堆栈内存溢出
  简体   繁体   English

WSO2身份服务器无法管理Active Directory用户

[英]WSO2 identity server cannot manage Active Directory users

 原文  2018-11-30 08:58:41       active-directory/ wso2/ wso2is

问题描述

I currently have an installation of WSO2 (5.7.0) configured with a user store to connect to an active directory (Windows Server 2012 R2). 我目前安装了WSO2(5.7.0),配置了用户存储以连接到活动目录(Windows Server 2012 R2)。

The users can be listed in the WSO2 IS user listing, roles for specific user can be modified. 用户可以在WSO2 IS用户列表中列出,可以修改特定用户的角色。

On the other hand users cannot be modified or created. 另一方面,无法修改或创建用户。 When i try to create a user i get this error 当我尝试创建用户时,我收到此错误

While trying to update an existing user, i also get this error 在尝试更新现有用户时,我也收到此错误

User store configuration 用户存储配置

1 个解决方案

解决方案1
 3  2018-12-01 07:35:20

javax.naming.directory.NoSuchAttributeException: [LDAP: error code 16 - 00000057: LdapErr: DSID-0C090D50, comment: Error in attribute conversion operation, data 0, v3839

This error occurs when the claim mapping is not properly configured against the AD attributes via Claim Management UI. 如果未通过声明管理UI针对AD属性正确配置声明映射,则会发生此错误。

You need to make sure that all the attributes mapped are valid and existing in Active Directory. 您需要确保映射的所有属性都是有效的并且存在于Active Directory中。 Different user stores uses different attributes. 不同的用户商店使用不同的属性 In [2] you can find a reference to the set of attributes supported by active directory. 在[2]中,您可以找到对Active Directory支持的属性集的引用。 The default WSO2 claims are mapped to some generic attributes, the Firstname is mapped to the nickname attribute but active directory does not have a nickname attribute. 默认的WSO2声明映射到某些通用属性,Firstname映射到nickname属性,但Active Directory没有nickname属性。 The Full Name is mapped to the cn attribute, in active directory cn has other semantic meanings. 全名映射到cn属性,在活动目录中cn具有其他语义含义。

Similarly in your claim configuration you need to make sure that all the attributes defined there are supported by Active Directory. 同样,在您的声明配置中,您需要确保Active Directory支持其中定义的所有属性。 If it is not supported you can add an additional mapped attribute in claim configuration for the local claim that is supported by AD. 如果不受支持,您可以在AD支持的本地声明的声明配置中添加其他映射属性。

Refer [3] for more information regarding this. 有关此内容的更多信息,请参阅[3]。

[ 1] https://wiki.servicenow.com/index.php?title=LDAP_Error_Codes [1] https://wiki.servicenow.com/index.php?title=LDAP_Error_Codes

[2] http://www.kouti.com/tables/userattributes.htm [2] http://www.kouti.com/tables/userattributes.htm

[3] https://docs.wso2.com/display/IS540/Managing+User+Attributes [3] https://docs.wso2.com/display/IS540/Managing+User+Attributes

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 WSO2 Identity Server 5.7.0 如何获取 Active Directory 中的所有用户并插入到 Identity Server 用户? - WSO2 Identity Server 5.7.0 How can get all users in An Active Directory and Insert to Identity Server Users? WSO2身份服务器和带有OU的Active Directory - WSO2 Identity Server and Active Directory with OUs Active Directory和WSO2 Identity Server辅助用户存储的问题 - Problems with Active Directory and WSO2 Identity Server Secondary User Store WSO2 Identity Server-Active Directory集成-更改密码问题 - WSO2 Identity Server - Active Directory Integration - Change Password Issue WSO2 Identity Server 用户门户和 Active Directory - WSO2 Identity Server User Portal and Active Directory 具有Microsoft Active Directory的Wso2身份服务器连接配置 - Wso2 identity server connection configuration with Microsoft active directory 启动WSO2 Identity Server时将用户添加到Active Directory时出错 - Error while adding the user to the Active Directory when starting WSO2 Identity Server WSO2 Identity Server 5.11.0 我的帐户个人信息不适用于 Active Directory 用户存储 - WSO2 Identity Server 5.11.0 My Account personal info not working with Active Directory userstore WSO2 Intergrator 6.6.0 活动目录登录 - WSO2 Intergrator 6.6.0 active directory login WSO2 Governance Registry:-Active Directory用户在授予登录权限后无法登录 - WSO2 Governance Registry : - Active Directory Users are not able to login after giving login permissions
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM