#1 2021-07-07 23:49:24

simons987
Member
Registered: 2021-07-07

Change LDAP Server - Error with ldapimport.groovy

Hi,

We are changing LDAP Servers and are trying to reimport the settings into Report Server.

When running exec -c ldapimport.groovy we receive the following error.

reportserver$ exec -c ldapimport.groovy
Script execution failed.
error message: javax.script.ScriptException: java.lang.RuntimeException: Error processing search result: CN=JB Administrator,OU=Security,OU=Authority,OU=Business Units,DC=examples,DC=com (java.lang.RuntimeException)
script arguments:
file: ldapimport.groovy (id: 24724, line 472)
line number: 472 (69, 29, 298)
line: loadFromDirectory();

Any suggestions?

Offline

#2 2021-07-08 12:21:18

jalbrecht
Administrator
Registered: 2016-10-21

Re: Change LDAP Server - Error with ldapimport.groovy

Dear Simons,

the ldap script ldapimport.groovy provided is just a template which has to be changed / adapted to your specific ldap configuration. Pls take a look here: https://forum.reportserver.net/viewtopic.php?id=710 and https://forum.reportserver.net/viewtopic.php?id=711

In most of the cases, these methods / parameters should be adapted. Pls check below for a jumpcloud ldap example:

1. Credentials:

lul.setProviderUrl("ldap://ldap.jumpcloud.com:389");
lul.setSecurityPrincipal("uid=LDAP_BINDING_USER,ou=Users,o=YOUR_ORG_ID,dc=jumpcloud,dc=com"); // replace LDAP_BINDING_USER and YOUR_ORG_ID with your account details
lul.setSecurityCredentials("******"); //your password

2. change getGUID() in order to return something unique in the jumpcloud LDAP installation, e.g.:

private String getGuid(SearchResult sr) throws NamingException{
return sr.getName().toString(); //you can also return a unique id analogously as the original script
}

3. change your filter:
private String ldapFilter = "(|(objectClass=organizationalUnit)(objectClass=person)(objectClass=posixGroup))";

4. change the username property:

//node.setUsername(getStringAttribute(sr, "sAMAccountName"));
node.setUsername(getStringAttribute(sr, "uid")); // set uid or any attribute you have identifying your username

5.  You may have to adapt the type of recovered objects

//} else if (objectClass.contains ("user")) {
} else if (objectClass.contains ("person")) {

In order to check your settings, I would recommend you using an external tool, e.g. ldapsearch.
For example:

ldapsearch -x -b "ou=Users,o=58b57552f9,dc=jumpcloud,dc=com" -D "uid=danna,ou=Users,o=58b57552f9,dc=jumpcloud,dc=com" -w "myPassword" -H ldap://ldap.jumpcloud.com:389 "(|(objectClass=organizationalUnit)(objectClass=person)(objectClass=group))"

Here you see the filter "(|(objectClass=organizationalUnit)(objectClass=person)(objectClass=group))" and the rest of the parameters. So you can change them until you get the list of all the users you need. When you find out the correct parameters, you can enter them to the script and it should work analogously as the external LDAP client.

Regards,
Jan

Offline

#3 2021-07-08 12:48:25

eduardo
Administrator
Registered: 2016-11-01
Website

Re: Change LDAP Server - Error with ldapimport.groovy

Hi simons987,

you can also try with these (new) ldap scripts:
https://github.com/infofabrik/reportser … admin/ldap

you have ldaptester.groovy, which further allows you to test your settings before using the *real* ldapimport.groovy. All are available in the link above.

Regards,
Eduardo

Offline

#4 2021-07-08 23:53:26

simons987
Member
Registered: 2021-07-07

Re: Change LDAP Server - Error with ldapimport.groovy

Thanks jalbrecht and ecuadro

I have figured out how to modify through the postgres database.

UPDATE public.rs_usermanager_node
SET origin= REPLACE(origin, 'Server1', 'Server2')
WHERE origin IS NOT NULL

UPDATE public.rs_usermanager_node_a
SET origin= REPLACE(origin, 'Server1', 'Server2')
WHERE origin IS NOT NULL

Regards,

Simons

Last edited by simons987 (2021-07-09 00:40:16)

Offline

#5 2021-07-09 06:34:45

jalbrecht
Administrator
Registered: 2016-10-21

Re: Change LDAP Server - Error with ldapimport.groovy

Dear simons987,
thank you for contributing to the forum and sharing your solution.

regards jan

Offline

Board footer

Powered by FluxBB