Pull users from LDAP

classic Classic list List threaded Threaded
5 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Pull users from LDAP

sasha gesta
I have about 400 hundred users which I would like to pull to syncope. After pull task started, it works a bit and then suddenly stops with following stack trace :

15:17:48.708 DEBUG Searching in [ou=Users,dc=example,dc=com] with filter (&(objectClass=inetOrgPerson)(cn=*)) and S                                                                                                                        earchControls: {returningAttributes=[cn, description, mail, sn, userPassword], scope=SUBTREE}   Method: doSearch
15:17:48.710 DEBUG OperationNotSupportedException caught: ou=Users,dc=example,dc=com. Check the Cookie validity   Method: doSearch
15:17:48.710 DEBUG Exception:   Method: executeQuery
org.identityconnectors.framework.common.exceptions.ConnectorException: Operation Not Supported. Bad cookie
        at net.tirasa.connid.bundles.ldap.search.PagedSearchStrategy.doSearch(PagedSearchStrategy.java:152) ~[net.tir                                                                                                                        asa.connid.bundles.ldap-1.5.1.jar:?]
        at net.tirasa.connid.bundles.ldap.search.LdapInternalSearch.execute(LdapInternalSearch.java:67) ~[net.tirasa.                                                                                                                        connid.bundles.ldap-1.5.1.jar:?]
        at net.tirasa.connid.bundles.ldap.search.LdapSearch.execute(LdapSearch.java:137) ~[net.tirasa.connid.bundles.                                                                                                                        ldap-1.5.1.jar:?]
        at net.tirasa.connid.bundles.ldap.LdapConnector.executeQuery(LdapConnector.java:136) ~[?:?]
        at net.tirasa.connid.bundles.ldap.LdapConnector.executeQuery(LdapConnector.java:57) ~[?:?]
        at org.identityconnectors.framework.impl.api.local.operations.SearchImpl.rawSearch(SearchImpl.java:171) ~[con                                                                                                                        nector-framework-internal-1.4.2.0.jar:?]
        at org.identityconnectors.framework.impl.api.local.operations.SearchImpl.search(SearchImpl.java:130) ~[connec                                                                                                                        tor-framework-internal-1.4.2.0.jar:?]
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_131]
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_131]
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_131]
        at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_131]
        at org.identityconnectors.framework.impl.api.local.operations.ConnectorAPIOperationRunnerProxy.invoke(Connect                                                                                                                        orAPIOperationRunnerProxy.java:98) ~[connector-framework-internal-1.4.2.0.jar:?]
        at com.sun.proxy.$Proxy280.search(Unknown Source) ~[?:?]
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_131]
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_131]
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_131]
        at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_131]
        at org.identityconnectors.framework.impl.api.local.operations.ThreadClassLoaderManagerProxy.invoke(ThreadClas                                                                                                                        sLoaderManagerProxy.java:96) ~[connector-framework-internal-1.4.2.0.jar:?]
        at com.sun.proxy.$Proxy280.search(Unknown Source) ~[?:?]
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_131]
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_131]
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_131]
        at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_131]
        at org.identityconnectors.framework.impl.api.BufferedResultsProxy$BufferedResultsHandler.run(BufferedResultsP                                                                                                                        roxy.java:165) ~[connector-framework-internal-1.4.2.0.jar:?]
15:17:48.712 DEBUG Exception:   Method: search
org.identityconnectors.framework.common.exceptions.ConnectorException: Operation Not Supported. Bad cookie
        at net.tirasa.connid.bundles.ldap.search.PagedSearchStrategy.doSearch(PagedSearchStrategy.java:152) ~[net.tir                                                                                                                        asa.connid.bundles.ldap-1.5.1.jar:?]
        at net.tirasa.connid.bundles.ldap.search.LdapInternalSearch.execute(LdapInternalSearch.java:67) ~[net.tirasa.                                                                                                                        connid.bundles.ldap-1.5.1.jar:?]
        at net.tirasa.connid.bundles.ldap.search.LdapSearch.execute(LdapSearch.java:137) ~[net.tirasa.connid.bundles.                                                                                                                        ldap-1.5.1.jar:?]
        at net.tirasa.connid.bundles.ldap.LdapConnector.executeQuery(LdapConnector.java:136) ~[?:?]
        at net.tirasa.connid.bundles.ldap.LdapConnector.executeQuery(LdapConnector.java:57) ~[?:?]
        at org.identityconnectors.framework.impl.api.local.operations.SearchImpl.rawSearch(SearchImpl.java:171) ~[con                                                                                                                        nector-framework-internal-1.4.2.0.jar:?]
        at org.identityconnectors.framework.impl.api.local.operations.SearchImpl.search(SearchImpl.java:130) ~[connec                                                                                                                        tor-framework-internal-1.4.2.0.jar:?]
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_131]
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_131]
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_131]
        at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_131]
        at org.identityconnectors.framework.impl.api.local.operations.ConnectorAPIOperationRunnerProxy.invoke(Connect                                                                                                                        orAPIOperationRunnerProxy.java:98) ~[connector-framework-internal-1.4.2.0.jar:?]
        at com.sun.proxy.$Proxy280.search(Unknown Source) ~[?:?]
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0_131]
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62) ~[?:1.8.0_131]
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces
        at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_131]
        at org.identityconnectors.framework.impl.api.local.operations.ThreadClas                                                                                                                                                             sLoaderManagerProxy.java:96) ~[connector-framework-internal-1.4.2.0.jar:?]
        at com.sun.proxy.$Proxy280.search(Unknown Source) ~[?:?]
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[?:1.8.0
        at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces
        at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_131]
        at org.identityconnectors.framework.impl.api.BufferedResultsProxy$Buffer                                                                                                                                                             roxy.java:165) ~[connector-framework-internal-1.4.2.0.jar:?]

It pulls succesfully about 100 users. 
Any clues?

Thanks
Sasha

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Pull users from LDAP

justin.isenhour
Sasha,

I'm curious, were you able to resolve this issue?  I am facing a similar issue myself.  For me the first time I run a pull task it works fine be then fails because I have a mapping issue (not really related to this) but then after that every time I try to run the pull task again I get this message "org.identityconnectors.framework.common.exceptions.ConnectorException: Operation Not Supported. Bad cookie".  If I recycle the JVM I can run it again.  Can you provide any direction or insight into this?

Thanks,
Justin
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Pull users from LDAP

ilgrosso
Administrator
On 25/07/2017 00:48, justin.isenhour wrote:
> Sasha,
>
> I'm curious, were you able to resolve this issue?  I am facing a similar
> issue myself.  For me the first time I run a pull task it works fine be then
> fails because I have a mapping issue (not really related to this) but then
> after that every time I try to run the pull task again I get this message
> "org.identityconnectors.framework.common.exceptions.ConnectorException:
> Operation Not Supported. Bad cookie".  If I recycle the JVM I can run it
> again.  Can you provide any direction or insight into this?

Hi Justin,
it seems you are experiencing problems with the ConnId pagination APIs,
introduced by

https://connid.atlassian.net/browse/BASE-14

and supported by the LDAP Connector Bundle with

https://connid.atlassian.net/browse/LDAP-16

Which LDAP server implementation are you using? Would you mind to share
your Connector and Resource configurations?

Regards.

--
Francesco Chicchiriccò

Tirasa - Open Source Excellence
http://www.tirasa.net/

Member at The Apache Software Foundation
Syncope, Cocoon, Olingo, CXF, OpenJPA, PonyMail
http://home.apache.org/~ilgrosso/

Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Pull users from LDAP

justin.isenhour
Francesco,

I am using the the AD connector (net.tirasa.connid.bundles.ad) v1.3.2 to connect to Microsoft Active Directory.  Below is the configuration.

Connector
[{"key":"6a9a654d-5b02-4089-9a65-4d5b028089d2","location":"file:/usr/share/tomcat/v8/SYNCOPEDEV/appconfigs/dev/bundles/","connectorName":"net.tirasa.connid.bundles.ad.ADConnector","bundleName":"net.tirasa.connid.bundles.ad","version":"1.3.2","displayName":"conn-ad-compass","connRequestTimeout":10,"poolConf":{"maxObjects":null,"minIdle":null,"maxIdle":null,"maxWait":null,"minEvictableIdleTimeMillis":null},"conf":[{"schema":{"name":"credentials","displayName":"Principal password","helpMessage":"Insert password for administrator","type":"org.identityconnectors.common.security.GuardedString","required":false,"order":6,"confidential":true,"defaultValues":[]},"overridable":false,"values":["_r4&Age3+s"]},{"schema":{"name":"ssl","displayName":"SSL","helpMessage":"User SSL to perform password provisioning","type":"boolean","required":false,"order":1,"confidential":false,"defaultValues":[true]},"overridable":false,"values":["false"]},{"schema":{"name":"groupSearchFilter","displayName":"Custom group search filter","helpMessage":"Custom group search filter","type":"java.lang.String","required":false,"order":11,"confidential":false,"defaultValues":[]},"overridable":false,"values":[]},{"schema":{"name":"pwdUpdateOnly","displayName":"Permit password update only","helpMessage":"Specify TRUE if you want to permit password update only: create/delete operation will be denied while other attributes update requests will be ignored.","type":"boolean","required":true,"order":17,"confidential":false,"defaultValues":[false]},"overridable":false,"values":[false]},{"schema":{"name":"retrieveDeletedUser","displayName":"Retrieve deleted users","helpMessage":"Specify TRUE to retrieve deleted users also. The default is \"true\".","type":"boolean","required":false,"order":2,"confidential":false,"defaultValues":[true]},"overridable":false,"values":[true]},{"schema":{"name":"port","displayName":"Server port","helpMessage":"Insert port. The default is 636.","type":"int","required":false,"order":2,"confidential":false,"defaultValues":[636]},"overridable":false,"values":["389"]},{"schema":{"name":"groupOwnerReferenceAttribute","displayName":"Group owner reference attribute","helpMessage":"Group attribute name referencing (by DN) the owner","type":"java.lang.String","required":false,"order":15,"confidential":false,"defaultValues":["managedBy"]},"overridable":false,"values":["managedBy"]},{"schema":{"name":"defaultGroupContainer","displayName":"Default group container","helpMessage":"Default group container to be used in case of entry DN is not provided","type":"java.lang.String","required":false,"order":8,"confidential":false,"defaultValues":[]},"overridable":false,"values":[]},{"schema":{"name":"defaultPeopleContainer","displayName":"Default people container","helpMessage":"Default people container to be used in case of entry DN is not provided","type":"java.lang.String","required":false,"order":7,"confidential":false,"defaultValues":[]},"overridable":false,"values":[]},{"schema":{"name":"userBaseContexts","displayName":"Base contexts for user entry searches","helpMessage":"DN of context to be used as starting point for user entry searches","type":"[Ljava.lang.String;","required":false,"order":13,"confidential":false,"defaultValues":[]},"overridable":false,"values":["ou=Accounts,dc=NA,dc=CompassGroup,dc=Corp"]},{"schema":{"name":"failover","displayName":"Failover","helpMessage":"Failover host:port","type":"[Ljava.lang.String;","required":false,"order":4,"confidential":false,"defaultValues":[]},"overridable":false,"values":[]},{"schema":{"name":"startSyncFromToday","displayName":"Null token is the latest","helpMessage":"Reset null token value to the latest (sync with null token will not return any result). The default is \"true\".","type":"boolean","required":false,"order":16,"confidential":false,"defaultValues":[true]},"overridable":false,"values":[true]},{"schema":{"name":"groupSearchScope","displayName":"Group search scope","helpMessage":"Choose object, onlevel or subtree","type":"java.lang.String","required":false,"order":10,"confidential":false,"defaultValues":["subtree"]},"overridable":false,"values":["subtree"]},{"schema":{"name":"objectClassesToSynchronize","displayName":"Object classes to synchronize","helpMessage":"Specify object classes to identify entry to synchronize","type":"[Ljava.lang.String;","required":false,"order":24,"confidential":false,"defaultValues":["user"]},"overridable":false,"values":["user"]},{"schema":{"name":"membershipsInOr","displayName":"Verify memberships in OR","helpMessage":"Specify TRUE if you want to verify memberships using OR logical operator. The default is \"false\".","type":"boolean","required":false,"order":5,"confidential":false,"defaultValues":[false]},"overridable":false,"values":[false]},{"schema":{"name":"groupBaseContexts","displayName":"Base contexts for group entry searches","helpMessage":"DN of context to be used as starting point for group entry searches","type":"[Ljava.lang.String;","required":false,"order":12,"confidential":false,"defaultValues":[]},"overridable":false,"values":[]},{"schema":{"name":"membershipConservativePolicy","displayName":"Conservative membership policy","helpMessage":"Conservative managing and assignment of groups to user. The groups already assigned will not be removed.","type":"boolean","required":false,"order":18,"confidential":false,"defaultValues":[false]},"overridable":false,"values":[false]},{"schema":{"name":"uidAttribute","displayName":"uidAttribute","helpMessage":"uidAttribute","type":"java.lang.String","required":false,"order":21,"confidential":false,"defaultValues":["sAMAccountName"]},"overridable":false,"values":["sAMAccountName"]},{"schema":{"name":"trustAllCerts","displayName":"Trust all certs","helpMessage":"Specify TRUE to trust all certs. The default is \"false\".","type":"boolean","required":false,"order":4,"confidential":false,"defaultValues":[false]},"overridable":false,"values":[false]},{"schema":{"name":"memberships","displayName":"Memberships","helpMessage":"Specify memberships","type":"[Ljava.lang.String;","required":false,"order":1,"confidential":false,"defaultValues":[]},"overridable":false,"values":[]},{"schema":{"name":"retrieveDeletedGroup","displayName":"Retrieve deleted groups","helpMessage":"Specify TRUE to retrieve deleted groups also","type":"boolean","required":false,"order":3,"confidential":false,"defaultValues":[true]},"overridable":false,"values":[true]},{"schema":{"name":"host","displayName":"Server hostname","helpMessage":"Insert hostname","type":"java.lang.String","required":true,"order":1,"confidential":false,"defaultValues":[]},"overridable":false,"values":["ldap.na.compassgroup.corp"]},{"schema":{"name":"groupMemberReferenceAttribute","displayName":"Group members reference attribute ","helpMessage":"Group attribute referencing (by DN) the users members of a group","type":"java.lang.String","required":false,"order":14,"confidential":false,"defaultValues":["member"]},"overridable":false,"values":["member"]},{"schema":{"name":"baseContextsToSynchronize","displayName":"Root suffixes","helpMessage":"Insert root suffixes","type":"[Ljava.lang.String;","required":true,"order":6,"confidential":false,"defaultValues":[]},"overridable":false,"values":["ou=Accounts,dc=NA,dc=CompassGroup,dc=Corp"]},{"schema":{"name":"accountSearchFilter","displayName":"Custom user search filter","helpMessage":"Custom user search filter","type":"java.lang.String","required":false,"order":11,"confidential":false,"defaultValues":[]},"overridable":false,"values":[]},{"schema":{"name":"userSearchScope","displayName":"User search scope","helpMessage":"Choose object, onlevel or subtree","type":"java.lang.String","required":false,"order":9,"confidential":false,"defaultValues":["subtree"]},"overridable":false,"values":["subtree"]},{"schema":{"name":"principal","displayName":"Principal","helpMessage":"Insert DN of a user with administration capabilities","type":"java.lang.String","required":false,"order":5,"confidential":false,"defaultValues":[]},"overridable":false,"values":["cams_auth_svc_acct@na.compassgroup.corp"]},{"schema":{"name":"accountObjectClasses","displayName":"Entry object classes","helpMessage":"Insert object classes to assign to managed entries","type":"[Ljava.lang.String;","required":false,"order":9,"confidential":false,"defaultValues":["top","person","organizationalPerson","inetOrgPerson"]},"overridable":false,"values":["top","person","organizationalPerson","user"]}],"capabilities":["AUTHENTICATE","CREATE","UPDATE","DELETE","SEARCH","SYNC"]},{"key":"b1da11c3-4542-49fa-9a11-c34542c9fa3a","location":"file:/usr/share/tomcat/v8/SYNCOPEDEV/appconfigs/dev/bundles/","connectorName":"net.tirasa.connid.bundles.ldap.LdapConnector","bundleName":"net.tirasa.connid.bundles.ldap","version":"1.5.1","displayName":"conn-dev-ads-foodbuy","connRequestTimeout":10,"poolConf":{"maxObjects":null,"minIdle":null,"maxIdle":null,"maxWait":null,"minEvictableIdleTimeMillis":null},"conf":[{"schema":{"name":"accountSearchFilter","displayName":"LDAP Filter for Retrieving Accounts","helpMessage":"An optional LDAP filter to control which accounts are returned from the LDAP resource. If no filter is specified, only accounts that include all specified object classes are returned.","type":"java.lang.String","required":false,"order":11,"confidential":false,"defaultValues":[]},"overridable":false,"values":[]},{"schema":{"name":"maintainLdapGroupMembership","displayName":"Maintain LDAP Group Membership","helpMessage":"When enabled and a user is renamed or deleted, update any LDAP groups to which the user belongs to reflect the new name. Otherwise, the LDAP resource must maintain referential integrity with respect to group membership. Default is \"false\".","type":"boolean","required":false,"order":15,"confidential":false,"defaultValues":[false]},"overridable":false,"values":[false]},{"schema":{"name":"passwordDecryptionKey","displayName":"Password Decryption Key","helpMessage":"The key to decrypt passwords with when performing password synchronization.","type":"org.identityconnectors.common.security.GuardedByteArray","required":false,"order":34,"confidential":true,"defaultValues":[]},"overridable":false,"values":[]},{"schema":{"name":"groupMemberAttribute","displayName":"Group Member Attribute","helpMessage":"The name of the group attribute that will be updated with the distinguished name of the user when the user is added to the group. Default is \"uniqueMember\".","type":"java.lang.String","required":false,"order":14,"confidential":false,"defaultValues":["uniqueMember"]},"overridable":false,"values":["uniqueMember"]},{"schema":{"name":"accountUserNameAttributes","displayName":"Account User Name Attributes","helpMessage":"Attribute or attributes which holds the account's user name. They will be used when authenticating to find the LDAP entry for the user name to authenticate.","type":"[Ljava.lang.String;","required":false,"order":10,"confidential":false,"defaultValues":["uid","cn"]},"overridable":false,"values":["uid"]},{"schema":{"name":"modifiersNamesToFilterOut","displayName":"Filter Out Changes By","helpMessage":"The names (DNs) of directory administrators to filter from the changes. Changes with the attribute \"modifiersName\" that match entries in this list will be filtered out. The standard value is the administrator name used by this adapter, to prevent loops. Entries should be of the format \"cn=Directory Manager\".","type":"[Ljava.lang.String;","required":false,"order":26,"confidential":false,"defaultValues":[]},"overridable":false,"values":[]},{"schema":{"name":"removeLogEntryObjectClassFromFilter","displayName":"Remove Log Entry Object Class from Filter","helpMessage":"If this property is set (the default), the filter used to fetch change log entries does not contain the \"changeLogEntry\" object class, expecting that there are no entries of other object types in the change log. Default is \"true\".","type":"boolean","required":false,"order":31,"confidential":false,"defaultValues":[true]},"overridable":false,"values":[true]},{"schema":{"name":"passwordAttributeToSynchronize","displayName":"Password Attribute to Synchronize","helpMessage":"The name of the password attribute to synchronize when performing password synchronization.","type":"java.lang.String","required":false,"order":33,"confidential":false,"defaultValues":[]},"overridable":false,"values":["userPassword"]},{"schema":{"name":"groupNameAttributes","displayName":"Group Name Attributes","helpMessage":"Attribute or attributes which holds the group's name. Default is \"cn\".","type":"[Ljava.lang.String;","required":false,"order":13,"confidential":false,"defaultValues":["cn"]},"overridable":false,"values":["o"]},{"schema":{"name":"attributesToSynchronize","displayName":"Attributes to Synchronize","helpMessage":"The names of the attributes to synchronize. This ignores updates from the change log if they do not update any of the named attributes. For example, if only \"department\" is listed, then only changes that affect \"department\" will be processed. All other updates are ignored. If blank (the default), then all changes are processed.","type":"[Ljava.lang.String;","required":false,"order":25,"confidential":false,"defaultValues":[]},"overridable":false,"values":[]},{"schema":{"name":"changeLogBlockSize","displayName":"Change Log Block Size","helpMessage":"The number of change log entries to fetch per query. Default is \"100\".","type":"int","required":false,"order":28,"confidential":false,"defaultValues":[100]},"overridable":false,"values":["100"]},{"schema":{"name":"groupSearchFilter","displayName":"LDAP Filter for Retrieving Groups","helpMessage":"An optional LDAP filter to control which groups are returned from the LDAP resource. If no filter is specified, only groups that include all specified object classes are returned.","type":"java.lang.String","required":false,"order":39,"confidential":false,"defaultValues":[]},"overridable":false,"values":[]},{"schema":{"name":"readTimeout","displayName":"Read Timeout (Milliseconds)","helpMessage":"Time to wait for a response to be received. If there is no response within the specified time period, the read attempt will be aborted. Value 0 or less than 0 means there is no limit.","type":"long","required":false,"order":40,"confidential":false,"defaultValues":[0]},"overridable":false,"values":["3000"]},{"schema":{"name":"principal","displayName":"Principal","helpMessage":"The distinguished name with which to authenticate to the LDAP server.","type":"java.lang.String","required":false,"order":5,"confidential":false,"defaultValues":[]},"overridable":false,"values":["uid=admin,ou=system"]},{"schema":{"name":"ssl","displayName":"SSL","helpMessage":"Select the check box to connect to the LDAP server using SSL. The default is \"false\".","type":"boolean","required":false,"order":3,"confidential":false,"defaultValues":[false]},"overridable":false,"values":["false"]},{"schema":{"name":"changeNumberAttribute","displayName":"Change Number Attribute","helpMessage":"The name of the change number attribute in the change log entry. Default is \"changeNumber\".","type":"java.lang.String","required":false,"order":29,"confidential":false,"defaultValues":["changeNumber"]},"overridable":false,"values":["changeNumber"]},{"schema":{"name":"failover","displayName":"Failover Servers","helpMessage":"List all servers that should be used for failover in case the preferred server fails. If the preferred server fails, JNDI will connect to the next available server in the list. List all servers in the form of \"ldap://ldap.example.com:389/\", which follows the standard LDAP v3 URLs described in RFC 2255. Only the host and port parts of the URL are relevant in this setting.","type":"[Ljava.lang.String;","required":false,"order":4,"confidential":false,"defaultValues":[]},"overridable":false,"values":[]},{"schema":{"name":"uidAttribute","displayName":"Uid Attribute","helpMessage":"The name of the LDAP attribute which is mapped to the Uid attribute. Default is \"entryUUID\".","type":"java.lang.String","required":false,"order":21,"confidential":false,"defaultValues":["entryUUID"]},"overridable":false,"values":["uid"]},{"schema":{"name":"host","displayName":"Host","helpMessage":"The name or IP address of the host where the LDAP server is running.","type":"java.lang.String","required":true,"order":1,"confidential":false,"defaultValues":[]},"overridable":false,"values":["cgldads9018"]},{"schema":{"name":"accountObjectClasses","displayName":"Account Object Classes","helpMessage":"The object class or classes that will be used when creating new user objects in the LDAP tree. When entering more than one object class, each entry should be on its own line; do not use commas or semi-colons to separate multiple object classes. Some object classes may require that you specify all object classes in the class hierarchy.","type":"[Ljava.lang.String;","required":false,"order":9,"confidential":false,"defaultValues":["top","person","organizationalPerson","inetOrgPerson"]},"overridable":false,"values":["top","person","organizationalPerson","inetOrgPerson","stgBasicAccount","foodbuyMemberAccount"]},{"schema":{"name":"filterWithOrInsteadOfAnd","displayName":"Filter with Or Instead of And","helpMessage":"Normally the the filter used to fetch change log entries is an and-based filter retrieving an interval of change entries. If this property is set, the filter will or together the required change numbers instead. Default is \"false\".","type":"boolean","required":false,"order":30,"confidential":false,"defaultValues":[false]},"overridable":false,"values":[false]},{"schema":{"name":"accountSynchronizationFilter","displayName":"LDAP Filter for Accounts to Synchronize","helpMessage":"An optional LDAP filter for the objects to synchronize. Because the change log is for all objects, this filter updates only objects that match the specified filter. If you specify a filter, an object will be synchronized only if it matches the filter and includes a synchronized object class.","type":"java.lang.String","required":false,"order":27,"confidential":false,"defaultValues":[]},"overridable":false,"values":[]},{"schema":{"name":"retrievePasswordsWithSearch","displayName":"Retrieve passwords with search","helpMessage":"Whether to retrieve user passwords when searching. The default is \"false\".","type":"boolean","required":false,"order":37,"confidential":false,"defaultValues":[false]},"overridable":false,"values":[false]},{"schema":{"name":"connectTimeout","displayName":"Connection Timeout (Milliseconds)","helpMessage":"Time to wait when opening new server connections. Value of 0 means the TCP network timeout will be used, which may be several minutes. Value less than 0 means there is no limit.","type":"long","required":false,"order":41,"confidential":false,"defaultValues":[0]},"overridable":false,"values":["3000"]},{"schema":{"name":"passwordHashAlgorithm","displayName":"Password Hash Algorithm","helpMessage":"Indicates the algorithm that the Identity system should use to hash the password. Currently supported values are SSHA, SHA, SMD5, and MD5. A blank value indicates that the system will not hash passwords. This will cause cleartext passwords to be stored in LDAP unless the LDAP server performs the hash (Netscape Directory Server and iPlanet Directory Server do).","type":"java.lang.String","required":false,"order":17,"confidential":false,"defaultValues":[]},"overridable":false,"values":[]},{"schema":{"name":"useVlvControls","displayName":"Use VLV Controls","helpMessage":"Wheter to enforce usage of VLV controls over standard LDAP controls. Default is \"false\".","type":"boolean","required":false,"order":19,"confidential":false,"defaultValues":[false]},"overridable":false,"values":[false]},{"schema":{"name":"passwordDecryptionInitializationVector","displayName":"Password Decryption Initialization Vector","helpMessage":"The initialization vector to decrypt passwords with when performing password synchronization.","type":"org.identityconnectors.common.security.GuardedByteArray","required":false,"order":35,"confidential":true,"defaultValues":[]},"overridable":false,"values":[]},{"schema":{"name":"groupObjectClasses","displayName":"Group Object Classes","helpMessage":"The group class or classes that will be used when creating new group objects in the LDAP tree. When entering more than one object class, each entry should be on its own line; do not use commas or semi-colons to separate multiple group classes. Some group classes may require that you specify all group classes in the class hierarchy.","type":"[Ljava.lang.String;","required":false,"order":12,"confidential":false,"defaultValues":["top","groupOfUniqueNames"]},"overridable":false,"values":["top","groupOfUniqueNames"]},{"schema":{"name":"baseContextsToSynchronize","displayName":"Base Contexts to Synchronize","helpMessage":"One or more starting points in the LDAP tree that will be used to determine if a change should be synchronized. The base contexts attribute will be used to synchronize a change if this property is not set.","type":"[Ljava.lang.String;","required":false,"order":23,"confidential":false,"defaultValues":[]},"overridable":true,"values":["ou=CommitedMembers,ou=people,dc=foodbuy,dc=com"]},{"schema":{"name":"objectClassesToSynchronize","displayName":"Object Classes to Synchronize","helpMessage":"The object classes to synchronize. The change log is for all objects; this filters updates to just the listed object classes. You should not list the superclasses of an object class unless you intend to synchronize objects with any of the superclass values. For example, if only \"inetOrgPerson\" objects should be synchronized, but the superclasses of \"inetOrgPerson\" (\"person\", \"organizationalperson\" and \"top\") should be filtered out, then list only \"inetOrgPerson\" here. All objects in LDAP are subclassed from \"top\". For this reason, you should never list \"top\", otherwise no object would be filtered. Default is \"inetOrgPerson\".","type":"[Ljava.lang.String;","required":false,"order":24,"confidential":false,"defaultValues":["inetOrgPerson"]},"overridable":false,"values":["inetOrgPerson"]},{"schema":{"name":"synchronizePasswords","displayName":"Enable Password Synchronization","helpMessage":"If true, the connector will synchronize passwords. The Password Capture Plugin needs to be installed for password synchronization to work. Default is \"false\".","type":"boolean","required":false,"order":32,"confidential":false,"defaultValues":[false]},"overridable":false,"values":["false"]},{"schema":{"name":"baseContexts","displayName":"Base Contexts","helpMessage":"One or more starting points in the LDAP tree that will be used when searching the tree. Searches are performed when discovering users from the LDAP server or when looking for the groups of which a user is a member.","type":"[Ljava.lang.String;","required":true,"order":7,"confidential":false,"defaultValues":[]},"overridable":true,"values":["ou=CommitedMembers,ou=people,dc=foodbuy,dc=com"]},{"schema":{"name":"maintainPosixGroupMembership","displayName":"Maintain POSIX Group Membership","helpMessage":"When enabled and a user is renamed or deleted, update any POSIX groups to which the user belongs to reflect the new name. Otherwise, the LDAP resource must maintain referential integrity with respect to group membership. Default is \"false\".","type":"boolean","required":false,"order":16,"confidential":false,"defaultValues":[false]},"overridable":false,"values":[false]},{"schema":{"name":"credentials","displayName":"Password","helpMessage":"Password for the principal.","type":"org.identityconnectors.common.security.GuardedString","required":false,"order":6,"confidential":true,"defaultValues":[]},"overridable":false,"values":["secret"]},{"schema":{"name":"statusManagementClass","displayName":"Status management class ","helpMessage":"Class to be used to manage enabled/disabled status. If no class is specified then identity status management wont be possible.","type":"java.lang.String","required":false,"order":36,"confidential":false,"defaultValues":[]},"overridable":false,"values":[]},{"schema":{"name":"readSchema","displayName":"Read Schema","helpMessage":"If true, the connector will read the schema from the server. If false, the connector will provide a default schema based on the object classes in the configuration. This property must be true in order to use extended object classes. Default is \"true\".","type":"boolean","required":false,"order":22,"confidential":false,"defaultValues":[true]},"overridable":false,"values":[true]},{"schema":{"name":"passwordAttribute","displayName":"Password Attribute","helpMessage":"The name of the LDAP attribute which holds the password. When changing an user's password, the new password is set to this attribute. Default is \"userPassword\".","type":"java.lang.String","required":false,"order":8,"confidential":false,"defaultValues":["userPassword"]},"overridable":false,"values":["userPassword"]},{"schema":{"name":"respectResourcePasswordPolicyChangeAfterReset","displayName":"Respect Resource Password Policy Change-After-Reset","helpMessage":"When this resource is specified in a Login Module (i.e., this resource is a pass-through authentication target) and the resource's password policy is configured for change-after-reset, a user whose resource account password has been administratively reset will be required to change that password after successfully authenticating. Default is \"false\".","type":"boolean","required":false,"order":18,"confidential":false,"defaultValues":[false]},"overridable":false,"values":["false"]},{"schema":{"name":"dnAttribute","displayName":"Entry DN attribute name","helpMessage":"Entry DN attribute name (default: entryDN)","type":"java.lang.String","required":false,"order":38,"confidential":false,"defaultValues":["entryDN"]},"overridable":false,"values":["entryDN"]},{"schema":{"name":"port","displayName":"TCP Port","helpMessage":"TCP/IP port number used to communicate with the LDAP server. The default is 389.","type":"int","required":false,"order":2,"confidential":false,"defaultValues":[389]},"overridable":false,"values":["10389"]},{"schema":{"name":"vlvSortAttribute","displayName":"VLV Sort Attribute","helpMessage":"Specify the sort attribute to use for VLV indexes on the resource. Default is \"uid\".","type":"java.lang.String","required":false,"order":20,"confidential":false,"defaultValues":["uid"]},"overridable":false,"values":["uid"]}],"capabilities":["AUTHENTICATE","CREATE","UPDATE","DELETE","SEARCH","SYNC"]},{"key":"db9d3e6f-31d7-4064-9d3e-6f31d7b06420","location":"file:/usr/share/tomcat/v8/SYNCOPEDEV/appconfigs/dev/bundles/","connectorName":"net.tirasa.connid.bundles.rest.RESTConnector","bundleName":"net.tirasa.connid.bundles.rest","version":"1.0.1","displayName":"Conn-REST-Test-ADAMS-API","connRequestTimeout":10,"poolConf":{"maxObjects":null,"minIdle":null,"maxIdle":null,"maxWait":null,"minEvictableIdleTimeMillis":null},"conf":[{"schema":{"name":"authenticateScript","displayName":"authenticateScript","helpMessage":"authenticateScript","type":"java.lang.String","required":false,"order":6,"confidential":false,"defaultValues":[""]},"overridable":false,"values":[]},{"schema":{"name":"contentType","displayName":"contentType","helpMessage":"contentType","type":"java.lang.String","required":true,"order":-1,"confidential":false,"defaultValues":["application/json"]},"overridable":false,"values":["application/json"]},{"schema":{"name":"resolveUsernameScriptFileName","displayName":"resolveUsernameScriptFileName","helpMessage":"resolveUsernameScriptFileName","type":"java.lang.String","required":false,"order":15,"confidential":false,"defaultValues":[]},"overridable":false,"values":[]},{"schema":{"name":"password","displayName":"password","helpMessage":"password","type":"org.identityconnectors.common.security.GuardedString","required":false,"order":1,"confidential":true,"defaultValues":[]},"overridable":false,"values":["e$$adm1n"]},{"schema":{"name":"schemaScriptFileName","displayName":"schemaScriptFileName","helpMessage":"schemaScriptFileName","type":"java.lang.String","required":false,"order":17,"confidential":false,"defaultValues":[]},"overridable":false,"values":[]},{"schema":{"name":"updateScript","displayName":"updateScript","helpMessage":"updateScript","type":"java.lang.String","required":false,"order":4,"confidential":false,"defaultValues":[""]},"overridable":false,"values":[]},{"schema":{"name":"searchScript","displayName":"searchScript","helpMessage":"searchScript","type":"java.lang.String","required":false,"order":6,"confidential":false,"defaultValues":[""]},"overridable":false,"values":[]},{"schema":{"name":"clearTextPasswordToScript","displayName":"clearTextPasswordToScript","helpMessage":"clearTextPasswordToScript","type":"boolean","required":false,"order":1,"confidential":false,"defaultValues":[true]},"overridable":false,"values":[true]},{"schema":{"name":"authenticateScriptFileName","displayName":"authenticateScriptFileName","helpMessage":"authenticateScriptFileName","type":"java.lang.String","required":false,"order":14,"confidential":false,"defaultValues":[]},"overridable":false,"values":[]},{"schema":{"name":"syncScript","displayName":"syncScript","helpMessage":"syncScript","type":"java.lang.String","required":false,"order":7,"confidential":false,"defaultValues":[""]},"overridable":false,"values":[]},{"schema":{"name":"searchScriptFileName","displayName":"searchScriptFileName","helpMessage":"searchScriptFileName","type":"java.lang.String","required":false,"order":13,"confidential":false,"defaultValues":[]},"overridable":false,"values":[]},{"schema":{"name":"accept","displayName":"accept","helpMessage":"accept","type":"java.lang.String","required":true,"order":-2,"confidential":false,"defaultValues":["application/json"]},"overridable":false,"values":["application/vnd.adams-v1.0+json"]},{"schema":{"name":"resolveUsernameScript","displayName":"resolveUsernameScript","helpMessage":"resolveUsernameScript","type":"java.lang.String","required":false,"order":6,"confidential":false,"defaultValues":[""]},"overridable":false,"values":[]},{"schema":{"name":"syncScriptFileName","displayName":"syncScriptFileName","helpMessage":"syncScriptFileName","type":"java.lang.String","required":false,"order":16,"confidential":false,"defaultValues":[]},"overridable":false,"values":[]},{"schema":{"name":"baseAddress","displayName":"baseAddress","helpMessage":"baseAddress","type":"java.lang.String","required":true,"order":-3,"confidential":false,"defaultValues":[]},"overridable":false,"values":["https://adamsdev.compassmanager.com/api/users?api_key=eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJKVXNlciJ9.E59wqvVNv_L6v6AveQzqD6j4m5DKg86z4cqIMbgHmJ8vd6OYcJ0S4S7A0AzU5gGsLsO7sAFzM9DBZc0jOSd19w"]},{"schema":{"name":"deleteScriptFileName","displayName":"deleteScriptFileName","helpMessage":"deleteScriptFileName","type":"java.lang.String","required":false,"order":12,"confidential":false,"defaultValues":[]},"overridable":false,"values":[]},{"schema":{"name":"updateScriptFileName","displayName":"updateScriptFileName","helpMessage":"updateScriptFileName","type":"java.lang.String","required":false,"order":11,"confidential":false,"defaultValues":[]},"overridable":false,"values":["/usr/share/tomcat/v8/SYNCOPEDEV/webapps/syncope/WEB-INF/classes/rest/UpdateScript.groovy"]},{"schema":{"name":"deleteScript","displayName":"deleteScript","helpMessage":"deleteScript","type":"java.lang.String","required":false,"order":5,"confidential":false,"defaultValues":[""]},"overridable":false,"values":[]},{"schema":{"name":"schemaScript","displayName":"schemaScript","helpMessage":"schemaScript","type":"java.lang.String","required":false,"order":8,"confidential":false,"defaultValues":[""]},"overridable":false,"values":[]},{"schema":{"name":"username","displayName":"username","helpMessage":"username","type":"java.lang.String","required":false,"order":0,"confidential":false,"defaultValues":[]},"overridable":false,"values":["essadmin"]},{"schema":{"name":"createScriptFileName","displayName":"createScriptFileName","helpMessage":"createScriptFileName","type":"java.lang.String","required":false,"order":10,"confidential":false,"defaultValues":[]},"overridable":false,"values":["/usr/share/tomcat/v8/SYNCOPEDEV/webapps/syncope/WEB-INF/classes/rest/CreateScript.groovy"]},{"schema":{"name":"createScript","displayName":"createScript","helpMessage":"createScript","type":"java.lang.String","required":false,"order":3,"confidential":false,"defaultValues":[""]},"overridable":false,"values":[]},{"schema":{"name":"scriptingLanguage","displayName":"scriptingLanguage","helpMessage":"scriptingLanguage","type":"java.lang.String","required":false,"order":0,"confidential":false,"defaultValues":["GROOVY"]},"overridable":false,"values":["GROOVY"]},{"schema":{"name":"testScript","displayName":"testScript","helpMessage":"testScript","type":"java.lang.String","required":false,"order":9,"confidential":false,"defaultValues":[""]},"overridable":false,"values":[]},{"schema":{"name":"reloadScriptOnExecution","displayName":"reloadScriptOnExecution","helpMessage":"reloadScriptOnExecution","type":"boolean","required":false,"order":2,"confidential":false,"defaultValues":[false]},"overridable":false,"values":[false]},{"schema":{"name":"testScriptFileName","displayName":"testScriptFileName","helpMessage":"testScriptFileName","type":"java.lang.String","required":false,"order":18,"confidential":false,"defaultValues":[]},"overridable":false,"values":[]}],"capabilities":["CREATE","UPDATE"]}]


Resource

[{"key":"res-ad-compass","connector":"6a9a654d-5b02-4089-9a65-4d5b028089d2","connectorDisplayName":"conn-ad-compass","orgUnit":null,"propagationPriority":0,"randomPwdIfNotProvided":false,"enforceMandatoryCondition":false,"createTraceLevel":"ALL","updateTraceLevel":"ALL","deleteTraceLevel":"ALL","provisioningTraceLevel":"ALL","passwordPolicy":null,"accountPolicy":null,"pullPolicy":null,"overrideCapabilities":false,"provisions":[{"key":"a8bfadab-365c-440d-bfad-ab365cf40d56","anyType":"USER","objectClass":"__ACCOUNT__","syncToken":null,"mapping":{"connObjectLink":null,"connObjectKeyItem":{"key":"fd13fe22-5907-46ef-93fe-22590776ef05","intAttrName":"username","extAttrName":"sAMAccountName","connObjectKey":true,"password":false,"mandatoryCondition":"true","purpose":"PULL","propagationJEXLTransformer":null,"pullJEXLTransformer":null,"mappingItemTransformerClassNames":[]},"items":[{"key":"0df2b642-9436-4bbe-b2b6-4294362bbee7","intAttrName":"lastName","extAttrName":"sn","connObjectKey":false,"password":false,"mandatoryCondition":"true","purpose":"PULL","propagationJEXLTransformer":null,"pullJEXLTransformer":null,"mappingItemTransformerClassNames":[]},{"key":"1bdd4d58-a44a-402e-9d4d-58a44a802ecd","intAttrName":"jobTitle","extAttrName":"title","connObjectKey":false,"password":false,"mandatoryCondition":"false","purpose":"PULL","propagationJEXLTransformer":null,"pullJEXLTransformer":null,"mappingItemTransformerClassNames":[]},{"key":"51f9dfcd-de73-410d-b9df-cdde73210da5","intAttrName":"phoneNumber","extAttrName":"telephoneNumber","connObjectKey":false,"password":false,"mandatoryCondition":"false","purpose":"PULL","propagationJEXLTransformer":null,"pullJEXLTransformer":null,"mappingItemTransformerClassNames":[]},{"key":"d6f58e9d-9517-4f7b-b58e-9d9517ff7b92","intAttrName":"email","extAttrName":"mail","connObjectKey":false,"password":false,"mandatoryCondition":"true","purpose":"PULL","propagationJEXLTransformer":null,"pullJEXLTransformer":null,"mappingItemTransformerClassNames":[]},{"key":"fcdf0e39-37e8-4123-9f0e-3937e8b12369","intAttrName":"firstName","extAttrName":"givenName","connObjectKey":false,"password":false,"mandatoryCondition":"true","purpose":"PULL","propagationJEXLTransformer":null,"pullJEXLTransformer":null,"mappingItemTransformerClassNames":[]},{"key":"fd13fe22-5907-46ef-93fe-22590776ef05","intAttrName":"username","extAttrName":"sAMAccountName","connObjectKey":true,"password":false,"mandatoryCondition":"true","purpose":"PULL","propagationJEXLTransformer":null,"pullJEXLTransformer":null,"mappingItemTransformerClassNames":[]}],"linkingItems":[]},"auxClasses":["CompassUser"],"virSchemas":[]}],"confOverride":[],"capabilitiesOverride":["AUTHENTICATE","CREATE","UPDATE","DELETE","SEARCH","SYNC"],"propagationActionsClassNames":[]}]
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Pull users from LDAP

Andrea Patricelli-2
Hi,

this morning I made a test with AD connector 1.3.2. I successfully
pulled 600+ users without experiencing any pagination cookie exception.

Best regards,
Andrea


Il 29/07/2017 01:00, justin.isenhour ha scritto:

> Francesco,
>
> I am using the the AD connector (net.tirasa.connid.bundles.ad) v1.3.2 to
> connect to Microsoft Active Directory.  Below is the configuration.
>
> *Connector*
> [{"key":"6a9a654d-5b02-4089-9a65-4d5b028089d2","location":"file:/usr/share/tomcat/v8/SYNCOPEDEV/appconfigs/dev/bundles/","connectorName":"net.tirasa.connid.bundles.ad.ADConnector","bundleName":"net.tirasa.connid.bundles.ad","version":"1.3.2","displayName":"conn-ad-compass","connRequestTimeout":10,"poolConf":{"maxObjects":null,"minIdle":null,"maxIdle":null,"maxWait":null,"minEvictableIdleTimeMillis":null},"conf":[{"schema":{"name":"credentials","displayName":"Principal
> password","helpMessage":"Insert password for
> administrator","type":"org.identityconnectors.common.security.GuardedString","required":false,"order":6,"confidential":true,"defaultValues":[]},"overridable":false,"values":["_r4&Age3+s"]},{"schema":{"name":"ssl","displayName":"SSL","helpMessage":"User
> SSL to perform password
> provisioning","type":"boolean","required":false,"order":1,"confidential":false,"defaultValues":[true]},"overridable":false,"values":["false"]},{"schema":{"name":"groupSearchFilter","displayName":"Custom
> group search filter","helpMessage":"Custom group search
> filter","type":"java.lang.String","required":false,"order":11,"confidential":false,"defaultValues":[]},"overridable":false,"values":[]},{"schema":{"name":"pwdUpdateOnly","displayName":"Permit
> password update only","helpMessage":"Specify TRUE if you want to permit
> password update only: create/delete operation will be denied while other
> attributes update requests will be
> ignored.","type":"boolean","required":true,"order":17,"confidential":false,"defaultValues":[false]},"overridable":false,"values":[false]},{"schema":{"name":"retrieveDeletedUser","displayName":"Retrieve
> deleted users","helpMessage":"Specify TRUE to retrieve deleted users also.
> The default is
> \"true\".","type":"boolean","required":false,"order":2,"confidential":false,"defaultValues":[true]},"overridable":false,"values":[true]},{"schema":{"name":"port","displayName":"Server
> port","helpMessage":"Insert port. The default is
> 636.","type":"int","required":false,"order":2,"confidential":false,"defaultValues":[636]},"overridable":false,"values":["389"]},{"schema":{"name":"groupOwnerReferenceAttribute","displayName":"Group
> owner reference attribute","helpMessage":"Group attribute name referencing
> (by DN) the
> owner","type":"java.lang.String","required":false,"order":15,"confidential":false,"defaultValues":["managedBy"]},"overridable":false,"values":["managedBy"]},{"schema":{"name":"defaultGroupContainer","displayName":"Default
> group container","helpMessage":"Default group container to be used in case
> of entry DN is not
> provided","type":"java.lang.String","required":false,"order":8,"confidential":false,"defaultValues":[]},"overridable":false,"values":[]},{"schema":{"name":"defaultPeopleContainer","displayName":"Default
> people container","helpMessage":"Default people container to be used in case
> of entry DN is not
> provided","type":"java.lang.String","required":false,"order":7,"confidential":false,"defaultValues":[]},"overridable":false,"values":[]},{"schema":{"name":"userBaseContexts","displayName":"Base
> contexts for user entry searches","helpMessage":"DN of context to be used as
> starting point for user entry
> searches","type":"[Ljava.lang.String;","required":false,"order":13,"confidential":false,"defaultValues":[]},"overridable":false,"values":["ou=Accounts,dc=NA,dc=CompassGroup,dc=Corp"]},{"schema":{"name":"failover","displayName":"Failover","helpMessage":"Failover
> host:port","type":"[Ljava.lang.String;","required":false,"order":4,"confidential":false,"defaultValues":[]},"overridable":false,"values":[]},{"schema":{"name":"startSyncFromToday","displayName":"Null
> token is the latest","helpMessage":"Reset null token value to the latest
> (sync with null token will not return any result). The default is
> \"true\".","type":"boolean","required":false,"order":16,"confidential":false,"defaultValues":[true]},"overridable":false,"values":[true]},{"schema":{"name":"groupSearchScope","displayName":"Group
> search scope","helpMessage":"Choose object, onlevel or
> subtree","type":"java.lang.String","required":false,"order":10,"confidential":false,"defaultValues":["subtree"]},"overridable":false,"values":["subtree"]},{"schema":{"name":"objectClassesToSynchronize","displayName":"Object
> classes to synchronize","helpMessage":"Specify object classes to identify
> entry to
> synchronize","type":"[Ljava.lang.String;","required":false,"order":24,"confidential":false,"defaultValues":["user"]},"overridable":false,"values":["user"]},{"schema":{"name":"membershipsInOr","displayName":"Verify
> memberships in OR","helpMessage":"Specify TRUE if you want to verify
> memberships using OR logical operator. The default is
> \"false\".","type":"boolean","required":false,"order":5,"confidential":false,"defaultValues":[false]},"overridable":false,"values":[false]},{"schema":{"name":"groupBaseContexts","displayName":"Base
> contexts for group entry searches","helpMessage":"DN of context to be used
> as starting point for group entry
> searches","type":"[Ljava.lang.String;","required":false,"order":12,"confidential":false,"defaultValues":[]},"overridable":false,"values":[]},{"schema":{"name":"membershipConservativePolicy","displayName":"Conservative
> membership policy","helpMessage":"Conservative managing and assignment of
> groups to user. The groups already assigned will not be
> removed.","type":"boolean","required":false,"order":18,"confidential":false,"defaultValues":[false]},"overridable":false,"values":[false]},{"schema":{"name":"uidAttribute","displayName":"uidAttribute","helpMessage":"uidAttribute","type":"java.lang.String","required":false,"order":21,"confidential":false,"defaultValues":["sAMAccountName"]},"overridable":false,"values":["sAMAccountName"]},{"schema":{"name":"trustAllCerts","displayName":"Trust
> all certs","helpMessage":"Specify TRUE to trust all certs. The default is
> \"false\".","type":"boolean","required":false,"order":4,"confidential":false,"defaultValues":[false]},"overridable":false,"values":[false]},{"schema":{"name":"memberships","displayName":"Memberships","helpMessage":"Specify
> memberships","type":"[Ljava.lang.String;","required":false,"order":1,"confidential":false,"defaultValues":[]},"overridable":false,"values":[]},{"schema":{"name":"retrieveDeletedGroup","displayName":"Retrieve
> deleted groups","helpMessage":"Specify TRUE to retrieve deleted groups
> also","type":"boolean","required":false,"order":3,"confidential":false,"defaultValues":[true]},"overridable":false,"values":[true]},{"schema":{"name":"host","displayName":"Server
> hostname","helpMessage":"Insert
> hostname","type":"java.lang.String","required":true,"order":1,"confidential":false,"defaultValues":[]},"overridable":false,"values":["ldap.na.compassgroup.corp"]},{"schema":{"name":"groupMemberReferenceAttribute","displayName":"Group
> members reference attribute ","helpMessage":"Group attribute referencing (by
> DN) the users members of a
> group","type":"java.lang.String","required":false,"order":14,"confidential":false,"defaultValues":["member"]},"overridable":false,"values":["member"]},{"schema":{"name":"baseContextsToSynchronize","displayName":"Root
> suffixes","helpMessage":"Insert root
> suffixes","type":"[Ljava.lang.String;","required":true,"order":6,"confidential":false,"defaultValues":[]},"overridable":false,"values":["ou=Accounts,dc=NA,dc=CompassGroup,dc=Corp"]},{"schema":{"name":"accountSearchFilter","displayName":"Custom
> user search filter","helpMessage":"Custom user search
> filter","type":"java.lang.String","required":false,"order":11,"confidential":false,"defaultValues":[]},"overridable":false,"values":[]},{"schema":{"name":"userSearchScope","displayName":"User
> search scope","helpMessage":"Choose object, onlevel or
> subtree","type":"java.lang.String","required":false,"order":9,"confidential":false,"defaultValues":["subtree"]},"overridable":false,"values":["subtree"]},{"schema":{"name":"principal","displayName":"Principal","helpMessage":"Insert
> DN of a user with administration
> capabilities","type":"java.lang.String","required":false,"order":5,"confidential":false,"defaultValues":[]},"overridable":false,"values":["[hidden email]"]},{"schema":{"name":"accountObjectClasses","displayName":"Entry
> object classes","helpMessage":"Insert object classes to assign to managed
> entries","type":"[Ljava.lang.String;","required":false,"order":9,"confidential":false,"defaultValues":["top","person","organizationalPerson","inetOrgPerson"]},"overridable":false,"values":["top","person","organizationalPerson","user"]}],"capabilities":["AUTHENTICATE","CREATE","UPDATE","DELETE","SEARCH","SYNC"]},{"key":"b1da11c3-4542-49fa-9a11-c34542c9fa3a","location":"file:/usr/share/tomcat/v8/SYNCOPEDEV/appconfigs/dev/bundles/","connectorName":"net.tirasa.connid.bundles.ldap.LdapConnector","bundleName":"net.tirasa.connid.bundles.ldap","version":"1.5.1","displayName":"conn-dev-ads-foodbuy","connRequestTimeout":10,"poolConf":{"maxObjects":null,"minIdle":null,"maxIdle":null,"maxWait":null,"minEvictableIdleTimeMillis":null},"conf":[{"schema":{"name":"accountSearchFilter","displayName":"LDAP
> Filter for Retrieving Accounts","helpMessage":"An optional LDAP filter to
> control which accounts are returned from the LDAP resource. If no filter is
> specified, only accounts that include all specified object classes are
> returned.","type":"java.lang.String","required":false,"order":11,"confidential":false,"defaultValues":[]},"overridable":false,"values":[]},{"schema":{"name":"maintainLdapGroupMembership","displayName":"Maintain
> LDAP Group Membership","helpMessage":"When enabled and a user is renamed or
> deleted, update any LDAP groups to which the user belongs to reflect the new
> name. Otherwise, the LDAP resource must maintain referential integrity with
> respect to group membership. Default is
> \"false\".","type":"boolean","required":false,"order":15,"confidential":false,"defaultValues":[false]},"overridable":false,"values":[false]},{"schema":{"name":"passwordDecryptionKey","displayName":"Password
> Decryption Key","helpMessage":"The key to decrypt passwords with when
> performing password
> synchronization.","type":"org.identityconnectors.common.security.GuardedByteArray","required":false,"order":34,"confidential":true,"defaultValues":[]},"overridable":false,"values":[]},{"schema":{"name":"groupMemberAttribute","displayName":"Group
> Member Attribute","helpMessage":"The name of the group attribute that will
> be updated with the distinguished name of the user when the user is added to
> the group. Default is
> \"uniqueMember\".","type":"java.lang.String","required":false,"order":14,"confidential":false,"defaultValues":["uniqueMember"]},"overridable":false,"values":["uniqueMember"]},{"schema":{"name":"accountUserNameAttributes","displayName":"Account
> User Name Attributes","helpMessage":"Attribute or attributes which holds the
> account's user name. They will be used when authenticating to find the LDAP
> entry for the user name to
> authenticate.","type":"[Ljava.lang.String;","required":false,"order":10,"confidential":false,"defaultValues":["uid","cn"]},"overridable":false,"values":["uid"]},{"schema":{"name":"modifiersNamesToFilterOut","displayName":"Filter
> Out Changes By","helpMessage":"The names (DNs) of directory administrators
> to filter from the changes. Changes with the attribute \"modifiersName\"
> that match entries in this list will be filtered out. The standard value is
> the administrator name used by this adapter, to prevent loops. Entries
> should be of the format \"cn=Directory
> Manager\".","type":"[Ljava.lang.String;","required":false,"order":26,"confidential":false,"defaultValues":[]},"overridable":false,"values":[]},{"schema":{"name":"removeLogEntryObjectClassFromFilter","displayName":"Remove
> Log Entry Object Class from Filter","helpMessage":"If this property is set
> (the default), the filter used to fetch change log entries does not contain
> the \"changeLogEntry\" object class, expecting that there are no entries of
> other object types in the change log. Default is
> \"true\".","type":"boolean","required":false,"order":31,"confidential":false,"defaultValues":[true]},"overridable":false,"values":[true]},{"schema":{"name":"passwordAttributeToSynchronize","displayName":"Password
> Attribute to Synchronize","helpMessage":"The name of the password attribute
> to synchronize when performing password
> synchronization.","type":"java.lang.String","required":false,"order":33,"confidential":false,"defaultValues":[]},"overridable":false,"values":["userPassword"]},{"schema":{"name":"groupNameAttributes","displayName":"Group
> Name Attributes","helpMessage":"Attribute or attributes which holds the
> group's name. Default is
> \"cn\".","type":"[Ljava.lang.String;","required":false,"order":13,"confidential":false,"defaultValues":["cn"]},"overridable":false,"values":["o"]},{"schema":{"name":"attributesToSynchronize","displayName":"Attributes
> to Synchronize","helpMessage":"The names of the attributes to synchronize.
> This ignores updates from the change log if they do not update any of the
> named attributes. For example, if only \"department\" is listed, then only
> changes that affect \"department\" will be processed. All other updates are
> ignored. If blank (the default), then all changes are
> processed.","type":"[Ljava.lang.String;","required":false,"order":25,"confidential":false,"defaultValues":[]},"overridable":false,"values":[]},{"schema":{"name":"changeLogBlockSize","displayName":"Change
> Log Block Size","helpMessage":"The number of change log entries to fetch per
> query. Default is
> \"100\".","type":"int","required":false,"order":28,"confidential":false,"defaultValues":[100]},"overridable":false,"values":["100"]},{"schema":{"name":"groupSearchFilter","displayName":"LDAP
> Filter for Retrieving Groups","helpMessage":"An optional LDAP filter to
> control which groups are returned from the LDAP resource. If no filter is
> specified, only groups that include all specified object classes are
> returned.","type":"java.lang.String","required":false,"order":39,"confidential":false,"defaultValues":[]},"overridable":false,"values":[]},{"schema":{"name":"readTimeout","displayName":"Read
> Timeout (Milliseconds)","helpMessage":"Time to wait for a response to be
> received. If there is no response within the specified time period, the read
> attempt will be aborted. Value 0 or less than 0 means there is no
> limit.","type":"long","required":false,"order":40,"confidential":false,"defaultValues":[0]},"overridable":false,"values":["3000"]},{"schema":{"name":"principal","displayName":"Principal","helpMessage":"The
> distinguished name with which to authenticate to the LDAP
> server.","type":"java.lang.String","required":false,"order":5,"confidential":false,"defaultValues":[]},"overridable":false,"values":["uid=admin,ou=system"]},{"schema":{"name":"ssl","displayName":"SSL","helpMessage":"Select
> the check box to connect to the LDAP server using SSL. The default is
> \"false\".","type":"boolean","required":false,"order":3,"confidential":false,"defaultValues":[false]},"overridable":false,"values":["false"]},{"schema":{"name":"changeNumberAttribute","displayName":"Change
> Number Attribute","helpMessage":"The name of the change number attribute in
> the change log entry. Default is
> \"changeNumber\".","type":"java.lang.String","required":false,"order":29,"confidential":false,"defaultValues":["changeNumber"]},"overridable":false,"values":["changeNumber"]},{"schema":{"name":"failover","displayName":"Failover
> Servers","helpMessage":"List all servers that should be used for failover in
> case the preferred server fails. If the preferred server fails, JNDI will
> connect to the next available server in the list. List all servers in the
> form of \"ldap://ldap.example.com:389/\", which follows the standard LDAP v3
> URLs described in RFC 2255. Only the host and port parts of the URL are
> relevant in this
> setting.","type":"[Ljava.lang.String;","required":false,"order":4,"confidential":false,"defaultValues":[]},"overridable":false,"values":[]},{"schema":{"name":"uidAttribute","displayName":"Uid
> Attribute","helpMessage":"The name of the LDAP attribute which is mapped to
> the Uid attribute. Default is
> \"entryUUID\".","type":"java.lang.String","required":false,"order":21,"confidential":false,"defaultValues":["entryUUID"]},"overridable":false,"values":["uid"]},{"schema":{"name":"host","displayName":"Host","helpMessage":"The
> name or IP address of the host where the LDAP server is
> running.","type":"java.lang.String","required":true,"order":1,"confidential":false,"defaultValues":[]},"overridable":false,"values":["cgldads9018"]},{"schema":{"name":"accountObjectClasses","displayName":"Account
> Object Classes","helpMessage":"The object class or classes that will be used
> when creating new user objects in the LDAP tree. When entering more than one
> object class, each entry should be on its own line; do not use commas or
> semi-colons to separate multiple object classes. Some object classes may
> require that you specify all object classes in the class
> hierarchy.","type":"[Ljava.lang.String;","required":false,"order":9,"confidential":false,"defaultValues":["top","person","organizationalPerson","inetOrgPerson"]},"overridable":false,"values":["top","person","organizationalPerson","inetOrgPerson","stgBasicAccount","foodbuyMemberAccount"]},{"schema":{"name":"filterWithOrInsteadOfAnd","displayName":"Filter
> with Or Instead of And","helpMessage":"Normally the the filter used to fetch
> change log entries is an and-based filter retrieving an interval of change
> entries. If this property is set, the filter will or together the required
> change numbers instead. Default is
> \"false\".","type":"boolean","required":false,"order":30,"confidential":false,"defaultValues":[false]},"overridable":false,"values":[false]},{"schema":{"name":"accountSynchronizationFilter","displayName":"LDAP
> Filter for Accounts to Synchronize","helpMessage":"An optional LDAP filter
> for the objects to synchronize. Because the change log is for all objects,
> this filter updates only objects that match the specified filter. If you
> specify a filter, an object will be synchronized only if it matches the
> filter and includes a synchronized object
> class.","type":"java.lang.String","required":false,"order":27,"confidential":false,"defaultValues":[]},"overridable":false,"values":[]},{"schema":{"name":"retrievePasswordsWithSearch","displayName":"Retrieve
> passwords with search","helpMessage":"Whether to retrieve user passwords
> when searching. The default is
> \"false\".","type":"boolean","required":false,"order":37,"confidential":false,"defaultValues":[false]},"overridable":false,"values":[false]},{"schema":{"name":"connectTimeout","displayName":"Connection
> Timeout (Milliseconds)","helpMessage":"Time to wait when opening new server
> connections. Value of 0 means the TCP network timeout will be used, which
> may be several minutes. Value less than 0 means there is no
> limit.","type":"long","required":false,"order":41,"confidential":false,"defaultValues":[0]},"overridable":false,"values":["3000"]},{"schema":{"name":"passwordHashAlgorithm","displayName":"Password
> Hash Algorithm","helpMessage":"Indicates the algorithm that the Identity
> system should use to hash the password. Currently supported values are SSHA,
> SHA, SMD5, and MD5. A blank value indicates that the system will not hash
> passwords. This will cause cleartext passwords to be stored in LDAP unless
> the LDAP server performs the hash (Netscape Directory Server and iPlanet
> Directory Server
> do).","type":"java.lang.String","required":false,"order":17,"confidential":false,"defaultValues":[]},"overridable":false,"values":[]},{"schema":{"name":"useVlvControls","displayName":"Use
> VLV Controls","helpMessage":"Wheter to enforce usage of VLV controls over
> standard LDAP controls. Default is
> \"false\".","type":"boolean","required":false,"order":19,"confidential":false,"defaultValues":[false]},"overridable":false,"values":[false]},{"schema":{"name":"passwordDecryptionInitializationVector","displayName":"Password
> Decryption Initialization Vector","helpMessage":"The initialization vector
> to decrypt passwords with when performing password
> synchronization.","type":"org.identityconnectors.common.security.GuardedByteArray","required":false,"order":35,"confidential":true,"defaultValues":[]},"overridable":false,"values":[]},{"schema":{"name":"groupObjectClasses","displayName":"Group
> Object Classes","helpMessage":"The group class or classes that will be used
> when creating new group objects in the LDAP tree. When entering more than
> one object class, each entry should be on its own line; do not use commas or
> semi-colons to separate multiple group classes. Some group classes may
> require that you specify all group classes in the class
> hierarchy.","type":"[Ljava.lang.String;","required":false,"order":12,"confidential":false,"defaultValues":["top","groupOfUniqueNames"]},"overridable":false,"values":["top","groupOfUniqueNames"]},{"schema":{"name":"baseContextsToSynchronize","displayName":"Base
> Contexts to Synchronize","helpMessage":"One or more starting points in the
> LDAP tree that will be used to determine if a change should be synchronized.
> The base contexts attribute will be used to synchronize a change if this
> property is not
> set.","type":"[Ljava.lang.String;","required":false,"order":23,"confidential":false,"defaultValues":[]},"overridable":true,"values":["ou=CommitedMembers,ou=people,dc=foodbuy,dc=com"]},{"schema":{"name":"objectClassesToSynchronize","displayName":"Object
> Classes to Synchronize","helpMessage":"The object classes to synchronize.
> The change log is for all objects; this filters updates to just the listed
> object classes. You should not list the superclasses of an object class
> unless you intend to synchronize objects with any of the superclass values.
> For example, if only \"inetOrgPerson\" objects should be synchronized, but
> the superclasses of \"inetOrgPerson\" (\"person\", \"organizationalperson\"
> and \"top\") should be filtered out, then list only \"inetOrgPerson\" here.
> All objects in LDAP are subclassed from \"top\". For this reason, you should
> never list \"top\", otherwise no object would be filtered. Default is
> \"inetOrgPerson\".","type":"[Ljava.lang.String;","required":false,"order":24,"confidential":false,"defaultValues":["inetOrgPerson"]},"overridable":false,"values":["inetOrgPerson"]},{"schema":{"name":"synchronizePasswords","displayName":"Enable
> Password Synchronization","helpMessage":"If true, the connector will
> synchronize passwords. The Password Capture Plugin needs to be installed for
> password synchronization to work. Default is
> \"false\".","type":"boolean","required":false,"order":32,"confidential":false,"defaultValues":[false]},"overridable":false,"values":["false"]},{"schema":{"name":"baseContexts","displayName":"Base
> Contexts","helpMessage":"One or more starting points in the LDAP tree that
> will be used when searching the tree. Searches are performed when
> discovering users from the LDAP server or when looking for the groups of
> which a user is a
> member.","type":"[Ljava.lang.String;","required":true,"order":7,"confidential":false,"defaultValues":[]},"overridable":true,"values":["ou=CommitedMembers,ou=people,dc=foodbuy,dc=com"]},{"schema":{"name":"maintainPosixGroupMembership","displayName":"Maintain
> POSIX Group Membership","helpMessage":"When enabled and a user is renamed or
> deleted, update any POSIX groups to which the user belongs to reflect the
> new name. Otherwise, the LDAP resource must maintain referential integrity
> with respect to group membership. Default is
> \"false\".","type":"boolean","required":false,"order":16,"confidential":false,"defaultValues":[false]},"overridable":false,"values":[false]},{"schema":{"name":"credentials","displayName":"Password","helpMessage":"Password
> for the
> principal.","type":"org.identityconnectors.common.security.GuardedString","required":false,"order":6,"confidential":true,"defaultValues":[]},"overridable":false,"values":["secret"]},{"schema":{"name":"statusManagementClass","displayName":"Status
> management class ","helpMessage":"Class to be used to manage
> enabled/disabled status. If no class is specified then identity status
> management wont be
> possible.","type":"java.lang.String","required":false,"order":36,"confidential":false,"defaultValues":[]},"overridable":false,"values":[]},{"schema":{"name":"readSchema","displayName":"Read
> Schema","helpMessage":"If true, the connector will read the schema from the
> server. If false, the connector will provide a default schema based on the
> object classes in the configuration. This property must be true in order to
> use extended object classes. Default is
> \"true\".","type":"boolean","required":false,"order":22,"confidential":false,"defaultValues":[true]},"overridable":false,"values":[true]},{"schema":{"name":"passwordAttribute","displayName":"Password
> Attribute","helpMessage":"The name of the LDAP attribute which holds the
> password. When changing an user's password, the new password is set to this
> attribute. Default is
> \"userPassword\".","type":"java.lang.String","required":false,"order":8,"confidential":false,"defaultValues":["userPassword"]},"overridable":false,"values":["userPassword"]},{"schema":{"name":"respectResourcePasswordPolicyChangeAfterReset","displayName":"Respect
> Resource Password Policy Change-After-Reset","helpMessage":"When this
> resource is specified in a Login Module (i.e., this resource is a
> pass-through authentication target) and the resource's password policy is
> configured for change-after-reset, a user whose resource account password
> has been administratively reset will be required to change that password
> after successfully authenticating. Default is
> \"false\".","type":"boolean","required":false,"order":18,"confidential":false,"defaultValues":[false]},"overridable":false,"values":["false"]},{"schema":{"name":"dnAttribute","displayName":"Entry
> DN attribute name","helpMessage":"Entry DN attribute name (default:
> entryDN)","type":"java.lang.String","required":false,"order":38,"confidential":false,"defaultValues":["entryDN"]},"overridable":false,"values":["entryDN"]},{"schema":{"name":"port","displayName":"TCP
> Port","helpMessage":"TCP/IP port number used to communicate with the LDAP
> server. The default is
> 389.","type":"int","required":false,"order":2,"confidential":false,"defaultValues":[389]},"overridable":false,"values":["10389"]},{"schema":{"name":"vlvSortAttribute","displayName":"VLV
> Sort Attribute","helpMessage":"Specify the sort attribute to use for VLV
> indexes on the resource. Default is
> \"uid\".","type":"java.lang.String","required":false,"order":20,"confidential":false,"defaultValues":["uid"]},"overridable":false,"values":["uid"]}],"capabilities":["AUTHENTICATE","CREATE","UPDATE","DELETE","SEARCH","SYNC"]},{"key":"db9d3e6f-31d7-4064-9d3e-6f31d7b06420","location":"file:/usr/share/tomcat/v8/SYNCOPEDEV/appconfigs/dev/bundles/","connectorName":"net.tirasa.connid.bundles.rest.RESTConnector","bundleName":"net.tirasa.connid.bundles.rest","version":"1.0.1","displayName":"Conn-REST-Test-ADAMS-API","connRequestTimeout":10,"poolConf":{"maxObjects":null,"minIdle":null,"maxIdle":null,"maxWait":null,"minEvictableIdleTimeMillis":null},"conf":[{"schema":{"name":"authenticateScript","displayName":"authenticateScript","helpMessage":"authenticateScript","type":"java.lang.String","required":false,"order":6,"confidential":false,"defaultValues":[""]},"overridable":false,"values":[]},{"schema":{"name":"contentType","displayName":"contentType","helpMessage":"contentType","type":"java.lang.String","required":true,"order":-1,"confidential":false,"defaultValues":["application/json"]},"overridable":false,"values":["application/json"]},{"schema":{"name":"resolveUsernameScriptFileName","displayName":"resolveUsernameScriptFileName","helpMessage":"resolveUsernameScriptFileName","type":"java.lang.String","required":false,"order":15,"confidential":false,"defaultValues":[]},"overridable":false,"values":[]},{"schema":{"name":"password","displayName":"password","helpMessage":"password","type":"org.identityconnectors.common.security.GuardedString","required":false,"order":1,"confidential":true,"defaultValues":[]},"overridable":false,"values":["e$$adm1n"]},{"schema":{"name":"schemaScriptFileName","displayName":"schemaScriptFileName","helpMessage":"schemaScriptFileName","type":"java.lang.String","required":false,"order":17,"confidential":false,"defaultValues":[]},"overridable":false,"values":[]},{"schema":{"name":"updateScript","displayName":"updateScript","helpMessage":"updateScript","type":"java.lang.String","required":false,"order":4,"confidential":false,"defaultValues":[""]},"overridable":false,"values":[]},{"schema":{"name":"searchScript","displayName":"searchScript","helpMessage":"searchScript","type":"java.lang.String","required":false,"order":6,"confidential":false,"defaultValues":[""]},"overridable":false,"values":[]},{"schema":{"name":"clearTextPasswordToScript","displayName":"clearTextPasswordToScript","helpMessage":"clearTextPasswordToScript","type":"boolean","required":false,"order":1,"confidential":false,"defaultValues":[true]},"overridable":false,"values":[true]},{"schema":{"name":"authenticateScriptFileName","displayName":"authenticateScriptFileName","helpMessage":"authenticateScriptFileName","type":"java.lang.String","required":false,"order":14,"confidential":false,"defaultValues":[]},"overridable":false,"values":[]},{"schema":{"name":"syncScript","displayName":"syncScript","helpMessage":"syncScript","type":"java.lang.String","required":false,"order":7,"confidential":false,"defaultValues":[""]},"overridable":false,"values":[]},{"schema":{"name":"searchScriptFileName","displayName":"searchScriptFileName","helpMessage":"searchScriptFileName","type":"java.lang.String","required":false,"order":13,"confidential":false,"defaultValues":[]},"overridable":false,"values":[]},{"schema":{"name":"accept","displayName":"accept","helpMessage":"accept","type":"java.lang.String","required":true,"order":-2,"confidential":false,"defaultValues":["application/json"]},"overridable":false,"values":["application/vnd.adams-v1.0+json"]},{"schema":{"name":"resolveUsernameScript","displayName":"resolveUsernameScript","helpMessage":"resolveUsernameScript","type":"java.lang.String","required":false,"order":6,"confidential":false,"defaultValues":[""]},"overridable":false,"values":[]},{"schema":{"name":"syncScriptFileName","displayName":"syncScriptFileName","helpMessage":"syncScriptFileName","type":"java.lang.String","required":false,"order":16,"confidential":false,"defaultValues":[]},"overridable":false,"values":[]},{"schema":{"name":"baseAddress","displayName":"baseAddress","helpMessage":"baseAddress","type":"java.lang.String","required":true,"order":-3,"confidential":false,"defaultValues":[]},"overridable":false,"values":["https://adamsdev.compassmanager.com/api/users?api_key=eyJhbGciOiJIUzUxMiJ9.eyJzdWIiOiJKVXNlciJ9.E59wqvVNv_L6v6AveQzqD6j4m5DKg86z4cqIMbgHmJ8vd6OYcJ0S4S7A0AzU5gGsLsO7sAFzM9DBZc0jOSd19w"]},{"schema":{"name":"deleteScriptFileName","displayName":"deleteScriptFileName","helpMessage":"deleteScriptFileName","type":"java.lang.String","required":false,"order":12,"confidential":false,"defaultValues":[]},"overridable":false,"values":[]},{"schema":{"name":"updateScriptFileName","displayName":"updateScriptFileName","helpMessage":"updateScriptFileName","type":"java.lang.String","required":false,"order":11,"confidential":false,"defaultValues":[]},"overridable":false,"values":["/usr/share/tomcat/v8/SYNCOPEDEV/webapps/syncope/WEB-INF/classes/rest/UpdateScript.groovy"]},{"schema":{"name":"deleteScript","displayName":"deleteScript","helpMessage":"deleteScript","type":"java.lang.String","required":false,"order":5,"confidential":false,"defaultValues":[""]},"overridable":false,"values":[]},{"schema":{"name":"schemaScript","displayName":"schemaScript","helpMessage":"schemaScript","type":"java.lang.String","required":false,"order":8,"confidential":false,"defaultValues":[""]},"overridable":false,"values":[]},{"schema":{"name":"username","displayName":"username","helpMessage":"username","type":"java.lang.String","required":false,"order":0,"confidential":false,"defaultValues":[]},"overridable":false,"values":["essadmin"]},{"schema":{"name":"createScriptFileName","displayName":"createScriptFileName","helpMessage":"createScriptFileName","type":"java.lang.String","required":false,"order":10,"confidential":false,"defaultValues":[]},"overridable":false,"values":["/usr/share/tomcat/v8/SYNCOPEDEV/webapps/syncope/WEB-INF/classes/rest/CreateScript.groovy"]},{"schema":{"name":"createScript","displayName":"createScript","helpMessage":"createScript","type":"java.lang.String","required":false,"order":3,"confidential":false,"defaultValues":[""]},"overridable":false,"values":[]},{"schema":{"name":"scriptingLanguage","displayName":"scriptingLanguage","helpMessage":"scriptingLanguage","type":"java.lang.String","required":false,"order":0,"confidential":false,"defaultValues":["GROOVY"]},"overridable":false,"values":["GROOVY"]},{"schema":{"name":"testScript","displayName":"testScript","helpMessage":"testScript","type":"java.lang.String","required":false,"order":9,"confidential":false,"defaultValues":[""]},"overridable":false,"values":[]},{"schema":{"name":"reloadScriptOnExecution","displayName":"reloadScriptOnExecution","helpMessage":"reloadScriptOnExecution","type":"boolean","required":false,"order":2,"confidential":false,"defaultValues":[false]},"overridable":false,"values":[false]},{"schema":{"name":"testScriptFileName","displayName":"testScriptFileName","helpMessage":"testScriptFileName","type":"java.lang.String","required":false,"order":18,"confidential":false,"defaultValues":[]},"overridable":false,"values":[]}],"capabilities":["CREATE","UPDATE"]}]
>
>
> *Resource*
>
> [{"key":"res-ad-compass","connector":"6a9a654d-5b02-4089-9a65-4d5b028089d2","connectorDisplayName":"conn-ad-compass","orgUnit":null,"propagationPriority":0,"randomPwdIfNotProvided":false,"enforceMandatoryCondition":false,"createTraceLevel":"ALL","updateTraceLevel":"ALL","deleteTraceLevel":"ALL","provisioningTraceLevel":"ALL","passwordPolicy":null,"accountPolicy":null,"pullPolicy":null,"overrideCapabilities":false,"provisions":[{"key":"a8bfadab-365c-440d-bfad-ab365cf40d56","anyType":"USER","objectClass":"__ACCOUNT__","syncToken":null,"mapping":{"connObjectLink":null,"connObjectKeyItem":{"key":"fd13fe22-5907-46ef-93fe-22590776ef05","intAttrName":"username","extAttrName":"sAMAccountName","connObjectKey":true,"password":false,"mandatoryCondition":"true","purpose":"PULL","propagationJEXLTransformer":null,"pullJEXLTransformer":null,"mappingItemTransformerClassNames":[]},"items":[{"key":"0df2b642-9436-4bbe-b2b6-4294362bbee7","intAttrName":"lastName","extAttrName":"sn","connObjectKey":false,"password":false,"mandatoryCondition":"true","purpose":"PULL","propagationJEXLTransformer":null,"pullJEXLTransformer":null,"mappingItemTransformerClassNames":[]},{"key":"1bdd4d58-a44a-402e-9d4d-58a44a802ecd","intAttrName":"jobTitle","extAttrName":"title","connObjectKey":false,"password":false,"mandatoryCondition":"false","purpose":"PULL","propagationJEXLTransformer":null,"pullJEXLTransformer":null,"mappingItemTransformerClassNames":[]},{"key":"51f9dfcd-de73-410d-b9df-cdde73210da5","intAttrName":"phoneNumber","extAttrName":"telephoneNumber","connObjectKey":false,"password":false,"mandatoryCondition":"false","purpose":"PULL","propagationJEXLTransformer":null,"pullJEXLTransformer":null,"mappingItemTransformerClassNames":[]},{"key":"d6f58e9d-9517-4f7b-b58e-9d9517ff7b92","intAttrName":"email","extAttrName":"mail","connObjectKey":false,"password":false,"mandatoryCondition":"true","purpose":"PULL","propagationJEXLTransformer":null,"pullJEXLTransformer":null,"mappingItemTransformerClassNames":[]},{"key":"fcdf0e39-37e8-4123-9f0e-3937e8b12369","intAttrName":"firstName","extAttrName":"givenName","connObjectKey":false,"password":false,"mandatoryCondition":"true","purpose":"PULL","propagationJEXLTransformer":null,"pullJEXLTransformer":null,"mappingItemTransformerClassNames":[]},{"key":"fd13fe22-5907-46ef-93fe-22590776ef05","intAttrName":"username","extAttrName":"sAMAccountName","connObjectKey":true,"password":false,"mandatoryCondition":"true","purpose":"PULL","propagationJEXLTransformer":null,"pullJEXLTransformer":null,"mappingItemTransformerClassNames":[]}],"linkingItems":[]},"auxClasses":["CompassUser"],"virSchemas":[]}],"confOverride":[],"capabilitiesOverride":["AUTHENTICATE","CREATE","UPDATE","DELETE","SEARCH","SYNC"],"propagationActionsClassNames":[]}]
>
> --
> View this message in context: http://syncope-user.1051894.n5.nabble.com/Pull-users-from-LDAP-tp5709232p5709346.html
> Sent from the syncope-user mailing list archive at Nabble.com.
>
--
Dott. Andrea Patricelli
Tel. +39 3204524292

Developer @ Tirasa S.r.l.
Viale D'Annunzio 267 - 65127 Pescara
Tel +39 0859116307 / FAX +39 0859111173
http://www.tirasa.net

Apache Syncope PMC Member




Loading...