#1 2023-04-05 12:32:24

greg johnston
Member
Registered: 2022-09-10

failing to import users

Current configuration was successful at least a month ago, but now new users and password updated are not updating in RS. Ran ldapimport  and got error below:

net.datenwerke.gxtdto.client.servercommunication.exceptions.ServerCallFailedException: net.datenwerke.rs.ldap.service.ldap.exceptions.LdapException: Failed to import user data from directory.
<br>    at net.datenwerke.rs.terminal.server.terminal.TerminalRpcServiceImpl.doExecute(TerminalRpcServiceImpl.java:158)
<br>    at com.google.inject.persist.jpa.JpaLocalTxnInterceptor.invoke(JpaLocalTxnInterceptor.java:64)
<br>    at net.datenwerke.security.service.security.aop.SecurityCheckInterceptor.invoke(SecurityCheckInterceptor.java:112)
<br>    at net.datenwerke.rs.terminal.server.terminal.TerminalRpcServiceImpl.execute(TerminalRpcServiceImpl.java:125)
<br>    at net.datenwerke.security.service.security.aop.SecurityCheckInterceptor.invoke(SecurityCheckInterceptor.java:112)
<br>    at net.datenwerke.gf.service.gwtstacktrace.CatchStacktraceInterceptor.invoke(CatchStacktraceInterceptor.java:38)
<br>    at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
<br>    at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
<br>    at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
<br>    at java.base/java.lang.reflect.Method.invoke(Method.java:566)
<br>    at com.google.gwt.user.server.rpc.RPC.invokeAndEncodeResponse(RPC.java:587)
<br>    at com.google.gwt.user.server.rpc.RemoteServiceServlet.processCall(RemoteServiceServlet.java:333)
<br>    at net.datenwerke.security.service.security.aop.SecurityCheckInterceptor.invoke(SecurityCheckInterceptor.java:112)
<br>    at net.datenwerke.gf.service.gwtstacktrace.CatchStacktraceInterceptor.invoke(CatchStacktraceInterceptor.java:38)
<br>    at com.google.gwt.user.server.rpc.RemoteServiceServlet.processCall(RemoteServiceServlet.java:303)
<br>    at net.datenwerke.security.service.security.aop.SecurityCheckInterceptor.invoke(SecurityCheckInterceptor.java:112)
<br>    at net.datenwerke.gf.service.gwtstacktrace.CatchStacktraceInterceptor.invoke(CatchStacktraceInterceptor.java:38)
<br>    at com.google.gwt.user.server.rpc.RemoteServiceServlet.processPost(RemoteServiceServlet.java:373)
<br>    at com.google.gwt.user.server.rpc.AbstractRemoteServiceServlet.doPost(AbstractRemoteServiceServlet.java:62)
<br>    at javax.servlet.http.HttpServlet.service(HttpServlet.java:681)
<br>    at javax.servlet.http.HttpServlet.service(HttpServlet.java:764)
<br>    at net.datenwerke.security.service.security.aop.SecurityCheckInterceptor.invoke(SecurityCheckInterceptor.java:112)
<br>    at net.datenwerke.gf.service.gwtstacktrace.CatchStacktraceInterceptor.invoke(CatchStacktraceInterceptor.java:38)
<br>    at com.google.inject.servlet.ServletDefinition.doServiceImpl(ServletDefinition.java:290)
<br>    at com.google.inject.servlet.ServletDefinition.doService(ServletDefinition.java:280)
<br>    at com.google.inject.servlet.ServletDefinition.service(ServletDefinition.java:184)
<br>    at com.google.inject.servlet.ManagedServletPipeline.service(ManagedServletPipeline.java:89)
<br>    at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:85)
<br>    at com.google.inject.persist.PersistFilter.doFilter(PersistFilter.java:94)
<br>    at com.google.inject.servlet.FilterChainInvocation.doFilter(FilterChainInvocation.java:82)
<br>    at com.google.inject.servlet.ManagedFilterPipeline.dispatch(ManagedFilterPipeline.java:121)
<br>    at com.google.inject.servlet.GuiceFilter.doFilter(GuiceFilter.java:133)
<br>    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:189)
<br>    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:162)
<br>    at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:197)
<br>    at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:97)
<br>    at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:541)
<br>    at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:135)
<br>    at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:92)
<br>    at org.apache.catalina.valves.AbstractAccessLogValve.invoke(AbstractAccessLogValve.java:687)
<br>    at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:78)
<br>    at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:360)
<br>    at org.apache.coyote.ajp.AjpProcessor.service(AjpProcessor.java:433)
<br>    at org.apache.coyote.AbstractProcessorLight.process(AbstractProcessorLight.java:65)
<br>    at org.apache.coyote.AbstractProtocol$ConnectionHandler.process(AbstractProtocol.java:890)
<br>    at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1789)
<br>    at org.apache.tomcat.util.net.SocketProcessorBase.run(SocketProcessorBase.java:49)
<br>    at org.apache.tomcat.util.threads.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1191)
<br>    at org.apache.tomcat.util.threads.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:659)
<br>    at org.apache.tomcat.util.threads.TaskThread$WrappingRunnable.run(TaskThread.java:61)
<br>    at java.base/java.lang.Thread.run(Thread.java:829)
<br>Caused by: net.datenwerke.rs.terminal.service.terminal.exceptions.TerminalException: net.datenwerke.rs.ldap.service.ldap.exceptions.LdapException: Failed to import user data from directory.
<br>    at net.datenwerke.rs.ldap.service.ldap.terminal.commands.LdapimportCommand.execute(LdapimportCommand.java:46)
<br>    at net.datenwerke.rsenterprise.license.service.EnterpriseCheckInterceptor.invoke(EnterpriseCheckInterceptor.java:40)
<br>    at net.datenwerke.rs.terminal.service.terminal.helpmessenger.HelpMessageInterceptor.invoke(HelpMessageInterceptor.java:53)
<br>    at net.datenwerke.rs.terminal.service.terminal.ExecuteCommandConfigImpl.execute(ExecuteCommandConfigImpl.java:28)
<br>    at net.datenwerke.rs.terminal.service.terminal.TerminalSession.execute(TerminalSession.java:144)
<br>    at net.datenwerke.rs.terminal.service.terminal.TerminalSession.execute(TerminalSession.java:107)
<br>    at net.datenwerke.rs.terminal.server.terminal.TerminalRpcServiceImpl.doExecute(TerminalRpcServiceImpl.java:140)
<br>    ... 50 more
<br>Caused by: net.datenwerke.rs.ldap.service.ldap.exceptions.LdapException: Failed to import user data from directory.
<br>    at org.codehaus.groovy.vmplugin.v8.IndyInterface.fromCache(IndyInterface.java:318)
<br>    at net.datenwerke.rs.ldap.service.ldap.LdapServiceImpl$_importUsers_closure1.doCall(LdapServiceImpl.groovy:200)
<br>    at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
<br>    at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
<br>    at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
<br>    at java.base/java.lang.reflect.Method.invoke(Method.java:566)
<br>    at org.codehaus.groovy.reflection.CachedMethod.invoke(CachedMethod.java:343)
<br>    at groovy.lang.MetaMethod.doMethodInvoke(MetaMethod.java:328)
<br>    at org.codehaus.groovy.runtime.metaclass.ClosureMetaClass.invokeMethod(ClosureMetaClass.java:279)
<br>    at groovy.lang.MetaClassImpl.invokeMethod(MetaClassImpl.java:1009)
<br>    at org.codehaus.groovy.vmplugin.v8.IndyInterface.fromCache(IndyInterface.java:318)
<br>    at net.datenwerke.rs.ldap.service.ldap.LdapServiceImpl.loadFromDirectory(LdapServiceImpl.groovy:344)
<br>    at org.codehaus.groovy.vmplugin.v8.IndyInterface.fromCache(IndyInterface.java:318)
<br>    at net.datenwerke.rs.ldap.service.ldap.LdapServiceImpl.importUsers(LdapServiceImpl.groovy:208)
<br>    at net.datenwerke.rs.ldap.service.ldap.terminal.commands.LdapimportCommand.execute(LdapimportCommand.java:44)
<br>    ... 56 more
<br>

Offline

#2 2023-04-05 12:34:26

greg johnston
Member
Registered: 2022-09-10

Re: failing to import users

I have confirmed account used for ldap is not locked and password is correct

Offline

#3 2023-04-05 14:34:46

greg johnston
Member
Registered: 2022-09-10

Re: failing to import users

trying to run ldapimport.groovy with -c and get this error
Script execution failed.
error message: javax.script.ScriptException: net.datenwerke.rs.ldap.service.ldap.exceptions.LdapException: net.datenwerke.rs.ldap.service.ldap.exceptions.LdapException: Failed to import user data from directory.  (net.datenwerke.rs.ldap.service.ldap.exceptions.LdapException)
script arguments:
file: ldapimport.groovy (id: 4539, line 23)
line number: 23 (200)

This is the groovy I'm using, line 23 is ldapService.importUsers()


package net.datenwerke.rs.samples.admin.ldap

import net.datenwerke.rs.ldap.service.ldap.LdapService

/**
* ldapimport.groovy
* Version: 2.0.1
* Type: Normal Script
* Last tested with: ReportServer 4.0.0-6053
*
* As of ReportServer 4.0.0 you can use the "ldapimport" terminal command
* together with the sso/ldap.cf configuration file in order to manually import LDAP users.
* For scheduling the functionality periodically, you can use the current script as shown below and schedule it via "scheduleScript".
* Note you have to use the -c flag for committing changes into the database: exec -c ldapimport.groovy
*
* If for any reason you need to use the legacy script, you can find it here:
* https://github.com/infofabrik/reportser … ort.groovy
*
*/

def ldapService = GLOBALS.getInstance(LdapService)

ldapService.importUsers()

Offline

#4 2023-04-05 15:05:19

eduardo
Administrator
Registered: 2016-11-01
Website

Re: failing to import users

Hi greg johnston,

can you pls post the complete output here: administration -> system console -> general info ?
you can use http://imgbb.com for posting.

Regards,
Eduardo

Offline

#5 2023-05-11 12:27:19

greg johnston
Member
Registered: 2022-09-10

Re: failing to import users

info uploaded now

Offline

#6 2023-05-11 14:55:15

eduardo
Administrator
Registered: 2016-11-01
Website

Re: failing to import users

Hi greg johnston,

nothing arrived...

Regards,
Eduardo

Offline

#7 2023-05-12 23:35:27

greg johnston
Member
Registered: 2022-09-10

Re: failing to import users

there now?

Offline

#8 2023-05-19 09:15:27

eduardo
Administrator
Registered: 2016-11-01
Website

Re: failing to import users

Hi greg johnston,

pls copy paste the link to the images uploaded here.

Regards,
Eduardo

Offline

#9 2023-05-23 12:32:34

greg johnston
Member
Registered: 2022-09-10

Re: failing to import users

Offline

#10 2023-05-23 14:26:31

eduardo
Administrator
Registered: 2016-11-01
Website

Re: failing to import users

Hi greg johnston,

I think you have "ldap orphans", that's why you get this error message. You can try to identify these ldap orphans manually or better, upgrade at least to RS 4.5.0, where you can use the "ldap orphans" terminal command as explained here: https://reportserver.net/en/guides/admi … -ldaptest/

Your LDAP filter should return all (and only!) your users, groups and organizational units. If more nodes are returned, or if the mappings in ldap.cf are not correct, nodes are returned that can not be mapped to a user, a group or an organizational unit. These are called LDAP orphans. In a correct installation and configuration, there should not be any LDAP orphans. Thus, you get LDAP orphans when you return ''to much'' from your LDAP filter. You can easily list all LDAP orphans with this terminal command.

If the -a flag is entered, requests and displays additional LDAP attributes. These must be separated by semicolon (;).

Use: ldaptest orphans [-a]

Here you can see the much greater LDAP support in 4.5.0:  https://reportserver.net/releasenotes/RS4.5.0.html, which may help you identifying the problem (if it is not an orphan-related problem).

Of course you can also upgrade to the newest 4.6.1 version as well.

Regards,
Eduardo

Offline

#11 2023-05-25 18:04:56

greg johnston
Member
Registered: 2022-09-10

Re: failing to import users

how would I locate these manually?

Offline

#12 2023-05-26 11:14:29

eduardo
Administrator
Registered: 2016-11-01
Website

Re: failing to import users

Hi greg johnston,

pls keep in mind that this *may* be the problem.

You can use an external LDAP tool (e.g. ldapsearch https://linux.die.net/man/1/ldapsearch ) or any Windows LDAP client to analyze the problem manually.

Check your filter, and make sure it returns nodes *only* of type user, group or organizational unit. What exactly a user, group or organizational unit is depends on your definitions, so also here pls check your ldap.cf configuration file. Then check all ldap filter results and make sure all nodes are a user, group or organizational unit.
If you have any orphan node, i.e. a node that is not a user, a group or an organizational unit, this may be the cause of the problem.

Regards,
Eduardo

Offline

#13 2023-05-26 11:21:37

eduardo
Administrator
Registered: 2016-11-01
Website

Re: failing to import users

Hi greg johnston,

but now new users and password updated are not updating in RS. Ran ldapimport

you can also deactivate these new users or change their ldap properties so they are not returned by your ldap filter. Then make sure ldapimport works. Then, one by one, activate them again and run each time ldapimport, so you can then locate the problem user.

Regards,
Eduardo

Offline

Board footer

Powered by FluxBB