OpenIDM error connecting to AD

This topic has 3 replies, 3 voices, and was last updated 5 years, 9 months ago by [email protected].

  • Author
    Posts
  • #6829
     ekarlso
    Participant

    Hi guys, after upgrading OpenIDM and accidently doing so without keeping my security folder I have managed to get it back on track allmost except AD. When I startup OpenIDM it goes:
    Using OPENIDM_HOME: /opt/openidm
    Using PROJECT_HOME: /opt/openidm//home/ubuntu/creator-idm/
    Using OPENIDM_OPTS: -Xmx1024m -Xms1024m
    Using LOGGING_CONFIG: -Djava.util.logging.config.file=/opt/openidm/conf/logging.properties
    Using boot properties at /home/ubuntu/creator-idm/conf/boot/boot.properties
    DEBUG: JavaMail version 1.5.1
    DEBUG: successfully loaded resource: /META-INF/javamail.default.providers
    DEBUG: Tables of loaded providers
    DEBUG: Providers Listed By Class Name: {com.sun.mail.smtp.SMTPSSLTransport=javax.mail.Provider[TRANSPORT,smtps,com.sun.mail.smtp.SMTPSSLTransport,Oracle], com.sun.mail.smtp.SMTPTransport=javax.mail.Provider[TRANSPORT,smtp,com.sun.mail.smtp.SMTPTransport,Oracle], com.sun.mail.imap.IMAPSSLStore=javax.mail.Provider[STORE,imaps,com.sun.mail.imap.IMAPSSLStore,Oracle], com.sun.mail.pop3.POP3SSLStore=javax.mail.Provider[STORE,pop3s,com.sun.mail.pop3.POP3SSLStore,Oracle], com.sun.mail.imap.IMAPStore=javax.mail.Provider[STORE,imap,com.sun.mail.imap.IMAPStore,Oracle], com.sun.mail.pop3.POP3Store=javax.mail.Provider[STORE,pop3,com.sun.mail.pop3.POP3Store,Oracle]}
    DEBUG: Providers Listed By Protocol: {imaps=javax.mail.Provider[STORE,imaps,com.sun.mail.imap.IMAPSSLStore,Oracle], imap=javax.mail.Provider[STORE,imap,com.sun.mail.imap.IMAPStore,Oracle], smtps=javax.mail.Provider[TRANSPORT,smtps,com.sun.mail.smtp.SMTPSSLTransport,Oracle], pop3=javax.mail.Provider[STORE,pop3,com.sun.mail.pop3.POP3Store,Oracle], pop3s=javax.mail.Provider[STORE,pop3s,com.sun.mail.pop3.POP3SSLStore,Oracle], smtp=javax.mail.Provider[TRANSPORT,smtp,com.sun.mail.smtp.SMTPTransport,Oracle]}
    DEBUG: successfully loaded resource: /META-INF/javamail.default.address.map
    -> Jan 13, 2016 10:35:50 PM org.forgerock.openidm.provisioner.openicf.impl.OpenICFProvisionerService$1 handleResult
    SEVERE: OpenICF connector test of SystemIdentifier{ uri=’system/ad/’} failed!
    org.identityconnectors.framework.common.exceptions.ConnectionFailedException: javax.naming.CommunicationException: simple bind failed: 10.0.0.3:636 [Root exception is java.net.SocketException: Connection reset]
    at org.identityconnectors.ldap.LdapConnection$AuthenticationResultType$3.propagate(LdapConnection.java:531)
    at org.identityconnectors.ldap.LdapConnection$AuthenticationResult.propagate(LdapConnection.java:560)
    at org.identityconnectors.ldap.LdapConnection.connect(LdapConnection.java:197)
    at org.identityconnectors.ldap.LdapConnection.getInitialContext(LdapConnection.java:182)
    at org.identityconnectors.ldap.LdapConnection.checkAlive(LdapConnection.java:390)
    at org.identityconnectors.ldap.LdapConnector.checkAlive(LdapConnector.java:140)
    at org.identityconnectors.framework.impl.api.local.ConnectorPoolManager$ConnectorPoolHandler.testObject(ConnectorPoolManager.java:186)
    at org.identityconnectors.framework.impl.api.local.ConnectorPoolManager$ConnectorPoolHandler.testObject(ConnectorPoolManager.java:117)
    at org.identityconnectors.framework.impl.api.local.ObjectPool.borrowObject(ObjectPool.java:247)
    at org.identityconnectors.framework.impl.api.local.operations.ConnectorAPIOperationRunnerProxy.invoke(ConnectorAPIOperationRunnerProxy.java:93)
    at com.sun.proxy.$Proxy20.test(Unknown Source)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:497)
    at org.identityconnectors.framework.impl.api.local.operations.ThreadClassLoaderManagerProxy.invoke(ThreadClassLoaderManagerProxy.java:96)
    at com.sun.proxy.$Proxy20.test(Unknown Source)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:497)
    at org.identityconnectors.framework.impl.api.DelegatingTimeoutProxy.invoke(DelegatingTimeoutProxy.java:98)
    at com.sun.proxy.$Proxy20.test(Unknown Source)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:497)
    at org.identityconnectors.framework.impl.api.local.LocalConnectorFacadeImpl$ReferenceCountingProxy.invoke(LocalConnectorFacadeImpl.java:304)
    at com.sun.proxy.$Proxy20.test(Unknown Source)
    at org.identityconnectors.framework.impl.api.AbstractConnectorFacade.test(AbstractConnectorFacade.java:326)
    at org.forgerock.openidm.provisioner.openicf.impl.OpenICFProvisionerService$1.handleResult(OpenICFProvisionerService.java:370)
    at org.forgerock.openidm.provisioner.openicf.impl.OpenICFProvisionerService$1.handleResult(OpenICFProvisionerService.java:323)
    at org.forgerock.util.promise.PromiseImpl$2.handleStateChange(PromiseImpl.java:304)
    at org.forgerock.util.promise.PromiseImpl.handleCompletion(PromiseImpl.java:521)
    at org.forgerock.util.promise.PromiseImpl.addOrFireListener(PromiseImpl.java:509)
    at org.forgerock.util.promise.PromiseImpl.thenOnResult(PromiseImpl.java:298)
    at org.forgerock.openidm.provisioner.openicf.impl.OpenICFProvisionerService.activate(OpenICFProvisionerService.java:322)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:497)
    at org.apache.felix.scr.impl.helper.BaseMethod.invokeMethod(BaseMethod.java:227)
    at org.apache.felix.scr.impl.helper.BaseMethod.access$500(BaseMethod.java:38)
    at org.apache.felix.scr.impl.helper.BaseMethod$Resolved.invoke(BaseMethod.java:591)
    at org.apache.felix.scr.impl.helper.BaseMethod.invoke(BaseMethod.java:472)
    at org.apache.felix.scr.impl.helper.ActivateMethod.invoke(ActivateMethod.java:146)
    at org.apache.felix.scr.impl.manager.ImmediateComponentManager.createImplementationObject(ImmediateComponentManager.java:226)
    at org.apache.felix.scr.impl.manager.ImmediateComponentManager.createComponent(ImmediateComponentManager.java:118)
    at org.apache.felix.scr.impl.manager.AbstractComponentManager$Unsatisfied.activate(AbstractComponentManager.java:997)
    at org.apache.felix.scr.impl.manager.AbstractComponentManager.activateInternal(AbstractComponentManager.java:333)
    at org.apache.felix.scr.impl.manager.DependencyManager.serviceAdded(DependencyManager.java:283)
    at org.apache.felix.scr.impl.manager.DependencyManager.serviceChanged(DependencyManager.java:170)
    at org.apache.felix.framework.util.EventDispatcher.invokeServiceListenerCallback(EventDispatcher.java:932)
    at org.apache.felix.framework.util.EventDispatcher.fireEventImmediately(EventDispatcher.java:793)
    at org.apache.felix.framework.util.EventDispatcher.fireServiceEvent(EventDispatcher.java:543)
    at org.apache.felix.framework.Felix.fireServiceEvent(Felix.java:4419)
    at org.apache.felix.framework.Felix.registerService(Felix.java:3423)
    at org.apache.felix.framework.BundleContextImpl.registerService(BundleContextImpl.java:346)
    at org.apache.felix.scr.impl.manager.AbstractComponentManager.registerService(AbstractComponentManager.java:449)
    at org.apache.felix.scr.impl.manager.AbstractComponentManager.registerComponentService(AbstractComponentManager.java:460)
    at org.apache.felix.scr.impl.manager.AbstractComponentManager$Unsatisfied.activate(AbstractComponentManager.java:1009)
    at org.apache.felix.scr.impl.manager.AbstractComponentManager.activateInternal(AbstractComponentManager.java:333)
    at org.apache.felix.scr.impl.manager.DependencyManager.serviceAdded(DependencyManager.java:283)
    at org.apache.felix.scr.impl.manager.DependencyManager.serviceChanged(DependencyManager.java:170)
    at org.apache.felix.framework.util.EventDispatcher.invokeServiceListenerCallback(EventDispatcher.java:932)
    at org.apache.felix.framework.util.EventDispatcher.fireEventImmediately(EventDispatcher.java:793)
    at org.apache.felix.framework.util.EventDispatcher.fireServiceEvent(EventDispatcher.java:543)
    at org.apache.felix.framework.Felix.fireServiceEvent(Felix.java:4419)
    at org.apache.felix.framework.Felix.registerService(Felix.java:3423)
    at org.apache.felix.framework.BundleContextImpl.registerService(BundleContextImpl.java:346)
    at org.apache.felix.scr.impl.manager.AbstractComponentManager.registerService(AbstractComponentManager.java:449)
    at org.apache.felix.scr.impl.manager.AbstractComponentManager.registerComponentService(AbstractComponentManager.java:460)
    at org.apache.felix.scr.impl.manager.AbstractComponentManager$Unsatisfied.activate(AbstractComponentManager.java:1009)
    at org.apache.felix.scr.impl.manager.AbstractComponentManager.activateInternal(AbstractComponentManager.java:333)
    at org.apache.felix.scr.impl.manager.DependencyManager.serviceAdded(DependencyManager.java:283)
    at org.apache.felix.scr.impl.manager.DependencyManager.serviceChanged(DependencyManager.java:170)
    at org.apache.felix.framework.util.EventDispatcher.invokeServiceListenerCallback(EventDispatcher.java:932)
    at org.apache.felix.framework.util.EventDispatcher.fireEventImmediately(EventDispatcher.java:793)
    at org.apache.felix.framework.util.EventDispatcher.fireServiceEvent(EventDispatcher.java:543)
    at org.apache.felix.framework.Felix.fireServiceEvent(Felix.java:4419)
    at org.apache.felix.framework.Felix.registerService(Felix.java:3423)
    at org.apache.felix.framework.BundleContextImpl.registerService(BundleContextImpl.java:346)
    at org.apache.felix.scr.impl.manager.AbstractComponentManager.registerService(AbstractComponentManager.java:449)
    at org.apache.felix.scr.impl.manager.AbstractComponentManager.registerComponentService(AbstractComponentManager.java:460)
    at org.apache.felix.scr.impl.manager.AbstractComponentManager$Unsatisfied.activate(AbstractComponentManager.java:1009)
    at org.apache.felix.scr.impl.manager.AbstractComponentManager.activateInternal(AbstractComponentManager.java:333)
    at org.apache.felix.scr.impl.manager.AbstractComponentManager.enable(AbstractComponentManager.java:157)
    at org.apache.felix.scr.impl.config.ConfiguredComponentHolder.enableComponents(ConfiguredComponentHolder.java:256)
    at org.apache.felix.scr.impl.BundleComponentActivator.loadDescriptor(BundleComponentActivator.java:253)
    at org.apache.felix.scr.impl.BundleComponentActivator.initialize(BundleComponentActivator.java:147)
    at org.apache.felix.scr.impl.BundleComponentActivator.<init>(BundleComponentActivator.java:111)
    at org.apache.felix.scr.impl.Activator.loadComponents(Activator.java:285)
    at org.apache.felix.scr.impl.Activator.bundleChanged(Activator.java:203)
    at org.apache.felix.framework.util.EventDispatcher.invokeBundleListenerCallback(EventDispatcher.java:868)
    at org.apache.felix.framework.util.EventDispatcher.fireEventImmediately(EventDispatcher.java:789)
    at org.apache.felix.framework.util.EventDispatcher.fireBundleEvent(EventDispatcher.java:514)
    at org.apache.felix.framework.Felix.fireBundleEvent(Felix.java:4403)
    at org.apache.felix.framework.Felix.startBundle(Felix.java:2092)
    at org.apache.felix.framework.Felix.setActiveStartLevel(Felix.java:1291)
    at org.apache.felix.framework.FrameworkStartLevelImpl.run(FrameworkStartLevelImpl.java:304)
    at java.lang.Thread.run(Thread.java:745)
    Caused by: javax.naming.CommunicationException: simple bind failed: 10.0.0.3:636 [Root exception is java.net.SocketException: Connection reset]
    at com.sun.jndi.ldap.LdapClient.authenticate(LdapClient.java:219)
    at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2788)
    at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:319)
    at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:192)
    at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:210)
    at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:153)
    at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:83)
    at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:684)
    at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:313)
    at javax.naming.InitialContext.init(InitialContext.java:244)
    at javax.naming.ldap.InitialLdapContext.<init>(InitialLdapContext.java:154)
    at org.identityconnectors.ldap.LdapConnection.createContext(LdapConnection.java:228)
    at org.identityconnectors.ldap.LdapConnection.createContext(LdapConnection.java:219)
    at org.identityconnectors.ldap.LdapConnection.connect(LdapConnection.java:193)
    … 98 more
    Caused by: java.net.SocketException: Connection reset
    at java.net.SocketInputStream.read(SocketInputStream.java:209)
    at java.net.SocketInputStream.read(SocketInputStream.java:141)
    at sun.security.ssl.InputRecord.readFully(InputRecord.java:465)
    at sun.security.ssl.InputRecord.read(InputRecord.java:503)
    at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:973)
    at sun.security.ssl.SSLSocketImpl.waitForClose(SSLSocketImpl.java:1769)
    at sun.security.ssl.HandshakeOutStream.flush(HandshakeOutStream.java:124)
    at sun.security.ssl.Handshaker.sendChangeCipherSpec(Handshaker.java:1052)
    at sun.security.ssl.ClientHandshaker.sendChangeCipherAndFinish(ClientHandshaker.java:1222)
    at sun.security.ssl.ClientHandshaker.serverHelloDone(ClientHandshaker.java:1134)
    at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:348)
    at sun.security.ssl.Handshaker.processLoop(Handshaker.java:979)
    at sun.security.ssl.Handshaker.process_record(Handshaker.java:914)
    at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1062)
    at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375)
    at sun.security.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:747)
    at sun.security.ssl.AppOutputStream.write(AppOutputStream.java:123)
    at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:82)
    at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:140)
    at com.sun.jndi.ldap.Connection.writeRequest(Connection.java:426)
    at com.sun.jndi.ldap.Connection.writeRequest(Connection.java:399)
    at com.sun.jndi.ldap.LdapClient.ldapBind(LdapClient.java:359)
    at com.sun.jndi.ldap.LdapClient.authenticate(LdapClient.java:214)
    … 111 more

    Any ideas on this? I have imported the certificate into the security/truststore as well for both the CA and the AD server

    #6837
     ekarlso
    Participant

    Noone got a clue on this?

    #6858
     Brad Tumy
    Participant

    you are getting a simple bind failed error on 10.0.0.3:636 … could it be related to certificates?

    #6864

    Connection reset error can be caused by a lot of things. I would start checking the most simple issues like connectivity, then recheck provisioner configuration

            "host" : "10.0.0.3",
            "port" : 636,
            "ssl" : true,
    

    and last, but not least also the used credentials.

Viewing 4 posts - 1 through 4 (of 4 total)

You must be logged in to reply to this topic.

©2021 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?