-
migault1990 commented on the post, ForgeRock Self-Service Custom Stage 4 years, 6 months ago
Hello –
Did you try configuring the same stage for opendim 5.5?
I am facing issue when I am configuring the stage.
WARNING: Configuration invalid, can not start
-
migault1990 started the topic IDM 5 Self-Service Registration – Pointing Identity Resource to OpenDJ in the forum Identity Management 4 years, 12 months ago
Hey All –
I am trying to configure Self Service Registration to create user directly in OpenDJ by configuring the Identity Resource as system/OpenDJ/account.
However, as soon as i submit the information for a new user i get an “{code=403, message=Access denied}” error orginating from the openidm/bin/defaults/script/router-authz.js…[Read more]
-
migault1990 started the topic Forgot Username and Forgot Password in the forum Identity Management 5 years ago
Hey –
I know that OpenIDM OOTB has the “Forgot Password” and “Forgot Username” flows through the UI.
Let say you can’t use the OpenIDM UI and you have to use a Custom UI, Is there a way to do it through REST API calls?
I am assuming that you need to build logic on your custom UI and use a mix of different REST API Calls to OpenIDM.
Cheers,
Louis
-
migault1990 started the topic Custom Data Validation Policy on System Object in the forum Identity Management 5 years, 1 month ago
Hey All –
I am trying to configure a Policy on a System Object Attribute (ex. userName defined in an OpenDJ connector).
Most of the documentation talks about Policy on Managed Object.
What’s the ideal way to define a Policy on System Object Attribute?
Cheers!
-
migault1990 started the topic Password Infinite Loops in the forum Identity Management 5 years, 4 months ago
Hey All –
I am writing this post because I believe it’s good to share past experience with the community. Hopefully, this post could help someone at some point.
Context:
OpenIDM can be used to synchronize password across multiple end points (ex. SAP, AD, LDAP, etc.). It is relatively straightforward when OpenIDM is the source. You will need to…[Read more]
-
migault1990 replied to the topic Push user password to Active Directory in the forum Identity Management 5 years, 7 months ago
Hey –
We actually fixed it yesterday after sending that Message.
Lessons Learned :
– LDAPS is required
– unicodePWd is the Password Attribute in AD
– You don’t need to decrypt or encode the password value.Cheers,
L.
-
migault1990 replied to the topic Push user password to Active Directory in the forum Identity Management 5 years, 7 months ago
Hi –
What’s your script to convert the OpenIDM password in unicode format?
Additionally, you’re probably decrypting the password in OpenIDM as well. Am I correct?
We’re trying to achieve the same thing here and any help would be usefull :)
-
migault1990 replied to the topic External Configuration & Load Balancer in the forum Access Management 5 years, 8 months ago
When I try to configure OpenAM through the UI and I define the Load Balancer as the Configuration Store with SSL enable, I get an error saying that host is not reachable.
In order to have SSL between our OpenAM and OpenDJ with HAPROXY in between, I have to disable SSL and configure OpenAM. I am then able to enable SSL only when I add a piece of…[Read more]
-
migault1990 started the topic External Configuration & Load Balancer in the forum Access Management 5 years, 9 months ago
Hey All –
We have to enable SSL between OpenAM Configuration Store and OpenDJ.
We have a Load Balancer in the middle – Haproxy doing SSL Passthrough.
We’ve tried updating via the UI the connection information to the configuration store to use SSL but it doens’t work.
We decided to reinstall OpenDJ and OpenAM … and see if we could enable SSL…[Read more]
-
migault1990 started the topic AD Password Plugin – Decryption Error in the forum Identity Management 5 years, 11 months ago
Hi All –
I followed the installation guide for the AD Plugin and I am getting the following error :
(Plugin logs)
DEBUG http_post() response:
HTTP/1.1 500 Server Error
Content-Type: application/json;charset=UTF-8
Cache-Control: no-cache
Connection: close
Server: Jetty(8.y.z-SNAPSHOT){“code”:500,”reason”:”Internal Server…[Read more]
-
migault1990 started the topic OpenIDM – AD Password Sync Plugin Help Required! in the forum Identity Management 5 years, 11 months ago
Hi All –
I have to configure the AD Plugin in my test environment to ensure that password are being pushed to my OpenIDM instance.
I followed the documentation on how to install the AD plugin to the letter and I get an error saying “500 … ad-pwd-plugin-localhost key not found …”I tried reusing the openidm-localhost cert by importing the…[Read more]
-
migault1990 replied to the topic AD Password Synchronization plugin, bad padding error in the forum Identity Management 5 years, 11 months ago
I am currently experiencing that issue.
Were you able to solve it?
-
migault1990 started the topic DevOps Webinar – Follow Up Questions in the forum DevOps 5 years, 11 months ago
Hi All –
I wasn’t sure where to post this question.
I attended the DevOps Webinar (08/23/2016) and I have a question.
Warren talked about the notion of “immutable” and having to build and redeploy a Forgerock product in the future. However, as of today, does it make sense to build and redeploy an entire Forgerock product? Does it make sense to…[Read more]
-
migault1990 replied to the topic OpenAM, HAProxy and SSL in the forum Access Management 6 years ago
Let say we have 1 instance of HAProxy and 2 instance of OpenAM.
What would be the HAProxy Configuration file?
The requirements are :
1.) TLS/SSL Bridging
2.) Session Stickiness using OpenAM Cookies -
migault1990 replied to the topic OpenAM, HAProxy and SSL in the forum Access Management 6 years ago
Thanks for the insight.
What about SSL Overhead by doing TLS bridging?
-
migault1990 started the topic OpenAM, HAProxy and SSL in the forum Access Management 6 years ago
Hey All –
I am working on deploying 2 OpenAM servers.
I am configuring HAProxy Loadbalancer to redirect traffic between those 2 OpenAM Servers.
I want to implement Sticky/Persistent Session using OpenAM Session Cookies / amlbcookie.
One of the requirement is to have end to end encryption User -> HAPROXY -> OpenAM.
Here are my questions…[Read more]
-
migault1990 replied to the topic OpenIG – Getting Started – Not Able to Protect the Dummy Application in the forum Identity Gateway 6 years ago
Hello !
The actual problem was that I was installing Tomcat using Yum.
It seems like Tomcat and OpenIG don’t agree with the Yum installation.
I reinstalled Tomcat using the source file and it worked.
Thanks,
Louis
-
migault1990 started the topic OpenIG – Getting Started – Not Able to Protect the Dummy Application in the forum Identity Gateway 6 years, 1 month ago
Hi All –
I’ve followed the Getting Started Instruction to have OpenIG protect the Dummy Application.
I am able to deploy OpenIG and the Dummy Application.
However, I am not able to redirect the traffic from OpenIG to the Dummy Application.
I used the same config files mentioned in the Getting Started Section of the installation doc.
Did…[Read more]