Il 22/10/2014 20:40, Oliver Wulff ha scritto:
Hi Fabio
I've changed it to ONE_PHASE and run the same test again. First create
and save the user without adding the resource. Later, I add the
resource. Propagation is successful. When I then click "Edit", I get
the same red exclamation mark and I can't make any changes to the user
anymore:
[LDAP: error code 68 - ENTRY_ALREADY_EXISTS: failed for MessageType :
ADD_REQUEST
Message ID : 292
Add Request :
Entry
dn[n]: uid=test4,ou=users,dc=fediz,dc=org
objectClass: inetOrgPerson
objectClass: organizationalPerson
objectClass: person
objectClass: top
uid: test4
mail: [email protected]
sn: asfasdf
cn: asdfasd4 asfasdf
description: Active
givenName: asdfasd4
: ERR_250_ENTRY_ALREADY_EXISTS uid=test4,ou=users,dc=fediz,dc=org already
exists!]
Hi Oliver, bad mapping probably.
Could you provide screenshot or details about user mapping in resource
configuration?
Regards,
F.
Thanks
Oli
------
Oliver Wulff
Blog: http://owulff.blogspot.com <http://owulff.blogspot.com/>
Solution Architect
http://coders.talend.com
Talend Application Integration Division http://www.talend.com
------------------------------------------------------------------------
*From:* Fabio Martelli [[email protected]]
*Sent:* 22 October 2014 15:50
*To:* [email protected]
*Subject:* Re: User propagation with LDAP
Il 22/10/2014 15:25, Oliver Wulff ha scritto:
Hi Fabio
Thanks for the feedback. It's indeed a two phase resource but it's
not clear to me what two phase really means and what the relation is
with the behaviour I discovered.
Hi Oliver, a two_phase resource implement asynchronous provisioning.
Steps:
1. resource accept the provisioning request and return
2. resource process provisioning request
3. resource call back (on a specific rest service) syncope to notify
completion and result
Regards,
F.
The documentation says:
*Propagation mode*
Type of propagation that are supported by the resource.
ONE_PHASE: propagation towards the external resource is closed at
request time.
TWO_PHASE: propagation towards the external resource is closed in two
steps.
step 1 - Syncope submit the propagation request to the external resource.
step 2 - external resource send a notification about the propagation
execution's result to Syncope
The propagation happened to the LDAP directory (by checking with LDAP
client) but I can't do any changes for the user in Syncope. Is this
due to the missing notification (what kind of notification is that
for LDAP)?
Why does it work with a TWO_PHASE resource if you add the Resource at
the time when you create the user but before hitting save.
Thanks a lot for clarification
Oli
------------------------------------------------------------------------
*From:* Fabio Martelli [[email protected]]
*Sent:* 22 October 2014 11:10
*To:* [email protected]
*Subject:* Re: User propagation with LDAP
Il 22/10/2014 10:53, Oliver Wulff ha scritto:
Hi there
I came across the following issue which I don't know whether it's
intended or not. When I create a user in syncope but don't add the
LDAP resource initially (before clicking save) the user is created
internally. When I add the resource later, the status for the LDAP
resource is "Submitted". When I then check the status of the user
again (By editing the user), there is a red exclamation mark.
In the Propagation Tasks list the status is SUBMITTED and the user
is propagated to the LDAP directory. But every update I do for this
user fails.
[LDAP: error code 68 - ENTRY_ALREADY_EXISTS: failed for MessageType :
ADD_REQUEST
Message ID : 216
Add Request :
Entry
dn[n]: uid=test3,ou=users,dc=fediz,dc=org
objectClass: inetOrgPerson
objectClass: organizationalPerson
objectClass: person
objectClass: top
uid: test3
mail:[email protected]
sn: test2
cn: test1 test2
description: Active
givenName: test1
: ERR_250_ENTRY_ALREADY_EXISTS uid=test3,ou=users,dc=fediz,dc=org already
exists!]
I'm wondering why initially the status is SUBMITTED in the
propagations tasks list but when I check the status when editing the
user, I got the red exclamation mark.
Hi Oliver, probably you have configured a "two_phase" resource.
Please, check again resource configuration.
Best regards,
F.
--
Fabio Martelli
Tirasa - Open Source Excellence
http://www.tirasa.net/
Apache Syncope PMC
http://people.apache.org/~fmartelli/
--
Fabio Martelli
Tirasa - Open Source Excellence
http://www.tirasa.net/
Apache Syncope PMC
http://people.apache.org/~fmartelli/
--
Fabio Martelli
Tirasa - Open Source Excellence
http://www.tirasa.net/
Apache Syncope PMC
http://people.apache.org/~fmartelli/
