4 Replies Latest reply on Sep 15, 2017 4:12 AM by Markus Maurischat

    Active Directory Adapter

    Markus Maurischat

      Hello there,

       

      I am trying to connect to our Active Directory with the bmc-adapter-active-directory-actor_20.16.03.00_1 Adapter.

      But i've got an error, wether I use the existing process for AD queries (RBA-AD-Active-Directory -> User_Account_Management -> Get User Informations), or with a own built simplified process:

       

      -------------------------------------------------------------

      Message[summary=Exception occured in adapter '[Name of the adapter]', detail=Error: 'String index out of range: -4']

      -------------------------------------------------------------

       

      Here is the (Manual) request:

       

      <request-data>

           <active-directory-request>

                <commands>

                     <command>

                          <active-directory-command>Get User Information</active-directory-command>

                          <object-class>User</object-class>

                          <object-distinguished-name>[Any valid DN]</object-distinguished-name>

                          <parameters>

                               <sam-account-name />

                          </parameters>

                     </command>

                </commands>

           </active-directory-request>

      </request-data>

       

      The target-Options (and so on) are configured in the Adapter config itself.

       

      Has anyone stumbled over this error before?

       

      Thx in advance...

       

      Markus

        • 1. Re: Active Directory Adapter
          Deepak Bhola

          Hi Markus,

           

          Can you please share the grid logs with adapter debug enabled to know where adapter exactly failed to execute the request?

           

          Thanks,

          Deepak

          • 2. Re: Active Directory Adapter
            Markus Maurischat

            Hi, thanks for your reply.

            The logs doesn't contain much information:

             

            15 Sep 2017 08:44:02,353 [Thread=AMP - Perform Action Executor - 24] INFO  ActiveDirectoryActorAdapter [PeerName=APWIN] [JobID=b9b01bacc6d8feeb:5abd4f:15e8447a76a:-80001-1505457842119] [AdapterName=ad]  ad: ad: Validating Adapter Request...

            15 Sep 2017 08:44:02,353 [Thread=AMP - Perform Action Executor - 24] INFO  ActiveDirectoryActorAdapter [PeerName=APWIN] [JobID=b9b01bacc6d8feeb:5abd4f:15e8447a76a:-80001-1505457842119] [AdapterName=ad]  ad: ad: Adapter Request is valid!

            15 Sep 2017 08:44:02,353 [Thread=AMP - Perform Action Executor - 24] INFO  ActiveDirectoryActorAdapter [PeerName=APWIN] [JobID=b9b01bacc6d8feeb:5abd4f:15e8447a76a:-80001-1505457842119] [AdapterName=ad]  ad: ad: Active Directory Command: get-user-information

            15 Sep 2017 08:44:02,353 [Thread=AMP - Perform Action Executor - 24] INFO  ActiveDirectoryActorAdapter [PeerName=APWIN] [JobID=b9b01bacc6d8feeb:5abd4f:15e8447a76a:-80001-1505457842119] [AdapterName=ad]  ad: ad: Using com.realops.adapter.activedirectory.commands.GetCommand as Command

            15 Sep 2017 08:44:02,353 [Thread=AMP - Perform Action Executor - 24] ERROR ActiveDirectoryActorAdapter [PeerName=APWIN] [JobID=b9b01bacc6d8feeb:5abd4f:15e8447a76a:-80001-1505457842119] [AdapterName=ad]  ad: String index out of range: -4

            15 Sep 2017 08:44:02,353 [Thread=AMP - Perform Action Executor - 24] ERROR ActiveDirectoryActorAdapter [PeerName=APWIN] [JobID=b9b01bacc6d8feeb:5abd4f:15e8447a76a:-80001-1505457842119] [AdapterName=ad]  ad: Message[summary=Exception occured in adapter 'ad', detail=Error: 'String index out of range: -4']

            • 3. Re: Active Directory Adapter
              Deepak Bhola

              Adapter is not in debug mode - login to Grid Manager, go to Manage->Peers-><select peer name where adapter is enabled> --> Click Configure logging-> Select Debug from drop down list for "Component Adapter", rerun the request, and share grid logs, are you sure you are using 20.16.03.00 version of adapter (go to adapters tab to validate).  

              • 4. Re: Active Directory Adapter
                Markus Maurischat

                Ouh, you're right

                I've only enabled debug mode for the adapter, not the peer - sorry.

                So now I've seen what is wrong. My DN started with "CN=". And the adapter doesn't like this:

                 

                 

                 

                15 Sep 2017 11:06:28,218 [Thread=AMP - Perform Action Executor - 26] DEBUG Command         [PeerName=APWIN] [JobID=b9b01bacc6d8feeb:5abd4f:15e8447a76a:-80001-1505466388203] [AdapterName=ad]  The distinguished name parameter starts with 'CN=', escaping the special characters...

                 

                Thanks for your help!