3 Replies Latest reply: Aug 23, 2012 10:45 AM by 794355 RSS

    Help AD PasswordSync and JMSListener

    885694
      Hi
      We are trying to use the JMS listener with AD for password sync.

      The AD is working fine and in the log we can see its trying to send the password sync over.

      But in the IDM nothing happens.We have set trace enabled but see nothing.THe JMS Listener logs show not even an incoming request. In IDM interface when we test the JMS Listener it says Test Connection successful.

      On the other hand we are using Glassfish and the Message Broker shows a client connection coming in.

      How to turn on more debugging ?Has anyone faced this?Is there something wrong on our mappings.

      AD Logs:

      Enter: PwSyncClient::SendToServlet
      +08/06/2012 10.09.58.450000 [3544] (.\PwSyncClientBase.cpp,58): Enter: PwSyncClientBase::CrackUrl+
      +08/06/2012 10.09.58.450000 [3544] (.\PwSyncClientBase.cpp,73): Cracking URL+
      +08/06/2012 10.09.58.450000 [3544] (.\PwSyncClientBase.cpp,81): server = xxxxxxx+
      +08/06/2012 10.09.58.450000 [3544] (.\PwSyncClientBase.cpp,82): resource = /idm/servlet/PasswordSync+
      +08/06/2012 10.09.58.450000 [3544] (.\PwSyncClientBase.cpp,83): port = xxxx+
      +08/06/2012 10.09.58.450000 [3544] (.\PwSyncClientBase.cpp,84): use secured connection = 0+
      +08/06/2012 10.09.58.450000 [3544] (.\PwSyncClientBase.cpp,106): Exit: PwSyncClientBase::CrackUrl+
      +08/06/2012 10.09.58.450000 [3544] (.\PwSyncClient.cpp,61): Connecting to xxxx.xxx.xxx on port xxxx+
      +08/06/2012 10.09.58.450000 [3544] (.\PwSyncClient.cpp,82): Resource is '/idm/servlet/PasswordSync?JNDIProperties=java.naming.factory.initial%3dcom.sun.jndi.fscontext.RefFSContextFactory%3bjava.naming.provider.url%3dfile%3a%2f%2f%2ftmp%2fidmtestjms&accountId=&clientEndpoint=WHALE&connectionFactory=sunPasswordFactory&direct=false&email=test.local%40xxxx&emailEndUser=false&jmsPassword=Teus%2fIXg%2bPk%3d&jmsUser=admin&password=&queueName=sunPasswordConnectorQueue&resourceAccountGUID=a068029d539f744d82327b5f76e0e195&resourceAccountId=CN%3dtestlocal2%2cOU%3dPeople%2cOU%3dAuth%2cDC%3dxxxx%2cDC%3dxxx&resourcePassword=vFeI490e5q%2bVFXp6Q%2f3QDA%3d%3d&resourcetype=Windows Active Directory&sessionType=LOCAL'+
      +08/06/2012 10.09.58.450000 [3544] (.\PwSyncClient.cpp,106): SendToServlet: opening direct connection+
      +08/06/2012 10.09.58.590000 [3544] (.\PwSyncClient.cpp,186): httpSendRequest succeeded+
      +08/06/2012 10.09.58.590000 [3544] (.\PwSyncClient.cpp,301): Info flag 19 returned 200+
      +08/06/2012 10.09.58.590000 [3544] (.\PwSyncClient.cpp,240): servlet contacted+
      +08/06/2012 10.09.58.590000 [3544] (.\PwSyncClient.cpp,250): Exit: PwSyncClient::SendToServlet+
      +08/06/2012 10.09.58.590000 [3544] (.\lhpwic.cpp,597): Got initialization mutex+
      +08/06/2012 10.09.58.590000 [3544] (.\lhpwic.cpp,610): Released Mutex+
      +08/06/2012 10.09.58.590000 [3544] (.\lhpwic.cpp,240): Exit: SyncPassword+



      Broker Logs:

      +[06/Aug/2012:10:22:53 PDT] [B1065]: Accepting: admin@xxxxxxxx->jms:33508. Count: service=1 broker=1+
      +[06/Aug/2012:10:22:54 PDT] [B1066]: Closing: admin@xxxxxxxxx->jms:33508 because "[B0059]: Client closed the connection". Count: service=0 broker=0+
        • 1. Re: Help AD PasswordSync and JMSListener
          Al*800910*ie
          Did you try to set the trace as per the following:

          http://docs.oracle.com/cd/E19225-01/820-7976/ahyej/index.html

          Hope this helps.

          ==========

          To Collect Logs for the Different Modes

          PasswordSync trace logs are the same, whether you are using a direct access mode or JMS mode configuration. However, these trace logs might only provide partial information. You must configure different classes for each configuration to collect logs on the server side, as described in the following sections.
          Tracing in Direct Mode

          When using PasswordSync with a direct access mode configuration, the trace logs show failures, but not all logged failures are real failures. For example, in some circumstances the view check-in takes a long time, which shows as a failure in the log. You must trace on the server side to see this information.

          In Direct mode, PasswordSync talks to the servlet that generates the view to be checked into the repository. You can trace the com.waveset.rpc.GenericMessageHandler class at level 4 to view all phases of password synchronization, from receiving the password change to the response generated and returned to the servlet. Level 4 is the only level that supplies enough detail for troubleshooting.
          Tracing in JMS Mode

          When using PasswordSync with a JMS mode configuration, the logs only show successful or failed deliveries to the JMS server. From this point on, you must rely on server side logs. JMS tracing is a little more complex.

          You can trace the com.waveset.rpc.PasswordSyncHandler class at level 4 to convert the messages generated by the PasswordSync dll into a JMS message and add those messages to the JMS queue. Limited tracing is available in this class, and only level 4 can provide enough information to help with troubleshooting.

          If PasswordSync successfully delivers the JMS message to the JMS queue, the tracing will not help you find the cause of a problem. The next, and final step is to trace the JMS adapter. See the Oracle Waveset 8.1.1 Resources Reference for instructions.
          • 2. Re: Help AD PasswordSync and JMSListener
            885694
            Hi
            Yes I did everything like those docs mentioned yet not working.

            Infact in my IDM logs I see this.It doesn't make sense

            20120806 11:35:45.515 httpSSLWorkerThread-38080-0(0x006da02d) JmsListenerResourceAdapter#getFeatures() Exit returned= { accou
            nt={ REPORTS_DELETED=account.REPORTS_DELETED } }
            20120806 11:35:48.064 httpSSLWorkerThread-38080-1(0x009becb3) JmsListenerResourceAdapter#getFeatures() Entry no args
            20120806 11:35:48.065 httpSSLWorkerThread-38080-1(0x009becb3) JmsListenerResourceAdapter#getFeatures() Info
            <?xml version=1.0 encoding=UTF-8?>
            <!DOCTYPE Object PUBLIC waveset.dtd waveset.dtd>
            <Object>
            <Attribute name=account>
            <Object>
            <Attribute name=REPORTS_DELETED value=account.REPORTS_DELETED/>
            </Object>
            </Attribute>
            </Object>

            Edited by: user5684147 on Aug 6, 2012 11:51 AM
            • 3. Re: Help AD PasswordSync and JMSListener
              794355
              Hi ,

              I s the issue resloved for you ???

              Had a simillar issue when i worked on it and resloved doing few steps... will check and update..
              you can reach me on mobile..

              Regards,
              Arshad
              9985000718