On 02/01/2014 12:18, Timo Hatakka wrote:
Hi!
two questions about .NET AD connectivity:
Hi Timo,
FYI, the ConnId project provides the .NET connector server and bundles
only for archiving purposes.
The whole development effort there is devoted to Java.
For this reason, for usage with Syncope I would strongly suggest to move
to Active Directory (JNDI) connector [1] and Java connector server [2].
I have done the following things:
* installed connector server (MSI&ZIP files) to active directory
windows gateway host
* configured a connid location to syncope
* created a new connector and resource
* configured user mapping as follows
- USER / Username : accountId : BOTH
- USER / Username : cn : PROPAGATION
- USER / Username : sAMAccountName : PROPAGATION
- USER UserSchema / firstname : givenName : BOTH
- USER UserSchema / surname : givenName : BOTH
AccountLink: 'CN=' + username + ',OU=USR2,DC=TEST...
1) Something is missing in the configuration because:
If I create a user and add AD resource, AD account is created as
supposed, but when I open user AccountLink is missing and AD data
cannot be viewed.
core-connid.log shows:
12:40:34.571 DEBUG
org.identityconnectors.framework.api.operations.GetApiOp.getObject
Enter: getObject(ObjectClass: __ACCOUNT__, Attribute: {Name=__UID__,
Value=[late]}, OperationOptions:
{ATTRS_TO_GET:[userPrincipalName,sn,cn,sAMAccountName,__UID__,__NAME__,givenName,__ENABLE__]})
12:40:34.588 DEBUG
org.identityconnectors.framework.api.operations.GetApiOp.getObject
Return: null
But if I create a new user to AD and synchronize user from AD to
syncope a new user is created and named based on objectGUID. This
time core-connid.log has lines:
12:42:32.812 DEBUG
org.identityconnectors.framework.api.operations.GetApiOp.getObject
Enter: getObject(ObjectClass: __ACCOUNT__, Attribute: {Name=__UID__,
Value=[<GUID=c907f229aed3f1478a640f941c7ea3bd>]}, OperationOptions:
{ATTRS_TO_GET:[userPrincipalName,sn,cn,sAMAccountName,__UID__,__NAME__,givenName,__ENABLE__]})
12:42:32.837 DEBUG
org.identityconnectors.framework.api.operations.GetApiOp.getObject
Return: {Name=Attribute: {Name=__NAME__, Value=[CN=....
Can somebody help, what is wrong?
Unfortunately I don't have any grasp in the .NET connectors nor I think
there is any chance to fix any possible bug found there.
2) How one can add a new connid location
(https://cwiki.apache.org/confluence/display/SYNCOPE/Configure+ConnId+locations)
to an already configured system? The only way I managed to add .NET
connector server was to rebuild the system and delete old repository.
The whole idea is to update the connid.properties file in the deployed
web application when such application is initialized.
Synce you have your own Syncope-based overlay project, making
modifications in such project, rebuilding and redeploying is the
expected way to work.
Syncope version is 1.1.4-snapshot
Any reason not to switch to latest 1.1.5 (stable) or 1.1.6-SNAPSHOT
(development)?
Regards.
[1] https://connid.atlassian.net/wiki/pages/viewpage.action?pageId=360482
[2]
http://blog.tirasa.net/blogs/index.php/coffeetime/install-connid-connector-server-as-a-service
--
Francesco Chicchiriccò
Tirasa - Open Source Excellence
http://www.tirasa.net/
ASF Member, Apache Syncope PMC chair, Apache Cocoon PMC Member
http://people.apache.org/~ilgrosso/
