Syncope 2.0.3 Binding to LDAP (ApacheDS)

classic Classic list List threaded Threaded
6 messages Options
Reply | Threaded
Open this post in threaded view
|

Syncope 2.0.3 Binding to LDAP (ApacheDS)

sasha gesta
Hello,

I tried to connect Syncope 2.0.3 to ApacheDS 2.0.0-M23, but it ended with unsuccessful bind to ldap server : 

Connection failure: ConnectorException [OperationNotSupportedException: [LDAP: error code 53 - UNWILLING_TO_PERFORM: Bind failed: Cannot Bind for Dn uid=admin,ou=system]]

Connecting to ldap using JXplorer and the same settings was successful. 

With syncope version 2.0.2 it worked as it should. Binding was successful. 

Sasha
Reply | Threaded
Open this post in threaded view
|

Re: Syncope 2.0.3 Binding to LDAP (ApacheDS)

mdisabatino

Hi Sasha,


Il 12/05/2017 09:29, sasha gesta ha scritto:
Hello,

I tried to connect Syncope 2.0.3 to ApacheDS 2.0.0-M23, but it ended with unsuccessful bind to ldap server : 

Connection failure: ConnectorException [OperationNotSupportedException: [LDAP: error code 53 - UNWILLING_TO_PERFORM: Bind failed: Cannot Bind for Dn uid=admin,ou=system]]

Connecting to ldap using JXplorer and the same settings was successful. 

With syncope version 2.0.2 it worked as it should. Binding was successful. 

I need more info about your environment. Which version are you running? Operation system?

Regards
M
Sasha

-- 
Dott. Marco Di Sabatino Di Diodoro
Tel. +39 3939065570

Tirasa S.r.l.
Viale D'Annunzio 267 - 65127 Pescara
Tel +39 0859116307 / FAX +39 0859111173
http://www.tirasa.net

Apache Syncope PMC Member
http://people.apache.org/~mdisabatino/
Reply | Threaded
Open this post in threaded view
|

Re: Syncope 2.0.3 Binding to LDAP (ApacheDS)

sasha gesta
VM with syncope

OS : Ubuntu 16.04.2 LTS
Container : Apache Tomcat/8.0.32
Syncope 2.0.3 JAZZ

VM with ApacheDS

OS : Ubuntu 16.04.2 LTS
apacheds-2.0.0-M23


On Fri, May 12, 2017 at 10:44 AM, Marco Di Sabatino Di Diodoro <[hidden email]> wrote:

Hi Sasha,


Il 12/05/2017 09:29, sasha gesta ha scritto:
Hello,

I tried to connect Syncope 2.0.3 to ApacheDS 2.0.0-M23, but it ended with unsuccessful bind to ldap server : 

Connection failure: ConnectorException [OperationNotSupportedException: [LDAP: error code 53 - UNWILLING_TO_PERFORM: Bind failed: Cannot Bind for Dn uid=admin,ou=system]]

Connecting to ldap using JXplorer and the same settings was successful. 

With syncope version 2.0.2 it worked as it should. Binding was successful. 

I need more info about your environment. Which version are you running? Operation system?

Regards
M
Sasha

-- 
Dott. Marco Di Sabatino Di Diodoro
Tel. <a href="tel:+39%20393%20906%205570" value="+393939065570" target="_blank">+39 3939065570

Tirasa S.r.l.
Viale D'Annunzio 267 - 65127 Pescara
Tel <a href="tel:+39%20085%20911%206307" value="+390859116307" target="_blank">+39 0859116307 / FAX <a href="tel:+39%20085%20911%201173" value="+390859111173" target="_blank">+39 0859111173
http://www.tirasa.net

Apache Syncope PMC Member
http://people.apache.org/~mdisabatino/

Reply | Threaded
Open this post in threaded view
|

Re: Syncope 2.0.3 Binding to LDAP (ApacheDS)

mdisabatino
In reply to this post by sasha gesta

Hi Sasha,


Il 12/05/2017 09:29, sasha gesta ha scritto:
Hello,

I tried to connect Syncope 2.0.3 to ApacheDS 2.0.0-M23, but it ended with unsuccessful bind to ldap server : 

Connection failure: ConnectorException [OperationNotSupportedException: [LDAP: error code 53 - UNWILLING_TO_PERFORM: Bind failed: Cannot Bind for Dn uid=admin,ou=system]]

Connecting to ldap using JXplorer and the same settings was successful. 

With syncope version 2.0.2 it worked as it should. Binding was successful. 


Check in your logs if there are other errors, for example java.security.InvalidKeyException: Illegal key size

M

Sasha

-- 
Dott. Marco Di Sabatino Di Diodoro
Tel. +39 3939065570

Tirasa S.r.l.
Viale D'Annunzio 267 - 65127 Pescara
Tel +39 0859116307 / FAX +39 0859111173
http://www.tirasa.net

Apache Syncope PMC Member
http://people.apache.org/~mdisabatino/
Reply | Threaded
Open this post in threaded view
|

Re: Syncope 2.0.3 Binding to LDAP (ApacheDS)

sasha gesta
I didn't find anything related to Key Size.
Here is the full log : 

11:14:21.686 DEBUG Exception:   Method: test
org.identityconnectors.framework.common.exceptions.ConnectorSecurityException: javax.naming.OperationNotSupportedException: [LDAP: error code 53 - UNWILLING_TO_PERFORM: Bind failed: Cannot Bind for Dn uid=admin,ou=system]
        at net.tirasa.connid.bundles.ldap.LdapConnection$AuthenticationResultType$3.propagate(LdapConnection.java:369) ~[net.tirasa.connid.bundles.ldap-1.5.1.jar:?]
        at net.tirasa.connid.bundles.ldap.LdapConnection$AuthenticationResult.propagate(LdapConnection.java:393) ~[net.tirasa.connid.bundles.ldap-1.5.1.jar:?]
        at net.tirasa.connid.bundles.ldap.LdapConnection.connect(LdapConnection.java:137) ~[net.tirasa.connid.bundles.ldap-1.5.1.jar:?]
        at net.tirasa.connid.bundles.ldap.LdapConnection.getInitialContext(LdapConnection.java:128) ~[net.tirasa.connid.bundles.ldap-1.5.1.jar:?]
        at net.tirasa.connid.bundles.ldap.LdapConnection.checkAlive(LdapConnection.java:288) ~[net.tirasa.connid.bundles.ldap-1.5.1.jar:?]
        at net.tirasa.connid.bundles.ldap.LdapConnector.checkAlive(LdapConnector.java:96) ~[?:?]
        at org.identityconnectors.framework.impl.api.local.ConnectorPoolManager$ConnectorPoolHandler.testObject(ConnectorPoolManager.java:149) ~[connector-framework-internal-1.4.2.0.jar:?]
        at org.identityconnectors.framework.impl.api.local.ConnectorPoolManager$ConnectorPoolHandler.testObject(ConnectorPoolManager.java:83) ~[connector-framework-internal-1.4.2.0.jar:?]
        at org.identityconnectors.framework.impl.api.local.ObjectPool.borrowObject(ObjectPool.java:250) ~[connector-framework-internal-1.4.2.0.jar:?]
        at org.identityconnectors.framework.impl.api.local.operations.ConnectorAPIOperationRunnerProxy.invoke(ConnectorAPIOperationRunnerProxy.java:87) ~[connector-framework-internal-1.4.2.0.jar:?]
        at com.sun.proxy.$Proxy277.test(Unknown Source) ~[?:?]
        at sun.reflect.GeneratedMethodAccessor153.invoke(Unknown Source) ~[?:?]
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_131]
        at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_131]
        at org.identityconnectors.framework.impl.api.local.operations.ThreadClassLoaderManagerProxy.invoke(ThreadClassLoaderManagerProxy.java:96) ~[connector-framework-internal-1.4.2.0.jar:?]
        at com.sun.proxy.$Proxy277.test(Unknown Source) ~[?:?]
        at sun.reflect.GeneratedMethodAccessor153.invoke(Unknown Source) ~[?:?]
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_131]
        at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_131]
        at org.identityconnectors.framework.impl.api.DelegatingTimeoutProxy.invoke(DelegatingTimeoutProxy.java:99) ~[connector-framework-internal-1.4.2.0.jar:?]
        at com.sun.proxy.$Proxy277.test(Unknown Source) ~[?:?]
        at sun.reflect.GeneratedMethodAccessor153.invoke(Unknown Source) ~[?:?]
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_131]
        at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_131]
        at org.identityconnectors.framework.impl.api.LoggingProxy.invoke(LoggingProxy.java:83) ~[connector-framework-internal-1.4.2.0.jar:?]
        at com.sun.proxy.$Proxy277.test(Unknown Source) ~[?:?]
        at org.identityconnectors.framework.impl.api.AbstractConnectorFacade.test(AbstractConnectorFacade.java:269) ~[connector-framework-internal-1.4.2.0.jar:?]
        at org.apache.syncope.core.provisioning.java.AsyncConnectorFacade.test(AsyncConnectorFacade.java:129) ~[syncope-core-provisioning-java-2.0.3.jar:2.0.3]
        at org.apache.syncope.core.provisioning.java.AsyncConnectorFacade$$FastClassBySpringCGLIB$$886ae36a.invoke(<generated>) ~[syncope-core-provisioning-java-2.0.3.jar:2.0.3]
        at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:204) ~[spring-core-4.3.7.RELEASE.jar:4.3.7.RELEASE]
        at org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:721) ~[spring-aop-4.3.7.RELEASE.jar:4.3.7.RELEASE]
        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:157) ~[spring-aop-4.3.7.RELEASE.jar:4.3.7.RELEASE]
        at org.springframework.aop.interceptor.AsyncExecutionInterceptor$1.call(AsyncExecutionInterceptor.java:115) ~[spring-aop-4.3.7.RELEASE.jar:4.3.7.RELEASE]
        at java.util.concurrent.FutureTask.run(FutureTask.java:266) ~[?:1.8.0_131]
        at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) [?:1.8.0_131]
        at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) [?:1.8.0_131]
        at java.lang.Thread.run(Thread.java:748) [?:1.8.0_131]
Caused by: javax.naming.OperationNotSupportedException: [LDAP: error code 53 - UNWILLING_TO_PERFORM: Bind failed: Cannot Bind for Dn uid=admin,ou=system]
        at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3209) ~[?:1.8.0_131]
        at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3082) ~[?:1.8.0_131]
        at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2883) ~[?:1.8.0_131]
        at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2797) ~[?:1.8.0_131]
        at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:319) ~[?:1.8.0_131]
        at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:192) ~[?:1.8.0_131]
        at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:210) ~[?:1.8.0_131]
        at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:153) ~[?:1.8.0_131]
        at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:83) ~[?:1.8.0_131]
        at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:684) ~[?:1.8.0_131]
        at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:313) ~[?:1.8.0_131]
        at javax.naming.InitialContext.init(InitialContext.java:244) ~[?:1.8.0_131]
        at javax.naming.ldap.InitialLdapContext.<init>(InitialLdapContext.java:154) ~[?:1.8.0_131]
        at net.tirasa.connid.bundles.ldap.LdapConnection.createContext(LdapConnection.java:186) ~[net.tirasa.connid.bundles.ldap-1.5.1.jar:?]
        at net.tirasa.connid.bundles.ldap.LdapConnection.createContext(LdapConnection.java:173) ~[net.tirasa.connid.bundles.ldap-1.5.1.jar:?]
        at net.tirasa.connid.bundles.ldap.LdapConnection.connect(LdapConnection.java:133) ~[net.tirasa.connid.bundles.ldap-1.5.1.jar:?]
        ... 34 more
11:14:21.700 DEBUG Exception:   Method: test
org.identityconnectors.framework.common.exceptions.ConnectorSecurityException: javax.naming.OperationNotSupportedException: [LDAP: error code 53 - UNWILLING_TO_PERFORM: Bind failed: Cannot Bind for Dn uid=admin,ou=system]
        at net.tirasa.connid.bundles.ldap.LdapConnection$AuthenticationResultType$3.propagate(LdapConnection.java:369) ~[net.tirasa.connid.bundles.ldap-1.5.1.jar:?]
        at net.tirasa.connid.bundles.ldap.LdapConnection$AuthenticationResult.propagate(LdapConnection.java:393) ~[net.tirasa.connid.bundles.ldap-1.5.1.jar:?]
        at net.tirasa.connid.bundles.ldap.LdapConnection.connect(LdapConnection.java:137) ~[net.tirasa.connid.bundles.ldap-1.5.1.jar:?]
        at net.tirasa.connid.bundles.ldap.LdapConnection.getInitialContext(LdapConnection.java:128) ~[net.tirasa.connid.bundles.ldap-1.5.1.jar:?]
        at net.tirasa.connid.bundles.ldap.LdapConnection.checkAlive(LdapConnection.java:288) ~[net.tirasa.connid.bundles.ldap-1.5.1.jar:?]
        at net.tirasa.connid.bundles.ldap.LdapConnector.checkAlive(LdapConnector.java:96) ~[?:?]
        at org.identityconnectors.framework.impl.api.local.ConnectorPoolManager$ConnectorPoolHandler.testObject(ConnectorPoolManager.java:149) ~[connector-framework-internal-1.4.2.0.jar:?]
        at org.identityconnectors.framework.impl.api.local.ConnectorPoolManager$ConnectorPoolHandler.testObject(ConnectorPoolManager.java:83) ~[connector-framework-internal-1.4.2.0.jar:?]
        at org.identityconnectors.framework.impl.api.local.ObjectPool.borrowObject(ObjectPool.java:250) ~[connector-framework-internal-1.4.2.0.jar:?]
        at org.identityconnectors.framework.impl.api.local.operations.ConnectorAPIOperationRunnerProxy.invoke(ConnectorAPIOperationRunnerProxy.java:87) ~[connector-framework-internal-1.4.2.0.jar:?]
        at com.sun.proxy.$Proxy277.test(Unknown Source) ~[?:?]
        at sun.reflect.GeneratedMethodAccessor153.invoke(Unknown Source) ~[?:?]
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_131]
        at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_131]
        at org.identityconnectors.framework.impl.api.local.operations.ThreadClassLoaderManagerProxy.invoke(ThreadClassLoaderManagerProxy.java:96) ~[connector-framework-internal-1.4.2.0.jar:?]
        at com.sun.proxy.$Proxy277.test(Unknown Source) ~[?:?]
        at sun.reflect.GeneratedMethodAccessor153.invoke(Unknown Source) ~[?:?]
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_131]
        at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_131]
        at org.identityconnectors.framework.impl.api.DelegatingTimeoutProxy.invoke(DelegatingTimeoutProxy.java:99) ~[connector-framework-internal-1.4.2.0.jar:?]
        at com.sun.proxy.$Proxy277.test(Unknown Source) ~[?:?]
        at sun.reflect.GeneratedMethodAccessor153.invoke(Unknown Source) ~[?:?]
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_131]
        at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_131]
        at org.identityconnectors.framework.impl.api.LoggingProxy.invoke(LoggingProxy.java:83) ~[connector-framework-internal-1.4.2.0.jar:?]
        at com.sun.proxy.$Proxy277.test(Unknown Source) ~[?:?]
        at org.identityconnectors.framework.impl.api.AbstractConnectorFacade.test(AbstractConnectorFacade.java:269) ~[connector-framework-internal-1.4.2.0.jar:?]
        at org.apache.syncope.core.provisioning.java.AsyncConnectorFacade.test(AsyncConnectorFacade.java:129) ~[syncope-core-provisioning-java-2.0.3.jar:2.0.3]
        at org.apache.syncope.core.provisioning.java.AsyncConnectorFacade$$FastClassBySpringCGLIB$$886ae36a.invoke(<generated>) ~[syncope-core-provisioning-java-2.0.3.jar:2.0.3]
        at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:204) ~[spring-core-4.3.7.RELEASE.jar:4.3.7.RELEASE]
        at org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:721) ~[spring-aop-4.3.7.RELEASE.jar:4.3.7.RELEASE]
        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:157) ~[spring-aop-4.3.7.RELEASE.jar:4.3.7.RELEASE]
        at org.springframework.aop.interceptor.AsyncExecutionInterceptor$1.call(AsyncExecutionInterceptor.java:115) ~[spring-aop-4.3.7.RELEASE.jar:4.3.7.RELEASE]
        at java.util.concurrent.FutureTask.run(FutureTask.java:266) ~[?:1.8.0_131]
        at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) [?:1.8.0_131]
        at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) [?:1.8.0_131]
        at java.lang.Thread.run(Thread.java:748) [?:1.8.0_131]
Caused by: javax.naming.OperationNotSupportedException: [LDAP: error code 53 - UNWILLING_TO_PERFORM: Bind failed: Cannot Bind for Dn uid=admin,ou=system]
        at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3209) ~[?:1.8.0_131]
        at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3082) ~[?:1.8.0_131]
        at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2883) ~[?:1.8.0_131]
        at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2797) ~[?:1.8.0_131]
        at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:319) ~[?:1.8.0_131]
        at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:192) ~[?:1.8.0_131]
        at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:210) ~[?:1.8.0_131]
        at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:153) ~[?:1.8.0_131]
        at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:83) ~[?:1.8.0_131]
        at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:684) ~[?:1.8.0_131]
        at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:313) ~[?:1.8.0_131]
        at javax.naming.InitialContext.init(InitialContext.java:244) ~[?:1.8.0_131]
        at javax.naming.ldap.InitialLdapContext.<init>(InitialLdapContext.java:154) ~[?:1.8.0_131]
        at net.tirasa.connid.bundles.ldap.LdapConnection.createContext(LdapConnection.java:186) ~[net.tirasa.connid.bundles.ldap-1.5.1.jar:?]
        at net.tirasa.connid.bundles.ldap.LdapConnection.createContext(LdapConnection.java:173) ~[net.tirasa.connid.bundles.ldap-1.5.1.jar:?]
        at net.tirasa.connid.bundles.ldap.LdapConnection.connect(LdapConnection.java:133) ~[net.tirasa.connid.bundles.ldap-1.5.1.jar:?]
        ... 34 more


On Fri, May 12, 2017 at 11:03 AM, Marco Di Sabatino Di Diodoro <[hidden email]> wrote:

Hi Sasha,


Il 12/05/2017 09:29, sasha gesta ha scritto:
Hello,

I tried to connect Syncope 2.0.3 to ApacheDS 2.0.0-M23, but it ended with unsuccessful bind to ldap server : 

Connection failure: ConnectorException [OperationNotSupportedException: [LDAP: error code 53 - UNWILLING_TO_PERFORM: Bind failed: Cannot Bind for Dn uid=admin,ou=system]]

Connecting to ldap using JXplorer and the same settings was successful. 

With syncope version 2.0.2 it worked as it should. Binding was successful. 


Check in your logs if there are other errors, for example java.security.InvalidKeyException: Illegal key size

M

Sasha

-- 
Dott. Marco Di Sabatino Di Diodoro
Tel. <a href="tel:+39%20393%20906%205570" value="+393939065570" target="_blank">+39 3939065570

Tirasa S.r.l.
Viale D'Annunzio 267 - 65127 Pescara
Tel <a href="tel:+39%20085%20911%206307" value="+390859116307" target="_blank">+39 0859116307 / FAX <a href="tel:+39%20085%20911%201173" value="+390859111173" target="_blank">+39 0859111173
http://www.tirasa.net

Apache Syncope PMC Member
http://people.apache.org/~mdisabatino/

Reply | Threaded
Open this post in threaded view
|

Re: Syncope 2.0.3 Binding to LDAP (ApacheDS)

mdisabatino



Il 12/05/2017 10:17, sasha gesta ha scritto:
I didn't find anything related to Key Size.
Here is the full log : 

11:14:21.686 DEBUG Exception:   Method: test
org.identityconnectors.framework.common.exceptions.ConnectorSecurityException: javax.naming.OperationNotSupportedException: [LDAP: error code 53 - UNWILLING_TO_PERFORM: Bind failed: Cannot Bind for Dn uid=admin,ou=system]
        at net.tirasa.connid.bundles.ldap.LdapConnection$AuthenticationResultType$3.propagate(LdapConnection.java:369) ~[net.tirasa.connid.bundles.ldap-1.5.1.jar:?]
        at net.tirasa.connid.bundles.ldap.LdapConnection$AuthenticationResult.propagate(LdapConnection.java:393) ~[net.tirasa.connid.bundles.ldap-1.5.1.jar:?]
        at net.tirasa.connid.bundles.ldap.LdapConnection.connect(LdapConnection.java:137) ~[net.tirasa.connid.bundles.ldap-1.5.1.jar:?]
        at net.tirasa.connid.bundles.ldap.LdapConnection.getInitialContext(LdapConnection.java:128) ~[net.tirasa.connid.bundles.ldap-1.5.1.jar:?]
        at net.tirasa.connid.bundles.ldap.LdapConnection.checkAlive(LdapConnection.java:288) ~[net.tirasa.connid.bundles.ldap-1.5.1.jar:?]
        at net.tirasa.connid.bundles.ldap.LdapConnector.checkAlive(LdapConnector.java:96) ~[?:?]
        at org.identityconnectors.framework.impl.api.local.ConnectorPoolManager$ConnectorPoolHandler.testObject(ConnectorPoolManager.java:149) ~[connector-framework-internal-1.4.2.0.jar:?]
        at org.identityconnectors.framework.impl.api.local.ConnectorPoolManager$ConnectorPoolHandler.testObject(ConnectorPoolManager.java:83) ~[connector-framework-internal-1.4.2.0.jar:?]
        at org.identityconnectors.framework.impl.api.local.ObjectPool.borrowObject(ObjectPool.java:250) ~[connector-framework-internal-1.4.2.0.jar:?]
        at org.identityconnectors.framework.impl.api.local.operations.ConnectorAPIOperationRunnerProxy.invoke(ConnectorAPIOperationRunnerProxy.java:87) ~[connector-framework-internal-1.4.2.0.jar:?]
        at com.sun.proxy.$Proxy277.test(Unknown Source) ~[?:?]
        at sun.reflect.GeneratedMethodAccessor153.invoke(Unknown Source) ~[?:?]
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_131]
        at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_131]
        at org.identityconnectors.framework.impl.api.local.operations.ThreadClassLoaderManagerProxy.invoke(ThreadClassLoaderManagerProxy.java:96) ~[connector-framework-internal-1.4.2.0.jar:?]
        at com.sun.proxy.$Proxy277.test(Unknown Source) ~[?:?]
        at sun.reflect.GeneratedMethodAccessor153.invoke(Unknown Source) ~[?:?]
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_131]
        at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_131]
        at org.identityconnectors.framework.impl.api.DelegatingTimeoutProxy.invoke(DelegatingTimeoutProxy.java:99) ~[connector-framework-internal-1.4.2.0.jar:?]
        at com.sun.proxy.$Proxy277.test(Unknown Source) ~[?:?]
        at sun.reflect.GeneratedMethodAccessor153.invoke(Unknown Source) ~[?:?]
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_131]
        at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_131]
        at org.identityconnectors.framework.impl.api.LoggingProxy.invoke(LoggingProxy.java:83) ~[connector-framework-internal-1.4.2.0.jar:?]
        at com.sun.proxy.$Proxy277.test(Unknown Source) ~[?:?]
        at org.identityconnectors.framework.impl.api.AbstractConnectorFacade.test(AbstractConnectorFacade.java:269) ~[connector-framework-internal-1.4.2.0.jar:?]
        at org.apache.syncope.core.provisioning.java.AsyncConnectorFacade.test(AsyncConnectorFacade.java:129) ~[syncope-core-provisioning-java-2.0.3.jar:2.0.3]
        at org.apache.syncope.core.provisioning.java.AsyncConnectorFacade$$FastClassBySpringCGLIB$$886ae36a.invoke(<generated>) ~[syncope-core-provisioning-java-2.0.3.jar:2.0.3]
        at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:204) ~[spring-core-4.3.7.RELEASE.jar:4.3.7.RELEASE]
        at org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:721) ~[spring-aop-4.3.7.RELEASE.jar:4.3.7.RELEASE]
        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:157) ~[spring-aop-4.3.7.RELEASE.jar:4.3.7.RELEASE]
        at org.springframework.aop.interceptor.AsyncExecutionInterceptor$1.call(AsyncExecutionInterceptor.java:115) ~[spring-aop-4.3.7.RELEASE.jar:4.3.7.RELEASE]
        at java.util.concurrent.FutureTask.run(FutureTask.java:266) ~[?:1.8.0_131]
        at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) [?:1.8.0_131]
        at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) [?:1.8.0_131]
        at java.lang.Thread.run(Thread.java:748) [?:1.8.0_131]
Caused by: javax.naming.OperationNotSupportedException: [LDAP: error code 53 - UNWILLING_TO_PERFORM: Bind failed: Cannot Bind for Dn uid=admin,ou=system]
        at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3209) ~[?:1.8.0_131]
        at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3082) ~[?:1.8.0_131]
        at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2883) ~[?:1.8.0_131]
        at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2797) ~[?:1.8.0_131]
        at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:319) ~[?:1.8.0_131]
        at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:192) ~[?:1.8.0_131]
        at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:210) ~[?:1.8.0_131]
        at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:153) ~[?:1.8.0_131]
        at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:83) ~[?:1.8.0_131]
        at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:684) ~[?:1.8.0_131]
        at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:313) ~[?:1.8.0_131]
        at javax.naming.InitialContext.init(InitialContext.java:244) ~[?:1.8.0_131]
        at javax.naming.ldap.InitialLdapContext.<init>(InitialLdapContext.java:154) ~[?:1.8.0_131]
        at net.tirasa.connid.bundles.ldap.LdapConnection.createContext(LdapConnection.java:186) ~[net.tirasa.connid.bundles.ldap-1.5.1.jar:?]
        at net.tirasa.connid.bundles.ldap.LdapConnection.createContext(LdapConnection.java:173) ~[net.tirasa.connid.bundles.ldap-1.5.1.jar:?]
        at net.tirasa.connid.bundles.ldap.LdapConnection.connect(LdapConnection.java:133) ~[net.tirasa.connid.bundles.ldap-1.5.1.jar:?]
        ... 34 more
11:14:21.700 DEBUG Exception:   Method: test
org.identityconnectors.framework.common.exceptions.ConnectorSecurityException: javax.naming.OperationNotSupportedException: [LDAP: error code 53 - UNWILLING_TO_PERFORM: Bind failed: Cannot Bind for Dn uid=admin,ou=system]
        at net.tirasa.connid.bundles.ldap.LdapConnection$AuthenticationResultType$3.propagate(LdapConnection.java:369) ~[net.tirasa.connid.bundles.ldap-1.5.1.jar:?]
        at net.tirasa.connid.bundles.ldap.LdapConnection$AuthenticationResult.propagate(LdapConnection.java:393) ~[net.tirasa.connid.bundles.ldap-1.5.1.jar:?]
        at net.tirasa.connid.bundles.ldap.LdapConnection.connect(LdapConnection.java:137) ~[net.tirasa.connid.bundles.ldap-1.5.1.jar:?]
        at net.tirasa.connid.bundles.ldap.LdapConnection.getInitialContext(LdapConnection.java:128) ~[net.tirasa.connid.bundles.ldap-1.5.1.jar:?]
        at net.tirasa.connid.bundles.ldap.LdapConnection.checkAlive(LdapConnection.java:288) ~[net.tirasa.connid.bundles.ldap-1.5.1.jar:?]
        at net.tirasa.connid.bundles.ldap.LdapConnector.checkAlive(LdapConnector.java:96) ~[?:?]
        at org.identityconnectors.framework.impl.api.local.ConnectorPoolManager$ConnectorPoolHandler.testObject(ConnectorPoolManager.java:149) ~[connector-framework-internal-1.4.2.0.jar:?]
        at org.identityconnectors.framework.impl.api.local.ConnectorPoolManager$ConnectorPoolHandler.testObject(ConnectorPoolManager.java:83) ~[connector-framework-internal-1.4.2.0.jar:?]
        at org.identityconnectors.framework.impl.api.local.ObjectPool.borrowObject(ObjectPool.java:250) ~[connector-framework-internal-1.4.2.0.jar:?]
        at org.identityconnectors.framework.impl.api.local.operations.ConnectorAPIOperationRunnerProxy.invoke(ConnectorAPIOperationRunnerProxy.java:87) ~[connector-framework-internal-1.4.2.0.jar:?]
        at com.sun.proxy.$Proxy277.test(Unknown Source) ~[?:?]
        at sun.reflect.GeneratedMethodAccessor153.invoke(Unknown Source) ~[?:?]
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_131]
        at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_131]
        at org.identityconnectors.framework.impl.api.local.operations.ThreadClassLoaderManagerProxy.invoke(ThreadClassLoaderManagerProxy.java:96) ~[connector-framework-internal-1.4.2.0.jar:?]
        at com.sun.proxy.$Proxy277.test(Unknown Source) ~[?:?]
        at sun.reflect.GeneratedMethodAccessor153.invoke(Unknown Source) ~[?:?]
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_131]
        at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_131]
        at org.identityconnectors.framework.impl.api.DelegatingTimeoutProxy.invoke(DelegatingTimeoutProxy.java:99) ~[connector-framework-internal-1.4.2.0.jar:?]
        at com.sun.proxy.$Proxy277.test(Unknown Source) ~[?:?]
        at sun.reflect.GeneratedMethodAccessor153.invoke(Unknown Source) ~[?:?]
        at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[?:1.8.0_131]
        at java.lang.reflect.Method.invoke(Method.java:498) ~[?:1.8.0_131]
        at org.identityconnectors.framework.impl.api.LoggingProxy.invoke(LoggingProxy.java:83) ~[connector-framework-internal-1.4.2.0.jar:?]
        at com.sun.proxy.$Proxy277.test(Unknown Source) ~[?:?]
        at org.identityconnectors.framework.impl.api.AbstractConnectorFacade.test(AbstractConnectorFacade.java:269) ~[connector-framework-internal-1.4.2.0.jar:?]
        at org.apache.syncope.core.provisioning.java.AsyncConnectorFacade.test(AsyncConnectorFacade.java:129) ~[syncope-core-provisioning-java-2.0.3.jar:2.0.3]
        at org.apache.syncope.core.provisioning.java.AsyncConnectorFacade$$FastClassBySpringCGLIB$$886ae36a.invoke(<generated>) ~[syncope-core-provisioning-java-2.0.3.jar:2.0.3]
        at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:204) ~[spring-core-4.3.7.RELEASE.jar:4.3.7.RELEASE]
        at org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:721) ~[spring-aop-4.3.7.RELEASE.jar:4.3.7.RELEASE]
        at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:157) ~[spring-aop-4.3.7.RELEASE.jar:4.3.7.RELEASE]
        at org.springframework.aop.interceptor.AsyncExecutionInterceptor$1.call(AsyncExecutionInterceptor.java:115) ~[spring-aop-4.3.7.RELEASE.jar:4.3.7.RELEASE]
        at java.util.concurrent.FutureTask.run(FutureTask.java:266) ~[?:1.8.0_131]
        at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142) [?:1.8.0_131]
        at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617) [?:1.8.0_131]
        at java.lang.Thread.run(Thread.java:748) [?:1.8.0_131]
Caused by: javax.naming.OperationNotSupportedException: [LDAP: error code 53 - UNWILLING_TO_PERFORM: Bind failed: Cannot Bind for Dn uid=admin,ou=system]
        at com.sun.jndi.ldap.LdapCtx.mapErrorCode(LdapCtx.java:3209) ~[?:1.8.0_131]
        at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3082) ~[?:1.8.0_131]
        at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2883) ~[?:1.8.0_131]
        at com.sun.jndi.ldap.LdapCtx.connect(LdapCtx.java:2797) ~[?:1.8.0_131]
        at com.sun.jndi.ldap.LdapCtx.<init>(LdapCtx.java:319) ~[?:1.8.0_131]
        at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(LdapCtxFactory.java:192) ~[?:1.8.0_131]
        at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(LdapCtxFactory.java:210) ~[?:1.8.0_131]
        at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(LdapCtxFactory.java:153) ~[?:1.8.0_131]
        at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(LdapCtxFactory.java:83) ~[?:1.8.0_131]
        at javax.naming.spi.NamingManager.getInitialContext(NamingManager.java:684) ~[?:1.8.0_131]
        at javax.naming.InitialContext.getDefaultInitCtx(InitialContext.java:313) ~[?:1.8.0_131]
        at javax.naming.InitialContext.init(InitialContext.java:244) ~[?:1.8.0_131]
        at javax.naming.ldap.InitialLdapContext.<init>(InitialLdapContext.java:154) ~[?:1.8.0_131]
        at net.tirasa.connid.bundles.ldap.LdapConnection.createContext(LdapConnection.java:186) ~[net.tirasa.connid.bundles.ldap-1.5.1.jar:?]
        at net.tirasa.connid.bundles.ldap.LdapConnection.createContext(LdapConnection.java:173) ~[net.tirasa.connid.bundles.ldap-1.5.1.jar:?]
        at net.tirasa.connid.bundles.ldap.LdapConnection.connect(LdapConnection.java:133) ~[net.tirasa.connid.bundles.ldap-1.5.1.jar:?]
        ... 34 more



I suggest you to check the password and if the problem persists try to look the configurations in the tests data for Apache DS connector.
I exported the ApacheDS configuration:

{
  "key": "74141a3b-0762-4720-a4aa-fc3e374ef3ef",
  "location": "file:/ApacheSyncope/master/fit/core-reference/target/bundles/",
  "connectorName": "net.tirasa.connid.bundles.ldap.LdapConnector",
  "bundleName": "net.tirasa.connid.bundles.ldap",
  "version": "1.5.1",
  "displayName": "ApacheDS",
  "connRequestTimeout": 10,
  "poolConf": {
    "maxObjects": null,
    "minIdle": null,
    "maxIdle": null,
    "maxWait": null,
    "minEvictableIdleTimeMillis": null
  },
  "conf": [
    {
      "schema": {
        "name": "uidAttribute",
        "displayName": "Uid Attribute",
        "helpMessage": "The name of the LDAP attribute which is mapped to the Uid attribute. Default is \"entryUUID\".",
        "type": "java.lang.String",
        "required": false,
        "order": 21,
        "confidential": false,
        "defaultValues": [
          "entryUUID"
        ]
      },
      "overridable": true,
      "values": [
        "cn"
      ]
    },
    {
      "schema": {
        "name": "synchronizePasswords",
        "displayName": "Enable Password Synchronization",
        "helpMessage": "If true, the connector will synchronize passwords. The Password Capture Plugin needs to be installed for password synchronization to work. Default is \"false\".",
        "type": "boolean",
        "required": false,
        "order": 32,
        "confidential": false,
        "defaultValues": [
          false
        ]
      },
      "overridable": false,
      "values": [
        "false"
      ]
    },
    {
      "schema": {
        "name": "maintainLdapGroupMembership",
        "displayName": "Maintain LDAP Group Membership",
        "helpMessage": "When enabled and a user is renamed or deleted, update any LDAP groups to which the user belongs to reflect the new name. Otherwise, the LDAP resource must maintain referential integrity with respect to group membership. Default is \"false\".",
        "type": "boolean",
        "required": false,
        "order": 15,
        "confidential": false,
        "defaultValues": [
          false
        ]
      },
      "overridable": false,
      "values": [
        "true"
      ]
    },
    {
      "schema": {
        "name": "host",
        "displayName": "Host",
        "helpMessage": "The name or IP address of the host where the LDAP server is running.",
        "type": "java.lang.String",
        "required": true,
        "order": 1,
        "confidential": false,
        "defaultValues": []
      },
      "overridable": false,
      "values": [
        "localhost"
      ]
    },
    {
      "schema": {
        "name": "passwordHashAlgorithm",
        "displayName": "Password Hash Algorithm",
        "helpMessage": "Indicates the algorithm that the Identity system should use to hash the password. Currently supported values are SSHA, SHA, SMD5, and MD5. A blank value indicates that the system will not hash passwords. This will cause cleartext passwords to be stored in LDAP unless the LDAP server performs the hash (Netscape Directory Server and iPlanet Directory Server do).",
        "type": "java.lang.String",
        "required": false,
        "order": 17,
        "confidential": false,
        "defaultValues": []
      },
      "overridable": false,
      "values": [
        "SHA"
      ]
    },
    {
      "schema": {
        "name": "accountUserNameAttributes",
        "displayName": "Account User Name Attributes",
        "helpMessage": "Attribute or attributes which holds the account's user name. They will be used when authenticating to find the LDAP entry for the user name to authenticate.",
        "type": "[Ljava.lang.String;",
        "required": false,
        "order": 10,
        "confidential": false,
        "defaultValues": [
          "uid",
          "cn"
        ]
      },
      "overridable": false,
      "values": [
        "uid"
      ]
    },
    {
      "schema": {
        "name": "port",
        "displayName": "TCP Port",
        "helpMessage": "TCP/IP port number used to communicate with the LDAP server. The default is 389.",
        "type": "int",
        "required": false,
        "order": 2,
        "confidential": false,
        "defaultValues": [
          389
        ]
      },
      "overridable": false,
      "values": [
        1389
      ]
    },
    {
      "schema": {
        "name": "vlvSortAttribute",
        "displayName": "VLV Sort Attribute",
        "helpMessage": "Specify the sort attribute to use for VLV indexes on the resource. Default is \"uid\".",
        "type": "java.lang.String",
        "required": false,
        "order": 20,
        "confidential": false,
        "defaultValues": [
          "uid"
        ]
      },
      "overridable": false,
      "values": []
    },
    {
      "schema": {
        "name": "accountObjectClasses",
        "displayName": "Account Object Classes",
        "helpMessage": "The object class or classes that will be used when creating new user objects in the LDAP tree. When entering more than one object class, each entry should be on its own line; do not use commas or semi-colons to separate multiple object classes. Some object classes may require that you specify all object classes in the class hierarchy.",
        "type": "[Ljava.lang.String;",
        "required": false,
        "order": 9,
        "confidential": false,
        "defaultValues": [
          "top",
          "person",
          "organizationalPerson",
          "inetOrgPerson"
        ]
      },
      "overridable": false,
      "values": [
        "inetOrgPerson"
      ]
    },
    {
      "schema": {
        "name": "baseContextsToSynchronize",
        "displayName": "Base Contexts to Synchronize",
        "helpMessage": "One or more starting points in the LDAP tree that will be used to determine if a change should be synchronized. The base contexts attribute will be used to synchronize a change if this property is not set.",
        "type": "[Ljava.lang.String;",
        "required": false,
        "order": 23,
        "confidential": false,
        "defaultValues": []
      },
      "overridable": false,
      "values": [
        "ou=people,o=isp",
        "ou=groups,o=isp"
      ]
    },
    {
      "schema": {
        "name": "accountSynchronizationFilter",
        "displayName": "LDAP Filter for Accounts to Synchronize",
        "helpMessage": "An optional LDAP filter for the objects to synchronize. Because the change log is for all objects, this filter updates only objects that match the specified filter. If you specify a filter, an object will be synchronized only if it matches the filter and includes a synchronized object class.",
        "type": "java.lang.String",
        "required": false,
        "order": 27,
        "confidential": false,
        "defaultValues": []
      },
      "overridable": false,
      "values": []
    },
    {
      "schema": {
        "name": "removeLogEntryObjectClassFromFilter",
        "displayName": "Remove Log Entry Object Class from Filter",
        "helpMessage": "If this property is set (the default), the filter used to fetch change log entries does not contain the \"changeLogEntry\" object class, expecting that there are no entries of other object types in the change log. Default is \"true\".",
        "type": "boolean",
        "required": false,
        "order": 31,
        "confidential": false,
        "defaultValues": [
          true
        ]
      },
      "overridable": false,
      "values": [
        "false"
      ]
    },
    {
      "schema": {
        "name": "passwordDecryptionKey",
        "displayName": "Password Decryption Key",
        "helpMessage": "The key to decrypt passwords with when performing password synchronization.",
        "type": "org.identityconnectors.common.security.GuardedByteArray",
        "required": false,
        "order": 34,
        "confidential": true,
        "defaultValues": []
      },
      "overridable": false,
      "values": []
    },
    {
      "schema": {
        "name": "respectResourcePasswordPolicyChangeAfterReset",
        "displayName": "Respect Resource Password Policy Change-After-Reset",
        "helpMessage": "When this resource is specified in a Login Module (i.e., this resource is a pass-through authentication target) and the resource's password policy is configured for change-after-reset, a user whose resource account password has been administratively reset will be required to change that password after successfully authenticating. Default is \"false\".",
        "type": "boolean",
        "required": false,
        "order": 18,
        "confidential": false,
        "defaultValues": [
          false
        ]
      },
      "overridable": false,
      "values": [
        "false"
      ]
    },
    {
      "schema": {
        "name": "maintainPosixGroupMembership",
        "displayName": "Maintain POSIX Group Membership",
        "helpMessage": "When enabled and a user is renamed or deleted, update any POSIX groups to which the user belongs to reflect the new name. Otherwise, the LDAP resource must maintain referential integrity with respect to group membership. Default is \"false\".",
        "type": "boolean",
        "required": false,
        "order": 16,
        "confidential": false,
        "defaultValues": [
          false
        ]
      },
      "overridable": false,
      "values": [
        "false"
      ]
    },
    {
      "schema": {
        "name": "readSchema",
        "displayName": "Read Schema",
        "helpMessage": "If true, the connector will read the schema from the server. If false, the connector will provide a default schema based on the object classes in the configuration. This property must be true in order to use extended object classes. Default is \"true\".",
        "type": "boolean",
        "required": false,
        "order": 22,
        "confidential": false,
        "defaultValues": [
          true
        ]
      },
      "overridable": false,
      "values": [
        "false"
      ]
    },
    {
      "schema": {
        "name": "ssl",
        "displayName": "SSL",
        "helpMessage": "Select the check box to connect to the LDAP server using SSL. The default is \"false\".",
        "type": "boolean",
        "required": false,
        "order": 3,
        "confidential": false,
        "defaultValues": [
          false
        ]
      },
      "overridable": false,
      "values": [
        "false"
      ]
    },
    {
      "schema": {
        "name": "passwordAttributeToSynchronize",
        "displayName": "Password Attribute to Synchronize",
        "helpMessage": "The name of the password attribute to synchronize when performing password synchronization.",
        "type": "java.lang.String",
        "required": false,
        "order": 33,
        "confidential": false,
        "defaultValues": []
      },
      "overridable": false,
      "values": []
    },
    {
      "schema": {
        "name": "accountSearchFilter",
        "displayName": "LDAP Filter for Retrieving Accounts",
        "helpMessage": "An optional LDAP filter to control which accounts are returned from the LDAP resource. If no filter is specified, only accounts that include all specified object classes are returned.",
        "type": "java.lang.String",
        "required": false,
        "order": 11,
        "confidential": false,
        "defaultValues": []
      },
      "overridable": false,
      "values": [
        "uid=*"
      ]
    },
    {
      "schema": {
        "name": "passwordDecryptionInitializationVector",
        "displayName": "Password Decryption Initialization Vector",
        "helpMessage": "The initialization vector to decrypt passwords with when performing password synchronization.",
        "type": "org.identityconnectors.common.security.GuardedByteArray",
        "required": false,
        "order": 35,
        "confidential": true,
        "defaultValues": []
      },
      "overridable": false,
      "values": []
    },
    {
      "schema": {
        "name": "groupMemberAttribute",
        "displayName": "Group Member Attribute",
        "helpMessage": "The name of the group attribute that will be updated with the distinguished name of the user when the user is added to the group. Default is \"uniqueMember\".",
        "type": "java.lang.String",
        "required": false,
        "order": 14,
        "confidential": false,
        "defaultValues": [
          "uniqueMember"
        ]
      },
      "overridable": false,
      "values": []
    },
    {
      "schema": {
        "name": "failover",
        "displayName": "Failover Servers",
        "helpMessage": "List all servers that should be used for failover in case the preferred server fails. If the preferred server fails, JNDI will connect to the next available server in the list. List all servers in the form of \<a class="moz-txt-link-rfc2396E" href="ldap://ldap.example.com:389/\">"ldap://ldap.example.com:389/\", which follows the standard LDAP v3 URLs described in RFC 2255. Only the host and port parts of the URL are relevant in this setting.",
        "type": "[Ljava.lang.String;",
        "required": false,
        "order": 4,
        "confidential": false,
        "defaultValues": []
      },
      "overridable": false,
      "values": []
    },
    {
      "schema": {
        "name": "statusManagementClass",
        "displayName": "Status management class ",
        "helpMessage": "Class to be used to manage enabled/disabled status. If no class is specified then identity status management wont be possible.",
        "type": "java.lang.String",
        "required": false,
        "order": 36,
        "confidential": false,
        "defaultValues": []
      },
      "overridable": false,
      "values": [
        "net.tirasa.connid.bundles.ldap.commons.AttributeStatusManagement"
      ]
    },
    {
      "schema": {
        "name": "modifiersNamesToFilterOut",
        "displayName": "Filter Out Changes By",
        "helpMessage": "The names (DNs) of directory administrators to filter from the changes. Changes with the attribute \"modifiersName\" that match entries in this list will be filtered out. The standard value is the administrator name used by this adapter, to prevent loops. Entries should be of the format \"cn=Directory Manager\".",
        "type": "[Ljava.lang.String;",
        "required": false,
        "order": 26,
        "confidential": false,
        "defaultValues": []
      },
      "overridable": false,
      "values": []
    },
    {
      "schema": {
        "name": "groupObjectClasses",
        "displayName": "Group Object Classes",
        "helpMessage": "The group class or classes that will be used when creating new group objects in the LDAP tree. When entering more than one object class, each entry should be on its own line; do not use commas or semi-colons to separate multiple group classes. Some group classes may require that you specify all group classes in the class hierarchy.",
        "type": "[Ljava.lang.String;",
        "required": false,
        "order": 12,
        "confidential": false,
        "defaultValues": [
          "top",
          "groupOfUniqueNames"
        ]
      },
      "overridable": false,
      "values": []
    },
    {
      "schema": {
        "name": "useVlvControls",
        "displayName": "Use VLV Controls",
        "helpMessage": "Wheter to enforce usage of VLV controls over standard LDAP controls. Default is \"false\".",
        "type": "boolean",
        "required": false,
        "order": 19,
        "confidential": false,
        "defaultValues": [
          false
        ]
      },
      "overridable": false,
      "values": []
    },
    {
      "schema": {
        "name": "retrievePasswordsWithSearch",
        "displayName": "Retrieve passwords with search",
        "helpMessage": "Whether to retrieve user passwords when searching. The default is \"false\".",
        "type": "boolean",
        "required": false,
        "order": 37,
        "confidential": false,
        "defaultValues": [
          false
        ]
      },
      "overridable": false,
      "values": []
    },
    {
      "schema": {
        "name": "dnAttribute",
        "displayName": "Entry DN attribute name",
        "helpMessage": "Entry DN attribute name (default: entryDN)",
        "type": "java.lang.String",
        "required": false,
        "order": 38,
        "confidential": false,
        "defaultValues": [
          "entryDN"
        ]
      },
      "overridable": false,
      "values": []
    },
    {
      "schema": {
        "name": "groupSearchFilter",
        "displayName": "LDAP Filter for Retrieving Groups",
        "helpMessage": "An optional LDAP filter to control which groups are returned from the LDAP resource. If no filter is specified, only groups that include all specified object classes are returned.",
        "type": "java.lang.String",
        "required": false,
        "order": 39,
        "confidential": false,
        "defaultValues": []
      },
      "overridable": false,
      "values": []
    },
    {
      "schema": {
        "name": "readTimeout",
        "displayName": "Read Timeout (Milliseconds)",
        "helpMessage": "Time to wait for a response to be received. If there is no response within the specified time period, the read attempt will be aborted. Value 0 or less than 0 means there is no limit.",
        "type": "long",
        "required": false,
        "order": 40,
        "confidential": false,
        "defaultValues": [
          0
        ]
      },
      "overridable": false,
      "values": []
    },
    {
      "schema": {
        "name": "connectTimeout",
        "displayName": "Connection Timeout (Milliseconds)",
        "helpMessage": "Time to wait when opening new server connections. Value of 0 means the TCP network timeout will be used, which may be several minutes. Value less than 0 means there is no limit.",
        "type": "long",
        "required": false,
        "order": 41,
        "confidential": false,
        "defaultValues": [
          0
        ]
      },
      "overridable": false,
      "values": []
    },
    {
      "schema": {
        "name": "filterWithOrInsteadOfAnd",
        "displayName": "Filter with Or Instead of And",
        "helpMessage": "Normally the the filter used to fetch change log entries is an and-based filter retrieving an interval of change entries. If this property is set, the filter will or together the required change numbers instead. Default is \"false\".",
        "type": "boolean",
        "required": false,
        "order": 30,
        "confidential": false,
        "defaultValues": [
          false
        ]
      },
      "overridable": false,
      "values": [
        "false"
      ]
    },
    {
      "schema": {
        "name": "passwordAttribute",
        "displayName": "Password Attribute",
        "helpMessage": "The name of the LDAP attribute which holds the password. When changing an user's password, the new password is set to this attribute. Default is \"userPassword\".",
        "type": "java.lang.String",
        "required": false,
        "order": 8,
        "confidential": false,
        "defaultValues": [
          "userPassword"
        ]
      },
      "overridable": false,
      "values": [
        "userpassword"
      ]
    },
    {
      "schema": {
        "name": "principal",
        "displayName": "Principal",
        "helpMessage": "The distinguished name with which to authenticate to the LDAP server.",
        "type": "java.lang.String",
        "required": false,
        "order": 5,
        "confidential": false,
        "defaultValues": []
      },
      "overridable": false,
      "values": [
        "uid=admin,ou=system"
      ]
    },
    {
      "schema": {
        "name": "changeLogBlockSize",
        "displayName": "Change Log Block Size",
        "helpMessage": "The number of change log entries to fetch per query. Default is \"100\".",
        "type": "int",
        "required": false,
        "order": 28,
        "confidential": false,
        "defaultValues": [
          100
        ]
      },
      "overridable": false,
      "values": [
        100
      ]
    },
    {
      "schema": {
        "name": "groupNameAttributes",
        "displayName": "Group Name Attributes",
        "helpMessage": "Attribute or attributes which holds the group's name. Default is \"cn\".",
        "type": "[Ljava.lang.String;",
        "required": false,
        "order": 13,
        "confidential": false,
        "defaultValues": [
          "cn"
        ]
      },
      "overridable": false,
      "values": [
        "cn"
      ]
    },
    {
      "schema": {
        "name": "changeNumberAttribute",
        "displayName": "Change Number Attribute",
        "helpMessage": "The name of the change number attribute in the change log entry. Default is \"changeNumber\".",
        "type": "java.lang.String",
        "required": false,
        "order": 29,
        "confidential": false,
        "defaultValues": [
          "changeNumber"
        ]
      },
      "overridable": false,
      "values": [
        "changeNumber"
      ]
    },
    {
      "schema": {
        "name": "objectClassesToSynchronize",
        "displayName": "Object Classes to Synchronize",
        "helpMessage": "The object classes to synchronize. The change log is for all objects; this filters updates to just the listed object classes. You should not list the superclasses of an object class unless you intend to synchronize objects with any of the superclass values. For example, if only \"inetOrgPerson\" objects should be synchronized, but the superclasses of \"inetOrgPerson\" (\"person\", \"organizationalperson\" and \"top\") should be filtered out, then list only \"inetOrgPerson\" here. All objects in LDAP are subclassed from \"top\". For this reason, you should never list \"top\", otherwise no object would be filtered. Default is \"inetOrgPerson\".",
        "type": "[Ljava.lang.String;",
        "required": false,
        "order": 24,
        "confidential": false,
        "defaultValues": [
          "inetOrgPerson"
        ]
      },
      "overridable": false,
      "values": [
        "inetOrgPerson",
        "groupOfUniqueNames"
      ]
    },
    {
      "schema": {
        "name": "credentials",
        "displayName": "Password",
        "helpMessage": "Password for the principal.",
        "type": "org.identityconnectors.common.security.GuardedString",
        "required": false,
        "order": 6,
        "confidential": true,
        "defaultValues": []
      },
      "overridable": false,
      "values": [
        "secret"
      ]
    },
    {
      "schema": {
        "name": "baseContexts",
        "displayName": "Base Contexts",
        "helpMessage": "One or more starting points in the LDAP tree that will be used when searching the tree. Searches are performed when discovering users from the LDAP server or when looking for the groups of which a user is a member.",
        "type": "[Ljava.lang.String;",
        "required": true,
        "order": 7,
        "confidential": false,
        "defaultValues": []
      },
      "overridable": true,
      "values": [
        "ou=people,o=isp",
        "ou=groups,o=isp"
      ]
    },
    {
      "schema": {
        "name": "attributesToSynchronize",
        "displayName": "Attributes to Synchronize",
        "helpMessage": "The names of the attributes to synchronize. This ignores updates from the change log if they do not update any of the named attributes. For example, if only \"department\" is listed, then only changes that affect \"department\" will be processed. All other updates are ignored. If blank (the default), then all changes are processed.",
        "type": "[Ljava.lang.String;",
        "required": false,
        "order": 25,
        "confidential": false,
        "defaultValues": []
      },
      "overridable": false,
      "values": []
    }
  ],
  "capabilities": [
    "CREATE",
    "UPDATE",
    "DELETE",
    "SEARCH"
  ]
}


Regards
M

On Fri, May 12, 2017 at 11:03 AM, Marco Di Sabatino Di Diodoro <[hidden email]> wrote:

Hi Sasha,


Il 12/05/2017 09:29, sasha gesta ha scritto:
Hello,

I tried to connect Syncope 2.0.3 to ApacheDS 2.0.0-M23, but it ended with unsuccessful bind to ldap server : 

Connection failure: ConnectorException [OperationNotSupportedException: [LDAP: error code 53 - UNWILLING_TO_PERFORM: Bind failed: Cannot Bind for Dn uid=admin,ou=system]]

Connecting to ldap using JXplorer and the same settings was successful. 

With syncope version 2.0.2 it worked as it should. Binding was successful. 


Check in your logs if there are other errors, for example java.security.InvalidKeyException: Illegal key size

M

Sasha

-- 
Dott. Marco Di Sabatino Di Diodoro
Tel. <a moz-do-not-send="true" href="tel:+39%20393%20906%205570" value="+393939065570" target="_blank">+39 3939065570

Tirasa S.r.l.
Viale D'Annunzio 267 - 65127 Pescara
Tel <a moz-do-not-send="true" href="tel:+39%20085%20911%206307" value="+390859116307" target="_blank">+39 0859116307 / FAX <a moz-do-not-send="true" href="tel:+39%20085%20911%201173" value="+390859111173" target="_blank">+39 0859111173
http://www.tirasa.net

Apache Syncope PMC Member
http://people.apache.org/~mdisabatino/
-- 
Dott. Marco Di Sabatino Di Diodoro
Tel. +39 3939065570

Tirasa S.r.l.
Viale D'Annunzio 267 - 65127 Pescara
Tel +39 0859116307 / FAX +39 0859111173
http://www.tirasa.net

Apache Syncope PMC Member
http://people.apache.org/~mdisabatino/