AnsweredAssumed Answered

Create account behaviour in LDAP/AD

Question asked by subhrajit das on Oct 11, 2017
Latest reply on Oct 17, 2017 by subhrajit das

Hi,

We are at 7.0.1.

We see while L&G sends a create account request for any LDAP based server or AD, it sends the complete request in two parts. One is "Create Account without password is done" and then second is "Send ResetPassword command explicitly".

 

Can any one let us know is it a normal behaviour or any change of settings may send entire request in single part?

 

See below request in INFO mode:

2017-10-11 10:55:52.661 [INFO] org.mule.api.processor.LoggerMessageProcessor:193 - Create Account without password is done
2017-10-11 10:55:52.661 [INFO] org.mule.api.processor.LoggerMessageProcessor:193 - Send ResetPassword command explicitly

 

 

See below request in DEBUG mode:

 

In first part it does not even have password as parameter. 

 

2017-10-11 10:55:52.167 [DEBUG] org.mule.transport.ldapx.transformers.MessageToLdapEntry:121 - Property class is [Ljava.lang.String;
2017-10-11 10:55:52.167 [DEBUG] org.mule.transport.ldapx.transformers.MessageToLdapEntry:121 - Property name is objectClass
2017-10-11 10:55:52.167 [DEBUG] org.mule.transport.ldapx.transformers.MessageToLdapEntry:121 - Property value is [Ljava.lang.String;@556bb526
2017-10-11 10:55:52.168 [DEBUG] org.mule.transport.ldapx.transformers.MessageToLdapEntry:121 - Property class is java.lang.String
2017-10-11 10:55:52.168 [DEBUG] org.mule.transport.ldapx.transformers.MessageToLdapEntry:121 - Property name is CN
2017-10-11 10:55:52.169 [DEBUG] org.mule.transport.ldapx.transformers.MessageToLdapEntry:121 - Property value is AccsdjN
2017-10-11 10:55:52.169 [DEBUG] org.mule.transport.ldapx.transformers.MessageToLdapEntry:121 - Property class is java.lang.String
2017-10-11 10:55:52.169 [DEBUG] org.mule.transport.ldapx.transformers.MessageToLdapEntry:121 - Property name is sn
2017-10-11 10:55:52.170 [DEBUG] org.mule.transport.ldapx.transformers.MessageToLdapEntry:121 - Property value is Accsdjkfsd
2017-10-11 10:55:52.170 [DEBUG] org.mule.transport.ldapx.transformers.MessageToLdapEntry:121 - Property class is java.lang.String
2017-10-11 10:55:52.171 [DEBUG] org.mule.transport.ldapx.transformers.MessageToLdapEntry:121 - Property name is givenName
2017-10-11 10:55:52.173 [DEBUG] org.mule.transport.ldapx.transformers.MessageToLdapEntry:121 - Property value is Newksdfhs
2017-10-11 10:55:52.174 [DEBUG] org.mule.transport.ldapx.transformers.MessageToLdapEntry:121 - Property class is java.lang.String
2017-10-11 10:55:52.174 [DEBUG] org.mule.transport.ldapx.transformers.MessageToLdapEntry:121 - Property name is sAMAccountName
2017-10-11 10:55:52.175 [DEBUG] org.mule.transport.ldapx.transformers.MessageToLdapEntry:121 - Property value is AccsdjN

 

In second part it explicitly sends password as parameter which goes as modify request by searching the account in target. 

 

2017-10-11 10:55:52.679 [DEBUG] org.mule.transport.ldapx.transformers.MessageToModifyRequest:121 - DN: CN=AccsdjN,OU=Production,OU=Users,OU=XXX,DC=xxx,DC=xxx,DC=xxx
2017-10-11 10:55:52.680 [DEBUG] org.mule.transport.ldapx.transformers.MessageToModifyRequest:121 - UID: CN=AccsdjN
2017-10-11 10:55:52.680 [DEBUG] org.mule.transport.ldapx.transformers.MessageToModifyRequest:121 - UID FILTER: (CN=AccsdjN)
2017-10-11 10:55:52.680 [DEBUG] org.mule.transport.ldapx.transformers.MessageToModifyRequest:121 - BASE: OU=Production,OU=Users,OU=xxx,DC=xxx,DC=xxx,DC=xxx
2017-10-11 10:55:52.748 [DEBUG] org.mule.transport.ldapx.transformers.MessageToModifyRequest:121 - LDAPSearchResults, ldapResult com.novell.ldap.LDAPSearchResults@759349e8
2017-10-11 10:55:52.749 [DEBUG] org.mule.transport.ldapx.transformers.MessageToModifyRequest:121 - Property class is java.lang.String
2017-10-11 10:55:52.749 [DEBUG] org.mule.transport.ldapx.transformers.MessageToModifyRequest:121 - Property name is unicodePwd
2017-10-11 10:55:52.750 [DEBUG] org.mule.transport.ldapx.transformers.MessageToModifyRequest:121 - Property value is xfwlQegw@1

Outcomes