On 11/05/2015 07:52, Suresh Ajja wrote:
hi,
Thanks Fabio for the reply. The issue is still not resolved.
To provide u some more info, we have standalone CA setup in AD.
We are trying to propagate users to AD using 389 port of AD.
When we tick the password attribute of Syncope as mandatory mapping
required, propagation fails.
Hernce, we created a separate password string 'pwd' and mapped with
unicodePwd. Sent a 64-bit encoded password. This way at least the user
got created, but password is not propagated. We were trying to check
if password gets propagated by other means here.
Question:
Do we require SSL connection to send password over the wire into AD?
Exactly: see
https://connid.atlassian.net/wiki/pages/viewpage.action?pageId=360482
for more information.
We created CA cert and imported in syncope to establish SSL. Still the
SSL connection is not getting established.
...the joy of SSL management in Java :-)
Reconsider all of your settings and you'll find your mistake(s): I can
assure my company has deployed Syncope with AD and password propagation
several times.
Regards.
On Mon, May 4, 2015 at 1:02 PM, Fabio Martelli
<[email protected] <mailto:[email protected]>> wrote:
Hi Suresh, why are you using the AD connector 1.1.6. I suggest you
to move to 1.2.3.
Further, the error code "SvcErr: DSID-031A120C" is related to a
password syntax error. Be sure to provide a password compliant
with AD password policies.
Regards,
F.
Il 04/05/2015 08:24, [email protected]
<mailto:[email protected]> ha scritto:
Hi,
We have a AD Server that has a huge list of users.
We configured a connector with AD and synchronized all the users
from AD server to Syncope successfully.
My challenge is while propagating new users from syncope to AD
with a special case.
We can propagate successfully the new user created only and only
if I don't provide the password for the user in syncope UI.
The requirement is I need the source of truth for
username/password with syncope and not with AD Server.
Following is the error while we propagate with password :
javax.naming.OperationNotSupportedException: [LDAP: error code 53
- 0000001F: SvcErr: DSID-031A120C, problem 5003
(WILL_NOT_PERFORM), data 0
?]; remaining name 'cn=ranu
sharma,OU=IDMTEST,OU=Users,OU=CBD,DC=positivepackaging,DC=local'
Cause: [LDAP: error code 53 - 0000001F: SvcErr: DSID-031A120C,
problem 5003 (WILL_NOT_PERFORM), data 0
Please help me understand why are we getting this error. and How
can I propagate password in Ad.
Env:
Syncope - 1.2.3 ver
AD Server - 6.1 ver
ADConnector - 1.1.6 ver
Regards,
Suresh
--
Francesco Chicchiriccò
Tirasa - Open Source Excellence
http://www.tirasa.net/
Involved at The Apache Software Foundation:
member, Syncope PMC chair, Cocoon PMC, Olingo PMC
http://people.apache.org/~ilgrosso/
