Welcome Serena Central users! CLICK HERE
The migration of the Serena Central community is currently underway. Be sure to read THIS MESSAGE to get your new login set up to access your account.
Highlighted
rkrishnan1 Absent Member.
Absent Member.
3749 views

Designer (LDAP-based) is out live!

Jump to solution
Hi All,

LDAP Designer is live! We now provide connectivity using LDAP protocol instead of NCP protocol, which results in significant performance improvements.

Build: https://dl.netiq.com/Download?buildid=rkpE0M5Wz_M~
Release Note: https://www.netiq.com/documentation/identity-manager-46/releasenotes_ldap_deisgner46/data/releasenotes_ldap_deisgner46.html

This is a separate release. The regular NCP-based Designer (latest being Designer 4.6) is still there.

While you can read the release notes to see what has changed, one important change that Designer (LDAP) bring is that if your Identity Vault server resides in a private network, Designer (LDAP) 4.6 allows you to map the server’s IP address to an external IP address. Designer (LDAP) creates a one-to-one mapping between local and external IP addresses (to support cloud environment through NATed addresses)



Thanks
Krishnan
Labels (1)
Tags (2)
0 Likes
1 Solution

Accepted Solutions
kyenugutala Absent Member.
Absent Member.

Re: Designer (LDAP-based) is out live!

Jump to solution
Hi,

Thank you so much for the addressing your concern. we are suspecting due to below of the issue it's not working as expected.

Please ensure that following details secureHost, Secure Port, Server context, clear Text host & Clear Text Port are proper in Server properties tab which is under Designer OutLine view.

If above details are showing correct, please use Telnet command and ensure that all the available servers are up.

If any incorrect information noticed for the above attributes then use below steps to correct the details.

1) Remove & add the server/double-click on the server in Designer outline view and edit the Server Context then click on Apply button in Server Properties dialogue window.
Please do cross-check whether the values are auto-populated or not.(Note: once you remove the server then all the associated Driver set & drivers will loose the server-specific attribute details such as GCV, ECV)

2)Also, these details can enter manually in server properties tab.
For your reference, I have attached below screen shot and let us know if you need any further information from our side.



Note: The above-mentioned attribute details should be proper for all the available servers.
0 Likes
17 Replies
ScorpionSting Absent Member.
Absent Member.

Re: Designer (LDAP-based) is out live!

Jump to solution
Cool :cool:

Visit my Website for links to Cool Solution articles.
0 Likes
ScorpionSting Absent Member.
Absent Member.

Re: Designer (LDAP-based) is out live!

Jump to solution
So, think I've found first boo-boo....

Comparing GCV objects always shows as eDirectory having no value.

All project DN's have been updated to LDAP format and server objects validated for IP and DNS.

If I try and Deploy a GCV that exists (the displayed LDAP DN is correct), I get:

The <unknown item> object named 'PROV' could not be created.


java.lang.NullPointerException

com.novell.idm.model.impl.GlobalConfigImpl.deployAttributes(Unknown Source)
com.novell.idm.model.impl.GlobalConfigImpl.deploy(Unknown Source)
com.novell.idm.deploy.internal.DeployProjectAction.performDeployments(Unknown Source)
com.novell.idm.deploy.internal.DeployProjectAction.access$0(Unknown Source)
com.novell.idm.deploy.internal.DeployProjectAction$1.run(Unknown Source)
org.eclipse.jface.operation.ModalContext.runInCurrentThread(ModalContext.java:466)
org.eclipse.jface.operation.ModalContext.run(ModalContext.java:374)
org.eclipse.jface.dialogs.ProgressMonitorDialog.run(ProgressMonitorDialog.java:527)
com.novell.idm.deploy.internal.DeployProjectAction.performDeployments(Unknown Source)
com.novell.idm.deploy.internal.DeployProjectAction.runImpl(Unknown Source)
com.novell.idm.deploy.internal.DeployProjectAction.run(Unknown Source)
org.eclipse.ui.internal.PluginAction.runWithEvent(PluginAction.java:253)
org.eclipse.jface.action.ActionContributionItem.handleWidgetSelection(ActionContributionItem.java:595)
org.eclipse.jface.action.ActionContributionItem.access$2(ActionContributionItem.java:511)
org.eclipse.jface.action.ActionContributionItem$5.handleEvent(ActionContributionItem.java:420)
org.eclipse.swt.widgets.EventTable.sendEvent(EventTable.java:84)
org.eclipse.swt.widgets.Display.sendEvent(Display.java:4454)
org.eclipse.swt.widgets.Widget.sendEvent(Widget.java:1388)
org.eclipse.swt.widgets.Display.runDeferredEvents(Display.java:3799)
org.eclipse.swt.widgets.Display.readAndDispatch(Display.java:3409)
org.eclipse.e4.ui.internal.workbench.swt.PartRenderingEngine$9.run(PartRenderingEngine.java:1151)
org.eclipse.core.databinding.observable.Realm.runWithDefault(Realm.java:332)
org.eclipse.e4.ui.internal.workbench.swt.PartRenderingEngine.run(PartRenderingEngine.java:1032)
org.eclipse.e4.ui.internal.workbench.E4Workbench.createAndRunUI(E4Workbench.java:148)
org.eclipse.ui.internal.Workbench$5.run(Workbench.java:636)
org.eclipse.core.databinding.observable.Realm.runWithDefault(Realm.java:332)
org.eclipse.ui.internal.Workbench.createAndRunWorkbench(Workbench.java:579)
org.eclipse.ui.PlatformUI.createAndRunWorkbench(PlatformUI.java:150)
com.novell.idm.rcp.DesignerApplication.start(Unknown Source)
org.eclipse.equinox.internal.app.EclipseAppHandle.run(EclipseAppHandle.java:196)
org.eclipse.core.runtime.internal.adaptor.EclipseAppLauncher.runApplication(EclipseAppLauncher.java:134)
org.eclipse.core.runtime.internal.adaptor.EclipseAppLauncher.start(EclipseAppLauncher.java:104)
org.eclipse.core.runtime.adaptor.EclipseStarter.run(EclipseStarter.java:380)
org.eclipse.core.runtime.adaptor.EclipseStarter.run(EclipseStarter.java:235)
sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
java.lang.reflect.Method.invoke(Method.java:498)
org.eclipse.equinox.launcher.Main.invokeFramework(Main.java:648)
org.eclipse.equinox.launcher.Main.basicRun(Main.java:603)
org.eclipse.equinox.launcher.Main.run(Main.java:1465)
org.eclipse.equinox.launcher.Main.main(Main.java:1438)

Visit my Website for links to Cool Solution articles.
0 Likes
ScorpionSting Absent Member.
Absent Member.

Re: Designer (LDAP-based) is out live!

Jump to solution
Appears all server specific information has issues....

The "browser" next to "name" for the server object in designer doesn't allow selection. Server objects are considered "unknown" by designer. Server Context is LDAP format, but name is just string name (trying cn= causes invalid syntax warning).

Visit my Website for links to Cool Solution articles.
0 Likes
ScorpionSting Absent Member.
Absent Member.

Re: Designer (LDAP-based) is out live!

Jump to solution
If I delete the server objects and recreate them, then it all appears to be okay....

Looks like there is some hidden field on the designer object that can't be corrected from the old NCP dotted syntax to LDAP DN.....it only gets written on new objects.

Visit my Website for links to Cool Solution articles.
0 Likes
ScorpionSting Absent Member.
Absent Member.

Re: Designer (LDAP-based) is out live!

Jump to solution
I take that back....because I'd deleted the server objects, the related info is blank....so compare shows no difference between "blanks" (even though eDir has value)....

Visit my Website for links to Cool Solution articles.
0 Likes
alokesh Absent Member.
Absent Member.

Re: Designer (LDAP-based) is out live!

Jump to solution
Hi,

Designer (LDAP) 4.6 separately connects to each server for deploying the server-specific attributes such as Global Configuration Values (GCVs). When you add a new server to the Identity Vault, Designer (LDAP) automatically populates the values for clearTextHost, clearTextPort, secureHost, and securePort attributes for the server. But in existing projects, we need go to Identity Vault properties page and select the servers list. Edit each sever and browse the server context and save them. Make sure that each server points to correct context, clearTextHost, clearTextPort, secureHost, and securePort attributes in server properties view. Once these attributes are proper then the GCVs compare should work fine.

Thanks,
Lokesh
0 Likes
ScorpionSting Absent Member.
Absent Member.

Re: Designer (LDAP-based) is out live!

Jump to solution
Perhaps reading the entire thread instead of the recent post, you would have noticed all the troubleshooting steps taken.....which also happens to include re-creating the server objects in the new project, yet compare still fails....

Here's a redacted server object:



IP is 100% and DNS is 100%, yet no actual server specific settings can be read/written to eDirectory over LDAPS

Visit my Website for links to Cool Solution articles.
0 Likes
ScorpionSting Absent Member.
Absent Member.

Re: Designer (LDAP-based) is out live!

Jump to solution
For each server, the log says:

!ENTRY com.novell.core 4 0 2017-06-05 15:43:22.289
!MESSAGE Error Thrown while building Server Specifc DsAccess for CN=xxxxx,o=ADMIN!!!
!STACK 0
com.novell.core.datatools.access.nds.DSAccessException: Cannot perform the operation. Not all the servers in the replica list are up.
at com.novell.core.datatools.access.nds.DSAccess.buildDSAccess(Unknown Source)
at com.novell.core.datatools.access.nds.LDAPDSUtil.getServerSpecificdsAccess(Unknown Source)
at com.novell.idm.IdmModel.getLdapServerDetails(Unknown Source)
at com.novell.idm.compare.attributes.DeployedXML.getDSValue(Unknown Source)
at com.novell.idm.compare.attributes.DeployedXML.setIsEqual(Unknown Source)
at com.novell.idm.compare.attributes.DeployedValue.<init>(Unknown Source)
at com.novell.idm.compare.attributes.DeployedXML.<init>(Unknown Source)
at com.novell.idm.compare.DeployedGlobalConfig.buildAttributeAL(Unknown Source)
at com.novell.idm.compare.DeployedItem.initializeDataMembers(Unknown Source)
at com.novell.idm.compare.DeployedItem.<init>(Unknown Source)
at com.novell.idm.compare.DeployedGlobalConfig.<init>(Unknown Source)
at com.novell.idm.compare.DeployedItem.createDeployedItem(Unknown Source)
at com.novell.idm.compare.DeployedItem.createDeployedItem(Unknown Source)
at com.novell.idm.deploy.internal.compare.CompareItemAction.performCompare(Unknown Source)
at com.novell.idm.deploy.internal.compare.CompareItemAction.access$1(Unknown Source)
at com.novell.idm.deploy.internal.compare.CompareItemAction$1.run(Unknown Source)
at org.eclipse.jface.operation.ModalContext.runInCurrentThread(ModalContext.java:466)
at org.eclipse.jface.operation.ModalContext.run(ModalContext.java:374)
at org.eclipse.jface.dialogs.ProgressMonitorDialog.run(ProgressMonitorDialog.java:527)
at com.novell.idm.deploy.internal.compare.CompareItemAction.performCompare(Unknown Source)
at com.novell.idm.deploy.internal.compare.CompareItemAction.run(Unknown Source)
at org.eclipse.ui.internal.PluginAction.runWithEvent(PluginAction.java:253)
at org.eclipse.jface.action.ActionContributionItem.handleWidgetSelection(ActionContributionItem.java:595)
at org.eclipse.jface.action.ActionContributionItem.access$2(ActionContributionItem.java:511)
at org.eclipse.jface.action.ActionContributionItem$5.handleEvent(ActionContributionItem.java:420)
at org.eclipse.swt.widgets.EventTable.sendEvent(EventTable.java:84)
at org.eclipse.swt.widgets.Display.sendEvent(Display.java:4454)
at org.eclipse.swt.widgets.Widget.sendEvent(Widget.java:1388)
at org.eclipse.swt.widgets.Display.runDeferredEvents(Display.java:3799)
at org.eclipse.swt.widgets.Display.readAndDispatch(Display.java:3409)
at org.eclipse.e4.ui.internal.workbench.swt.PartRenderingEngine$9.run(PartRenderingEngine.java:1151)
at org.eclipse.core.databinding.observable.Realm.runWithDefault(Realm.java:332)
at org.eclipse.e4.ui.internal.workbench.swt.PartRenderingEngine.run(PartRenderingEngine.java:1032)
at org.eclipse.e4.ui.internal.workbench.E4Workbench.createAndRunUI(E4Workbench.java:148)
at org.eclipse.ui.internal.Workbench$5.run(Workbench.java:636)
at org.eclipse.core.databinding.observable.Realm.runWithDefault(Realm.java:332)
at org.eclipse.ui.internal.Workbench.createAndRunWorkbench(Workbench.java:579)
at org.eclipse.ui.PlatformUI.createAndRunWorkbench(PlatformUI.java:150)
at com.novell.idm.rcp.DesignerApplication.start(Unknown Source)
at org.eclipse.equinox.internal.app.EclipseAppHandle.run(EclipseAppHandle.java:196)
at org.eclipse.core.runtime.internal.adaptor.EclipseAppLauncher.runApplication(EclipseAppLauncher.java:134)
at org.eclipse.core.runtime.internal.adaptor.EclipseAppLauncher.start(EclipseAppLauncher.java:104)
at org.eclipse.core.runtime.adaptor.EclipseStarter.run(EclipseStarter.java:380)
at org.eclipse.core.runtime.adaptor.EclipseStarter.run(EclipseStarter.java:235)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.eclipse.equinox.launcher.Main.invokeFramework(Main.java:648)
at org.eclipse.equinox.launcher.Main.basicRun(Main.java:603)
at org.eclipse.equinox.launcher.Main.run(Main.java:1465)
at org.eclipse.equinox.launcher.Main.main(Main.java:1438)


But this is a complete and utter lie....both servers are up and both are listening on 389 and 636

Visit my Website for links to Cool Solution articles.
0 Likes
kyenugutala Absent Member.
Absent Member.

Re: Designer (LDAP-based) is out live!

Jump to solution
Hi,

Thank you so much for the addressing your concern. we are suspecting due to below of the issue it's not working as expected.

Please ensure that following details secureHost, Secure Port, Server context, clear Text host & Clear Text Port are proper in Server properties tab which is under Designer OutLine view.

If above details are showing correct, please use Telnet command and ensure that all the available servers are up.

If any incorrect information noticed for the above attributes then use below steps to correct the details.

1) Remove & add the server/double-click on the server in Designer outline view and edit the Server Context then click on Apply button in Server Properties dialogue window.
Please do cross-check whether the values are auto-populated or not.(Note: once you remove the server then all the associated Driver set & drivers will loose the server-specific attribute details such as GCV, ECV)

2)Also, these details can enter manually in server properties tab.
For your reference, I have attached below screen shot and let us know if you need any further information from our side.



Note: The above-mentioned attribute details should be proper for all the available servers.
0 Likes
ScorpionSting Absent Member.
Absent Member.

Re: Designer (LDAP-based) is out live!

Jump to solution
Thank you. The clarification around which "server properties" allowed for per-server attributes to compare. I think the documentation needs a bit of clarification.

Visit my Website for links to Cool Solution articles.
0 Likes
Knowledge Partner
Knowledge Partner

Re: Designer (LDAP-based) is out live!

Jump to solution

Two years later, with Designer 4.7.3 converting  a project from Designer 4.6 (NDAP) to 4.7 (LDAP) and exactly the same problem. After editing the server's properties, Live/Compare works again.

So, props for posting the solution. But why is Designer still not correctly populating the clearTextHost and secureHost properties on a conversion, or on importing from live system? Seems like something that could be fixed pretty easily.

 

Knowledge Partner
Knowledge Partner

Re: Designer (LDAP-based) is out live!

Jump to solution
How about opening a bug about it? I suspect that will better find it's way to the people who can fix this than a port over here.

https://bugzilla.netiq.com/enter_bug.cgi?product=Identity%20Designer
______________________________________________
https://www.is4it.de/identity-access-management
0 Likes
Knowledge Partner
Knowledge Partner

Re: Designer (LDAP-based) is out live!

Jump to solution
rkrishnan wrote:

> LDAP Designer is live!


Where's the macOS version?!!!

--
http://www.is4it.de/en/solution/identity-access-management/

(If you find this post helpful, please click on the star below.)
______________________________________________
https://www.is4it.de/identity-access-management
0 Likes
Knowledge Partner
Knowledge Partner

Re: Designer (LDAP-based) is out live!

Jump to solution
Lothar Haeger <lothar.haeger@is4it.de> wrote:
> rkrishnan wrote:
>
>> LDAP Designer is live!

>
> Where's the macOS version?!!!
>


Maybe it wasn't as ready for release yet. (Platform specific bug). Or maybe
they will ship this formally with 4.7 (whenever that arrives)

Alex McHugh - Knowledge Partner - Stavanger, Norway
Who are the Knowledge Partners
If you appreciate my comments, please click the Like button.
If I have resolved your issue, please click the Accept as Solution button.
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.