On 22/10/18 16:35, Alexander Tsvetkov wrote:
Hi,
I have to pull org units from MS Active Directory into syncope.
My Resource has
defaultIdAttribute: ou
Mapping is
Object Class: organizationalUnit
name is mapped to ou, is a remote key
connObjectLink: *syncope:fullPath2Dn(fullPath, 'ou') +
',OU=ANIMALS,OU=CH,DC=sesdev,DC=lab'*
I have a pull task with Matching rule: UPDATE, Unmatching rule: ASSIGN.
Org Units are successfully imported from Active Directory, BUT in logs
there is a SchemaViolationException:
17:18:03.075 DEBUG Enter: update(ObjectClass: organizationalUnit,
Attribute: {Name=__UID__, Value=[CATS]}, [Attribute: {Name=OU,
Value=[CATS]}, Attribute: {Name=__NAME__,
Value=[ou=CATS,OU=ANIMALS,OU=CH,DC=sesdev,DC=lab]}], null) Method:
update
17:18:03.119 DEBUG Enter: update(ObjectClass: organizationalUnit,
Attribute: {Name=__UID__, Value=[CATS]}, [Attribute: {Name=OU,
Value=[CATS]}, Attribute: {Name=__NAME__,
Value=[ou=CATS,OU=ANIMALS,OU=CH,DC=sesdev,DC=lab]}], OperationOpti
ons: {}) Method: update
17:18:03.119 DEBUG Searching for object of class organizationalUnit
with filter LdapFilter[nativeFilter: OU=CATS; entryDN: null] Method:
findObject
17:18:03.120 DEBUG Searching in [OU=ANIMALS,OU=CH,DC=sesdev,DC=lab]
with filter (&(objectClass=organizationalUnit)(OU=CATS)) and
SearchControls: {returningAttributes=[ntSecurityDescriptor, objectSID,
OU, primaryGroupID, userAccountContro
l], scope=SUBTREE} Method: doSearch
17:18:03.262 DEBUG Exception: Method: update
org.identityconnectors.framework.common.exceptions.ConnectorException:
javax.naming.directory.SchemaViolationException: [LDAP: error code 67
- 000020B1: UpdErr: DSID-030F1087, problem 6004 (CANT_ON_RDN), data 0
^@]; remaining name 'OU=CATS,OU=ANIMALS,OU=CH,DC=sesdev,DC=lab'
at
net.tirasa.connid.bundles.ad.crud.ADUpdate.modifyAttributes(ADUpdate.java:354)
~[?:?]
at
net.tirasa.connid.bundles.ad.crud.ADUpdate.modifyAttributes(ADUpdate.java:347)
~[?:?]
at
net.tirasa.connid.bundles.ad.crud.ADUpdate.update(ADUpdate.java:160)
~[?:?]
at
net.tirasa.connid.bundles.ad.ADConnector.update(ADConnector.java:215)
~[?:?]
at
org.identityconnectors.framework.impl.api.local.operations.UpdateImpl.update(UpdateImpl.java:101)
~[connector-framework-internal-1.4.3.0.jar:?]
at sun.reflect.GeneratedMethodAccessor584.invoke(Unknown
Source) ~[?:?]
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
~[?:1.8.0_72]
at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_72]
Any ideas?
Hi,
since the exception is raised during the communication with AD, I would
suggest to try to replicate the problem with the latest version of the
AD connector (1.3.5, up to Syncope 2.0.10 there is 1.3.45 bundled, instead).
Regards.
--
Francesco Chicchiriccò
Tirasa - Open Source Excellence
http://www.tirasa.net/
Member at The Apache Software Foundation
Syncope, Cocoon, Olingo, CXF, OpenJPA, PonyMail
http://home.apache.org/~ilgrosso/