Error while adding the user to the Active Directory when starting WSO2 Identity Server

Question

Here is my stack trace:

[2013-08-05 09:26:52,584] WARN {org.wso2.carbon.user.core.ldap.ActiveDirectoryUserStoreManager} - Connection to the Active Directory is not secure. Passowrd involved operations such as update credentials and adduser operations will fail [2013-08-05 09:26:52,648] INFO {org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager} - LDAP connection created successfully in read-write mode [2013-08-05 09:26:52,761] ERROR {org.wso2.carbon.user.core.ldap.ActiveDirectoryUserStoreManager} - Error while adding the user to the Active Directory javax.naming.InvalidNameException: sAMAccountName=wso2.anonymous.user: [LDAP: error code 64 - 00002073: NameErr: DSID-03050C0D, problem 2005 (NAMING_VIOLATION), data 0, best match of: 'sAMAccountName=wso2.anonymous.user,CN=Users,DC=win,DC=hongsi,DC=com' ]; remaining name 'sAMAccountName=wso2.anonymous.user' at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:3025) at com.sun.jndi.ldap.LdapCtx.processReturnCode(LdapCtx.java:2840) at com.sun.jndi.ldap.LdapCtx.c_bind(LdapCtx.java:420) at com.sun.jndi.toolkit.ctx.ComponentDirContext.p_bind(ComponentDirContext.java:295) at >com.sun.jndi.toolkit.ctx.PartialCompositeDirContext.bind(PartialCompositeDirContext.java:215) at org.wso2.carbon.user.core.ldap.ActiveDirectoryUserStoreManager.doAddUser(ActiveDirectoryUserStoreManager.java:108) at org.wso2.carbon.user.core.common.AbstractUserStoreManager.addUser(AbstractUserStoreManager.java:1070) at org.wso2.carbon.user.core.ldap.ActiveDirectoryUserStoreManager.doAddUser(ActiveDirectoryUserStoreManager.java:72) at org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager.addInitialData(ReadWriteLDAPUserStoreManager.java:1829) at org.wso2.carbon.user.core.ldap.ReadWriteLDAPUserStoreManager.(ReadWriteLDAPUserStoreManager.java:142) at org.wso2.ca rbon.user.core.ldap.ActiveDirectoryUserStoreManager.(ActiveDirectoryUserStoreManager.java:59) at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:57) at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45) at java.lang.reflect.Constructor.newInstance(Constructor.java:526) at org.wso2.carbon.user.core.common.DefaultRealm.createObjectWithOptions(DefaultRealm.java:225) at org.wso2.carbon.user.core.common.DefaultRealm.initializeObjects(DefaultRealm.java:147) at org.wso2.carbon.user.core.common.DefaultRealm.init(DefaultRealm.java:113) at org.wso2.carbon.user.core.common.DefaultRealmService.initializeRealm(DefaultRealmService.java:223) at org.wso2.carbon.user.core.common.DefaultRealmService.(DefaultRealmService.java:103) at org.wso2.carbon.user.core.common.DefaultRealmService.(DefaultRealmService.java:116) at org.wso2.carbon.user.cor e.internal.Activator.startDeploy(Activator.java:67) at org.wso2.carbon.user.core.internal.BundleCheckActivator.start(BundleCheckActivator.java:61) at org.eclipse.osgi.framework.internal.core.BundleContextImpl$1.run(BundleContextImpl.java:711) at java.security.AccessController.doPrivileged(Native Method) ...

but I don't understand this 'wso2.anonymous.user'. I've configured the admin account, and I also set 'AddAdmin' to false, why IS need to create an account into AD?

Answer 1

Check this out. May provide an answer IBM Support

Answer 2

This is a known issue which is fixed in the IS latest release IS 4.5.0. I'd recommend you to try IS 4.5.0 instead of IS 4.1.0. This wso2.anonymous.user is a some internal entity used by the carbon servers for its operations.

Are you willing to use AD in read-write mode or you just want to authentications ? You can try to create this user, admin user and admin role manually in the AD and start IS. However again, if possible move to 4.5.0.