Hi Guys,
I'm trying to Sync groups and Users from Active Directory to AEM Environment using AEM LDAP (Identity Provider , Sync Handler , External Login Module)
The Connection and Bind seems successful but the groups don't Sync, I see from logs that the messages that transfer between AD and AEM are empty messages as below even though there are several groups in the AD
02.04.2019 14:05:44.773 *DEBUG* [NioProcessor-8] org.apache.directory.api.ldap.codec.actions.controls.StoreControlValue Control value : 0x30 0x84 0x00 0x00 0x00 0x05 0x02 0x01 0x00 0x04 0x00
02.04.2019 14:05:44.773 *DEBUG* [NioProcessor-8] org.apache.directory.api.asn1.ber.Asn1Decoder <<<------------------------------------------
02.04.2019 14:05:44.773 *DEBUG* [NioProcessor-8] org.apache.directory.api.asn1.ber.Asn1Decoder <-- Stop decoding : TLV[ 0x04, 11, DATA[0x30 0x84 0x00 0x00 0x00 0x05 0x02 0x01 0x00 0x04 0x00 ]]
02.04.2019 14:05:44.773 *DEBUG* [NioProcessor-8] org.apache.directory.api.asn1.ber.Asn1Decoder <<<==========================================
02.04.2019 14:05:44.773 *DEBUG* [NioProcessor-8] org.apache.directory.api.CODEC_LOG Decoded LdapMessage : MessageType : SEARCH_RESULT_DONE
Message ID : 3
Search Result Done
Ldap Result
Result code : (SUCCESS) success
Matched Dn : ''
Diagnostic message : ''
Paged Search Control
oid : 1.2.840.113556.1.4.319
critical : false
size : '0'
cookie : ''
Paged Search Control
oid : 1.2.840.113556.1.4.319
critical : false
size : '0'
cookie : ''
02.04.2019 14:05:44.773 *DEBUG* [NioProcessor-8] org.apache.directory.ldap.client.api.LdapNetworkConnection -------> MessageType : SEARCH_RESULT_DONE
Message ID : 3
Search Result Done
Ldap Result
Result code : (SUCCESS) success
Matched Dn : ''
Diagnostic message : ''
Paged Search Control
oid : 1.2.840.113556.1.4.319
critical : false
size : '0'
cookie : ''
Paged Search Control
oid : 1.2.840.113556.1.4.319
critical : false
size : '0'
cookie : ''
Message received <-------
02.04.2019 14:05:44.773 *DEBUG* [NioProcessor-8] org.apache.directory.ldap.client.api.LdapNetworkConnection Getting <3, org.apache.directory.ldap.client.api.future.SearchFuture>
02.04.2019 14:05:44.773 *DEBUG* [NioProcessor-8] org.apache.directory.ldap.client.api.LdapNetworkConnection Search successful : MessageType : SEARCH_RESULT_DONE
Message ID : 3
Search Result Done
Ldap Result
Result code : (SUCCESS) success
Matched Dn : ''
Diagnostic message : ''
Paged Search Control
oid : 1.2.840.113556.1.4.319
critical : false
size : '0'
cookie : ''
Paged Search Control
oid : 1.2.840.113556.1.4.319
critical : false
size : '0'
cookie : ''
02.04.2019 14:05:44.773 *DEBUG* [NioProcessor-8] org.apache.directory.ldap.client.api.LdapNetworkConnection Removing <3, org.apache.directory.ldap.client.api.future.SearchFuture>
Here is the LDAP Identity Provider Config I gave
User base DN CN=AgCoVPNExt,OU=MA2-SOX,OU=Groups,DC=phibred,DC=com (also tried with OU=MA2-SOX,OU=Groups,DC=phibred,DC=com)
User object classes user
User id attribute CN
Group base DN OU=MA2-SOX,OU=Groups,DC=phibred,DC=com
Group object classes group
Group name attribute CN
Can someone help with these questions
1. Why don't I see the Groups Sync from AD to AEM?
2. Can we Invoke Groups from JMX just like we Invoke syncAllExternalUsers() in JMX
3.Does AEM LDAP Sync groups at all?
Thanks,
Ganesh Bogga
