=wso2,dc=org</Property> > <Property name="Allow Empty Roles">true</Property> > <Property name="Default Realm Name">WSO2.ORG</Property> > <Property name="Enable KDC">false</Property> > <Property name="Display Name Attribute">cn</Property> > <Property name="Is ADLDS Role">false</Property> > <Property name="User Account Control">512</Property> > <Property name="Referral">follow</Property> > <Property name="Enable Back Links">true</Property> > <Property name="DomainName">AD</Property> > <Property name="Description"/> > </UserStoreManager> > > -- > Amalka Subasinghe > Senior Software Engineer > WSO2 Inc. > Mobile: +94 77 9401267 > -- Amalka Subasinghe Senior Software Engineer WSO2 Inc. Mobile: +94 77 9401267
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev