Map-Token can not be configured in Designer 4.7 (LDAP)

Dear all,

maybe someone here has an idea on this issue.

Since LDAP Desinger (4.6) came out, we see the issue, tat the map-token can not be configured through the UI. It is possible to select the map object, but any tray to select either the source or destination column ends with the error "The mapping table DN cannot be found" - This is starnge, since it was browsed just before. But I see the DN in slash format - I am guessing, that the plugin is expecting the DN in LDAP format.

We can see the same issue in all converted projects and it does not make any difference using Desinger 4.6.x or 4.7 on either Windows 10 or MacOS!

It does not make any difference, if we convert an old (not LDAP Desinger) project, or import the IDM configuration from eDirectory! It even does make no difference, if an exiting mapping table is selected, or one just created from scratch with the current version of Designer.

Since M.F. support seems not to see this issue in their environment I am wondering if somebody here has an idea what to check?

BTW: This is only one issue out of some others, where we got the feedback, that the issue can not be seen in the M.F. environment. Maybe if this one can be solved the other issues are solved as well ;-)

Kind regards,

Thorsten

Tags:

  • On 13.03.18 08:44, tschloesser wrote:
    >
    > Dear all,
    >
    > maybe someone here has an idea on this issue.
    >
    > Since LDAP Desinger (4.6) came out, we see the issue, tat the map-token
    > can not be configured through the UI. It is possible to select the map
    > object, but any tray to select either the source or destination column
    > ends with the error "The mapping table DN cannot be found" - This is
    > starnge, since it was browsed just before. But I see the DN in slash
    > format - I am guessing, that the plugin is expecting the DN in LDAP
    > format.
    >
    > We can see the same issue in all converted projects and it does not make
    > any difference using Desinger 4.6.x or 4.7 on either Windows 10 or
    > MacOS!
    >
    > It does not make any difference, if we convert an old (not LDAP
    > Desinger) project, or import the IDM configuration from eDirectory! It
    > even does make no difference, if an exiting mapping table is selected,
    > or one just created from scratch with the current version of Designer.
    >
    > Since M.F. support seems not to see this issue in their environment I am
    > wondering if somebody here has an idea what to check?
    >
    > BTW: This is only one issue out of some others, where we got the
    > feedback, that the issue can not be seen in the M.F. environment. Maybe
    > if this one can be solved the other issues are solved as well ;-)
    >
    > Kind regards,
    >
    > Thorsten
    >
    >


    Hi Thorsten,

    I just tested with OSX Designer, and did not see the problem - which is
    very strange.

    As a test, could you try with a fresh workspace, and then just make an
    empty project, with a vault, and then a dummy driver. It could be some
    corruption.


    Casper
  • Hi Casper,

    this is really driving me mad: Starting with an empty project with no deployment contexts set on either the driver set and the vault the map-token UI is working as designed!
    The strange thing here is, that the UI is showing up 100% the same way as it does in the project where the columns cannot be browsed!

    Kind regards,

    Thorsten
  • found the issue:
    If either the deplyment context is removed from the vault AND the driver set object in Designer, the map-token is working.
    If the deplyment context is setup to use the Dot-Syntax (i.e. testing.corp) it is working as well!

    If the deployment context is using the LDAP-Syntax it is not working anymore!

    What a bug!

    Kind regards,

    Thorsten
  • On 13.03.18 12:44, tschloesser wrote:
    >
    > found the issue:
    > If either the deplyment context is removed from the vault AND the driver
    > set object in Designer, the map-token is working.
    > If the deplyment context is setup to use the Dot-Syntax (i.e.
    > testing.corp) it is working as well!
    >
    > If the deployment context is using the LDAP-Syntax it is not working
    > anymore!
    >
    > What a bug!


    That is a wierd one ...


    Casper
  • On 13.03.18 12:34, tschloesser wrote:
    >
    > Hi Casper,
    >
    > this is really driving me mad: Starting with an empty project with no
    > deployment contexts set on either the driver set and the vault the
    > map-token UI is working as designed!
    > The strange thing here is, that the UI is showing up 100% the same way
    > as it does in the project where the columns cannot be browsed!
    >


    Sorry you misunderstood me, just an empty workspace to see if was a
    corruption - not to start from scratch.

    Casper
  • cpedersen;2477127 wrote:
    On 13.03.18 12:34, tschloesser wrote:
    >
    > Hi Casper,
    >
    > this is really driving me mad: Starting with an empty project with no
    > deployment contexts set on either the driver set and the vault the
    > map-token UI is working as designed!
    > The strange thing here is, that the UI is showing up 100% the same way
    > as it does in the project where the columns cannot be browsed!
    >


    Sorry you misunderstood me, just an empty workspace to see if was a
    corruption - not to start from scratch.

    Casper


    Hi Casper,

    I did the following tests:
    1) New Workspace, Import Project from filesystem (Classic Designer Version 4.6), converted to LDAP -> Map Token not working
    2) New Workspace, Import from eDirectory --> Map-Token not working
    3) New Workspace, New IDVault, Driverset, Driver
  • On 14.03.18 07:44, tschloesser wrote:
    >
    > cpedersen;2477127 Wrote:
    >> On 13.03.18 12:34, tschloesser wrote:
    >>>
    >>> Hi Casper,
    >>>
    >>> this is really driving me mad: Starting with an empty project with no
    >>> deployment contexts set on either the driver set and the vault the
    >>> map-token UI is working as designed!
    >>> The strange thing here is, that the UI is showing up 100% the same

    >> way
    >>> as it does in the project where the columns cannot be browsed!
    >>>

    >>
    >> Sorry you misunderstood me, just an empty workspace to see if was a
    >> corruption - not to start from scratch.
    >>
    >> Casper

    >
    > Hi Casper,
    >
    > I did the following tests:
    > 1) New Workspace, Import Project from filesystem (Classic Designer
    > Version 4.6), converted to LDAP -> Map Token not working
    > 2) New Workspace, Import from eDirectory --> Map-Token not working
    > 3) New Workspace, New IDVault, Driverset, Driver
  • Casper Pedersen wrote:

    > Strange that the deployment context has something to do with it.


    Token map needs the deployment context to convert FQDNs to relative DNs when
    selecting a map resource via the object browser. So it might preload the DN of
    the current policy to achieve this instead of reading it only when saving the
    selection of the DN browser. Just a wild guess...

    --
    http://www.is4it.de/en/solution/identity-access-management/

    (If you find this post helpful, please click on the star below.)
  • tschloesser wrote:

    > deleting the deployment context
    > value on either Vault