and more in a single search tool across platforms. Read the announcement here. |
03/05/2024 03:36 AM - last edited on 03/05/2024 05:44 AM by Sunil
Hi - We are trying to setup ADSI connector after performing all pre-requisites as mentioned in document Preparing for Integration (saviyntcloud.com).
When we click on "Save & Test Connection" button available on ADSI connector, we see below error message in logs - highlighted in bold.
ecm | integration.ExternalConnectionCallService | http-nio-8080-exec-3-j8995 | DEBUG | in testExternalConnection for External Connection : ADReconConnection |
ecm | adsi.SaviyntGroovyADSIService | http-nio-8080-exec-3-j8995 | DEBUG | Connection is 61:: ADReconConnection |
ecm | services.HttpClientUtilityService | http-nio-8080-exec-3-j8995 | DEBUG | before calling executeRequestWithHeaders for api... |
ecm | services.HttpClientUtilityService | http-nio-8080-exec-3-j8995 | DEBUG | isFipsEnabled = false |
ecm | services.HttpClientUtilityService | http-nio-8080-exec-3-j8995 | DEBUG | getHttpClient - proxyParams : null |
ecm | services.HttpClientUtilityService | http-nio-8080-exec-3-j8995 | DEBUG | getHttpClient - sslSocketFactory : null |
ecm | services.HttpClientUtilityService | http-nio-8080-exec-3-j8995 | DEBUG | getHttpClient - HttpClientBuilder.create().build() called. |
ecm | services.HttpClientUtilityService | http-nio-8080-exec-3-j8995 | DEBUG | called executePostRequestWithHeaders for api... |
ecm | services.HttpClientUtilityService | http-nio-8080-exec-3-j8995 | DEBUG | after calling executeRequestWithHeaders for api... |
ecm | adsi.SaviyntGroovyADSIService | http-nio-8080-exec-3-j8995 | DEBUG | Error : [error:Error null] |
ecm | integration.ExternalConnectionCallService | http-nio-8080-exec-3-j8995 | DEBUG | EXIT invokeExternalMethod |
In ADSI connector we have configured all required parameters like:
SSL certificate, URL, USERNAME (with least permissions - didnt grant Domain administrator or Enterprise admin group access), PASSWORD, CONNECTION_URL & FORESTLIST.
URL = LDAP://{IP address of root server}:443 (not sure if we can use ip address instead of Host name in URL)
Please let me know if you require any further information on this issue.
Please find some more information on above issue:
i have configured CONNECTION_URL wrongly like this {IP address of root server}/api/v1/discovery which was later replaced by this "https://{IP address of root server}:443/api/v1/discovery".
Now i see following error in logs:
Error : [headers:[Content-Type: text/html; charset=us-ascii, Server: Microsoft-HTTPAPI/2.0, Date: Tue, 05 Mar 2024 12:35:42 GMT, Connection: close, Content-Length: 315], responseText:<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd">
<HTML><HEAD><TITLE>Not Found</TITLE>
<META HTTP-EQUIV="Content-Type" Content="text/html; charset=us-ascii"></HEAD>
<BODY><h2>Not Found</h2>
<hr><p>HTTP Error 404. The requested resource is not found.</p>
</BODY></HTML>
, cookies:[], statusCode:404]
Regards
Gaurav
[This message has been edited by moderator to merge reply comment]
03/06/2024 01:53 AM
Hello @GauravJain,
May i know why are you using the port 443??
The Correct Connection URL should be
SSL Connection (With Certificate)
URL: LDAP://winServerDC01.abc.mycompany.com:636
Non-SSl Connection (Without Certifcate)
URL: LDAP://winServerDC01.abc.mycompany.com:389
Thanks.
03/06/2024 04:45 AM
Yes, there was some confusion w.r.t port number. i will change the url and port number to retry and revert if any further issues.
Please confirm, can we use IP address instead of actual host name in the url as you have mentioned? like LDAP://xx.xxx.xxx.xxx:636
Thanks
Gaurav
03/15/2024 12:22 AM
Hi @sudeshjaiswal i have configured following url's in ADSI connector but still getting some error.
URL - LDAP://{IP address of primary domain}:636
CONNECTION_URL - https://{ADSI agent server ip address}:443/api/v1/discovery
ERROR
03/15/2024 12:48 AM
Hello @GauravJain,
Is SSL valid certificate present, if not please add.
Else try to connect it via port 389.
Non-SSl Connection (Without Certifcate)
URL: LDAP://winServerDC01.abc.mycompany.com:389
Thanks.
03/15/2024 01:29 AM
Hi @sudeshjaiswal i have tried with both secure (including a certificate) and non-secure url but getting same error. Also, i dont see Saviynt printing URL value in logs, strange.
secondly, is it mandatory to have hostname in URL, instead of using "ipaddresss:port number"?
Let me know if you require any further information to debug this issue.
Regards
Gaurav
03/15/2024 03:42 AM
Hello @GauravJain,
Yes, It always the best practice to use the hostname in the URL, the DNS should be configured properly to use the hostname.
Also share what do you see in the logs.
Thanks.
03/15/2024 04:22 AM
Ok. In our environment, we may not be able to use hostnames as of now. but its not mandatory so thats not a concern.
Would you be able to see logs on this ticket INC-2022445? if not, will share on forum. please let me know.
03/17/2024 08:09 PM
Hello @GauravJain,
It appears there might be a connectivity issue. would request you to revisiting the prerequisites of the configuration as per the document.
Cross Validate the Connectivity between IIS server,Certificate, URL ,Password,Valult and CONNECTION_URL are correct.
https://docs.saviyntcloud.com/bundle/ADSI-v24x/page/Content/Configuring-the-Integration-for-Importin...
Thanks.
03/19/2024 04:38 AM
Hi @sudeshjaiswal it seems, Saviynt connector is not even reaching to our AD environment because when i use incorrect username OR password, still i get same error "error:Error Connection reset". Also, no logs are generated in ADSI agent folder on AD server.
03/19/2024 08:17 PM
Hello @GauravJain,
Can you try to install the latest the ADSI Agent from the Saviynt Document Artifact.
PFA screeshot for reference :
and try again.
Thanks.
03/19/2024 09:48 PM
Sure, will do and revert with findings if any.
03/29/2024 01:57 AM
Error : [headers:[Cache-Control: no-cache, Pragma: no-cache, Content-Type: application/json; charset=utf-8, Expires: -1, Server: Microsoft-IIS/10.0, X-AspNet-Version: 4.0.30319, X-Powered-By: ASP.NET, Date: Wed, 27 Mar 2024 09:35:42 GMT, Content-Length: 273], responseText:{ |
version": null |
status": "Failure" |
message": "Authentication failed." |
messageCodes": "API_ERR_00004" |
errorDetails": "API_ERR_00004 : -2146233088 : Could not connect to connection string LDAP://{IP_Address}:636 : The server is not operational." |
}, cookies:[], statusCode:400] |