-
Posts
6 -
Joined
-
Last visited
Content Type
Profiles
Forums
Enhancement Requests
Posts posted by chathway
-
-
We have a single SSO profile configured for Azure AD. In Azure AD we have 3 Apps for Hornbill SSO (Admin, User, & service) all configured for https://*.hornbill.com/*?metadata=hornbill|ISV9.2|primary|z.
We would like to enable "Auto Update Certificates" in the Hornbill SSO profile however, there is only one configuration for metadata URL. We would need 3 of these for 3 Azure app instances (each one contains the signing certs thumbprint for the instance).
Could this be added?
In the case of Azure AD the base URL for the metadata is always the same https://login.microsoftonline.com/TENANT_ID/federationmetadata/2007-06/federationmetadata.xml and a parameter on the end of the URL ?appid=APPID_GUID is used to select the correct metadata.
@Gerry support mentioned you might be best to help on this
-
@TrevorKillick I have updated the LDAP import tool and setup a pre import action to trim address attribute however, I just get a blank in the logs.
2018/08/17 15:17:02 [DEBUG] LDAP Attribute for Site Lookup: {streetAddressClean}
2018/08/17 15:17:02 [DEBUG] Looking Up Site [streetAddress]
2018/08/17 15:17:02 [DEBUG] Unable to Locate Site -
11 minutes ago, chathway said:
Sorry didn't look that closely at the screenshot, I will try that now.
@TrevorKillick that's worked now I have added the replace.
-
11 minutes ago, TrevorKillick said:
@chathway
That's why in my screenshot I pass {subdepartment} into a replace action that will find and replace colon and space with an empty string.
I will take another look and try and replicate this carriage return line feed not replacing.
Kind Regards
Trevor KillickSorry didn't look that closely at the screenshot, I will try that now.
-
-
Thanks Trevor,
I have tried out the regex's you sent; the one for department (^[^:]+ ) works fine however, the other captures the : and space before the sub-department (and so fails lookup) . Tried it in regex tester and can see it stripes the : off in group1 but think the import tool only sees the full match not groups?
2018/08/13 14:52:27 [DEBUG] LDAP Attribute for Site Lookup: {streetAddressClean}
2018/08/13 14:52:27 [DEBUG] Looking Up Site Concept House
Cardiff Road
2018/08/13 14:52:27 [DEBUG] Unable to Locate Site
2018/08/13 14:52:27 [DEBUG] LDAP Attribute for Org Lookup: {department}
2018/08/13 14:52:27 [DEBUG] Looking Up Org IT
2018/08/13 14:52:27 [DEBUG] Org Lookup found Id IT
2018/08/13 14:52:27 [DEBUG] LDAP Attribute for Org Lookup: {subdepartment}
2018/08/13 14:52:27 [DEBUG] Looking Up Org : IT Operations Level 2 Support
2018/08/13 14:52:27 [DEBUG] Unable to Find Organsiation : IT Operations Level 2 SupportBelow is an extract of the streetAddress attribute from AD (attached is it pasted into notepad++ so you can see the carriage return.
Concept House
Cardiff RoadCheers
Chris
-
I am trying to use the pre Import Actions within the Data import configuration section to modify several attributes being imported from AD.
AD Attribute "StreetAddress" needs to be mapped to Hornbill site value. Currently "streetAddress" contains carriage returns which need to be removed so lookup can match to a site location.
AD Attribute "Department" needs to be mapped to Hornbill Department and Sub-Department value. Currently "Department" is in the format Department : Sub-department and needs to be split on the colon so lookup can match everything before colon to department and everything after to sub-department.
For "StreetAddress" I'm using the option to do a replace using \r\n in the find field and , in the replace with field however, it is not having any affect when LDAP_Import utility is run.
To get department I'm using:
(.+)(?=:)
and sub-department:
(?<=:)(.+)
however, receive the below error:
[DEBUG] Processing LDAP User Data
panic: runtime error: invalid memory address or nil pointer dereference
[signal 0xc0000005 code=0x0 addr=0x10 pc=0x51c605]goroutine 1 [running]:
regexp.(*Regexp).allMatches(0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x64, 0xc042433138)
/usr/local/go/src/regexp/regexp.go:683 +0xb5
regexp.(*Regexp).FindAllString(0x0, 0x0, 0x0, 0x64, 0x3f, 0xc04234e050, 0x4c)
/usr/local/go/src/regexp/regexp.go:1024 +0x116
main.processRegexOnString(0xc042317260, 0x9, 0x0, 0x0, 0x0, 0x722848)
/Users/TrevorK/development/GoLang/src/github.com/hornbill/goLDAPUserImport/common.go:28 +0x148
main.processImportActions(0xc04216e930, 0x0, 0xc0426cbd10)
/Users/TrevorK/development/GoLang/src/github.com/hornbill/goLDAPUserImport/process_data.go:565 +0x457
main.processLDAPUsers()
/Users/TrevorK/development/GoLang/src/github.com/hornbill/goLDAPUserImport/process_data.go:23 +0x1c1
main.main()
/Users/TrevorK/development/GoLang/src/github.com/hornbill/goLDAPUserImport/main.go:83 +0x357Looking at the error it looks like GoLang is the flavor of Regex being used? It does appear to support ?=. I have tried working around it but cant seem to get the desired results (tried using (.+)(?=:) for dept & (?<=:)(.+) for sub-dept)
Can anyone assist?
Many thanks
Chris
Auto Update Certificates
in System Administration
Posted
Yes, it's the same Entity Id, HTTP-Redirect, HTTP-Post address just each apps metadata has a different signing cert.
We can import from the metadata URL one of the apps (e.g. user) and that will bring in its signing cert however, the signing certs for the other apps needs to be uploaded manually.
Thanks
Chris