1 2 Previous Next 19 Replies Latest reply on Apr 2, 2013 10:41 PM by tmunro55

AD Connector Upgrade fail.

tmunro55 Mar 28, 2013 6:36 PM

Hello all. First time posting here, so please bare with me.

I have just upgraded from Sun IDM 8.1.0.9 to OW 8.1.1.8
I upgraded to the AD connector that can with the Patch 8 bundle (1.1.0.6380)
Under "Configure/Connector Servers" it sees the upgraded connector on AD just fine.
In the Resource Wizard, setting the Parameters, I chose the new Server from the drop down list, and it refuses to Authernticate. It returns with bad username or password. Watching the connector log on the AD side shows the same thing. The real smacker is that I can seem to go back either. Something has clearly changed and I seem to be stuck.

Any help would be greatly appreciated.

OW on Redhat 5
AD on 2008 R2 Sp1

--
Tim.

1. Re: AD Connector Upgrade fail.

Al*800910*ie Mar 28, 2013 6:58 PM (in response to tmunro55)

Can you please share what your...

Directory Adminstrator's Account

-and-

Container

...values are set to in your AD resource wizard?

Thank you.
Like Show 0 Likes(0)

Actions
2. Re: AD Connector Upgrade fail.

tmunro55 Mar 28, 2013 7:40 PM (in response to Al*800910*ie)

Exactly the same as they were in the 1.0.0.5143 instance of the Connector that was used with 8.1.0.9

Account: svciamops

Container: ou=people,dc=xxx,dc=xxx,dc=xxx

Nothing was changed except for the connector version in the little dropdown at the top of the Wizard dialogue.

--
Tim.
Like Show 0 Likes(0)

Actions
3. Re: AD Connector Upgrade fail.

Al*800910*ie Mar 28, 2013 7:44 PM (in response to tmunro55)

for grins can you attempt to add the actual domain before the actual account name along with a backslash such as:

DOMAINNAME\Administrator
Like Show 0 Likes(0)

Actions
4. Re: AD Connector Upgrade fail.

tmunro55 Mar 29, 2013 3:37 PM (in response to Al*800910*ie)

That was one of the first things I thought of. I tried it again just in case, but no go.

--
Tim
Like Show 0 Likes(0)

Actions
5. Re: AD Connector Upgrade fail.

Al*800910*ie Mar 29, 2013 3:41 PM (in response to tmunro55)

Just to confirm, you used both the connector server -AND- the connector jar files on the Windows server that came bundled with OW 8.1.1.8, right?
Like Show 0 Likes(0)

Actions
6. Re: AD Connector Upgrade fail.

tmunro55 Mar 29, 2013 4:13 PM (in response to Al*800910*ie)

There are no jar files to use on the windows side of things. It is a .NET application not java. I DID use the AD connector bundle (dll file) that came with the package yes.
Like Show 0 Likes(0)

Actions
7. Re: AD Connector Upgrade fail.

Al*800910*ie Mar 29, 2013 4:51 PM (in response to tmunro55)

Correct, my mistake. DLLs not jars.

Have you tried using the actual administrator user from AD?

Any time I've seen that error in Sun IDM/OW it's because of the items you've already ruled out.
Like Show 0 Likes(0)

Actions
8. Re: AD Connector Upgrade fail.

Al*800910*ie Mar 29, 2013 5:15 PM (in response to Al*800910*ie)

For more grins, I'm sure you've already tried authenticating as the username/passwd in question via some kind of 3rd party app like ldapsearch, etc.?
Like Show 0 Likes(0)

Actions
9. Re: AD Connector Upgrade fail.

tmunro55 Mar 29, 2013 5:41 PM (in response to Al*800910*ie)

runas /user:domain\svciamops cmd

works like a charm. :-)

As for using the Administrator, this is clearly a setup/upgrade issue not an account issue.

I created a brand new resource to test just that, and it worked perfectly. I just don't want to (and shouldn't have to) do that and then update all my user records to the new resource. The upgrade should work.
Like Show 0 Likes(0)

Actions
10. Re: AD Connector Upgrade fail.

Al*800910*ie Mar 29, 2013 5:44 PM (in response to tmunro55)

Yes, agreed. It seems something happened during the upgrade.
Like Show 0 Likes(0)

Actions
11. Re: AD Connector Upgrade fail.

arjun.sengupta Apr 1, 2013 11:18 AM (in response to tmunro55)

Hi Tim,

Compare the resource xml of the new resource(for which the authentication works) and the old resource. You may get something there.

Regards
Arjun
Like Show 0 Likes(0)

Actions
12. Re: AD Connector Upgrade fail.

tmunro55 Apr 1, 2013 12:37 PM (in response to arjun.sengupta)

Arjun,

Thank you for that. Yes, there are many differences, mostly in Attribute names. Spaces removed, words added etc. So question, is there an official supported upgrade path for the connectors, or should I open a support ticket with Oracle?

Has anyone else done the Active Directory connector upgrade without issue? If so how did they do it?

Thanks,

--
Tim.
Like Show 0 Likes(0)

Actions
13. Re: AD Connector Upgrade fail.

Al*800910*ie Apr 1, 2013 2:36 PM (in response to tmunro55)

Just for my own information, did you:

a) stop the existing connector server

b) uninstall it

c) install the new one

d) copy the necessary connector files to the new connector server directory

e) start the new connector server

f) confirm the new connector version in the resource wizard in OW
Like Show 0 Likes(0)

Actions
14. Re: AD Connector Upgrade fail.

tmunro55 Apr 1, 2013 7:15 PM (in response to Al*800910*ie)

Probably should have but it went like this:

a) stopped the connector server service
b) rename the folder to "Connector Server 8109"
c) deleted the service using SC.exe
d) installed the new connector server
e) copied the AD connector files to the connector server folder
f) fixed the config file to repoint the logs.
g) restarted the service.

In OW, I then had to explicitly select the new version of the connector.
Clicked Test Configuration, and failed with Bad username or password.
Like Show 0 Likes(0)

Actions

1 2 Previous Next

Go to original post

Join the world’s largest interactive community dedicated to Oracle technologies.