3 Replies Latest reply on Aug 23, 2012 3:45 PM by 794355

    Help AD PasswordSync and JMSListener

      We are trying to use the JMS listener with AD for password sync.

      The AD is working fine and in the log we can see its trying to send the password sync over.

      But in the IDM nothing happens.We have set trace enabled but see nothing.THe JMS Listener logs show not even an incoming request. In IDM interface when we test the JMS Listener it says Test Connection successful.

      On the other hand we are using Glassfish and the Message Broker shows a client connection coming in.

      How to turn on more debugging ?Has anyone faced this?Is there something wrong on our mappings.

      AD Logs:

      Enter: PwSyncClient::SendToServlet
      +08/06/2012 [3544] (.\PwSyncClientBase.cpp,58): Enter: PwSyncClientBase::CrackUrl+
      +08/06/2012 [3544] (.\PwSyncClientBase.cpp,73): Cracking URL+
      +08/06/2012 [3544] (.\PwSyncClientBase.cpp,81): server = xxxxxxx+
      +08/06/2012 [3544] (.\PwSyncClientBase.cpp,82): resource = /idm/servlet/PasswordSync+
      +08/06/2012 [3544] (.\PwSyncClientBase.cpp,83): port = xxxx+
      +08/06/2012 [3544] (.\PwSyncClientBase.cpp,84): use secured connection = 0+
      +08/06/2012 [3544] (.\PwSyncClientBase.cpp,106): Exit: PwSyncClientBase::CrackUrl+
      +08/06/2012 [3544] (.\PwSyncClient.cpp,61): Connecting to xxxx.xxx.xxx on port xxxx+
      +08/06/2012 [3544] (.\PwSyncClient.cpp,82): Resource is '/idm/servlet/PasswordSync?JNDIProperties=java.naming.factory.initial%3dcom.sun.jndi.fscontext.RefFSContextFactory%3bjava.naming.provider.url%3dfile%3a%2f%2f%2ftmp%2fidmtestjms&accountId=&clientEndpoint=WHALE&connectionFactory=sunPasswordFactory&direct=false&email=test.local%40xxxx&emailEndUser=false&jmsPassword=Teus%2fIXg%2bPk%3d&jmsUser=admin&password=&queueName=sunPasswordConnectorQueue&resourceAccountGUID=a068029d539f744d82327b5f76e0e195&resourceAccountId=CN%3dtestlocal2%2cOU%3dPeople%2cOU%3dAuth%2cDC%3dxxxx%2cDC%3dxxx&resourcePassword=vFeI490e5q%2bVFXp6Q%2f3QDA%3d%3d&resourcetype=Windows Active Directory&sessionType=LOCAL'+
      +08/06/2012 [3544] (.\PwSyncClient.cpp,106): SendToServlet: opening direct connection+
      +08/06/2012 [3544] (.\PwSyncClient.cpp,186): httpSendRequest succeeded+
      +08/06/2012 [3544] (.\PwSyncClient.cpp,301): Info flag 19 returned 200+
      +08/06/2012 [3544] (.\PwSyncClient.cpp,240): servlet contacted+
      +08/06/2012 [3544] (.\PwSyncClient.cpp,250): Exit: PwSyncClient::SendToServlet+
      +08/06/2012 [3544] (.\lhpwic.cpp,597): Got initialization mutex+
      +08/06/2012 [3544] (.\lhpwic.cpp,610): Released Mutex+
      +08/06/2012 [3544] (.\lhpwic.cpp,240): Exit: SyncPassword+

      Broker Logs:

      +[06/Aug/2012:10:22:53 PDT] [B1065]: Accepting: admin@xxxxxxxx->jms:33508. Count: service=1 broker=1+
      +[06/Aug/2012:10:22:54 PDT] [B1066]: Closing: admin@xxxxxxxxx->jms:33508 because "[B0059]: Client closed the connection". Count: service=0 broker=0+
        • 1. Re: Help AD PasswordSync and JMSListener
          Did you try to set the trace as per the following:


          Hope this helps.


          To Collect Logs for the Different Modes

          PasswordSync trace logs are the same, whether you are using a direct access mode or JMS mode configuration. However, these trace logs might only provide partial information. You must configure different classes for each configuration to collect logs on the server side, as described in the following sections.
          Tracing in Direct Mode

          When using PasswordSync with a direct access mode configuration, the trace logs show failures, but not all logged failures are real failures. For example, in some circumstances the view check-in takes a long time, which shows as a failure in the log. You must trace on the server side to see this information.

          In Direct mode, PasswordSync talks to the servlet that generates the view to be checked into the repository. You can trace the com.waveset.rpc.GenericMessageHandler class at level 4 to view all phases of password synchronization, from receiving the password change to the response generated and returned to the servlet. Level 4 is the only level that supplies enough detail for troubleshooting.
          Tracing in JMS Mode

          When using PasswordSync with a JMS mode configuration, the logs only show successful or failed deliveries to the JMS server. From this point on, you must rely on server side logs. JMS tracing is a little more complex.

          You can trace the com.waveset.rpc.PasswordSyncHandler class at level 4 to convert the messages generated by the PasswordSync dll into a JMS message and add those messages to the JMS queue. Limited tracing is available in this class, and only level 4 can provide enough information to help with troubleshooting.

          If PasswordSync successfully delivers the JMS message to the JMS queue, the tracing will not help you find the cause of a problem. The next, and final step is to trace the JMS adapter. See the Oracle Waveset 8.1.1 Resources Reference for instructions.
          • 2. Re: Help AD PasswordSync and JMSListener
            Yes I did everything like those docs mentioned yet not working.

            Infact in my IDM logs I see this.It doesn't make sense

            20120806 11:35:45.515 httpSSLWorkerThread-38080-0(0x006da02d) JmsListenerResourceAdapter#getFeatures() Exit returned= { accou
            nt={ REPORTS_DELETED=account.REPORTS_DELETED } }
            20120806 11:35:48.064 httpSSLWorkerThread-38080-1(0x009becb3) JmsListenerResourceAdapter#getFeatures() Entry no args
            20120806 11:35:48.065 httpSSLWorkerThread-38080-1(0x009becb3) JmsListenerResourceAdapter#getFeatures() Info
            <?xml version=1.0 encoding=UTF-8?>
            <!DOCTYPE Object PUBLIC waveset.dtd waveset.dtd>
            <Attribute name=account>
            <Attribute name=REPORTS_DELETED value=account.REPORTS_DELETED/>

            Edited by: user5684147 on Aug 6, 2012 11:51 AM
            • 3. Re: Help AD PasswordSync and JMSListener
              Hi ,

              I s the issue resloved for you ???

              Had a simillar issue when i worked on it and resloved doing few steps... will check and update..
              you can reach me on mobile..