neilhsfc Posted June 16, 2016 Posted June 16, 2016 Hi, Getting this error using the conf.json for the LDAP_User_Import tool. Someone please help, not too sure why it is throwing this error? 2016/06/14 15:10:36 [DEBUG] ---- XMLMC LDAP Import Utility V2.0.3 ---- 2016/06/14 15:10:36 [DEBUG] Flag - Config File conf.json 2016/06/14 15:10:36 [DEBUG] Flag - Zone eur 2016/06/14 15:10:36 [DEBUG] Flag - Dry Run true 2016/06/14 15:10:36 [DEBUG] Flag - Workers 1 2016/06/14 15:10:36 [DEBUG] Loading Config File: C:\ldap_user_import_win_x64_v2_0_3/conf.json 2016/06/14 15:10:36 [ERROR] Error Decoding Configuration File: invalid character 'F' looking for beginning of value 2016/06/14 15:10:36 [ERROR] API Key is not set 2016/06/14 15:10:36 [ERROR] Please Check your Configuration File: conf.json Many thanks!
samwoo Posted June 16, 2016 Posted June 16, 2016 Hey Neil, I've had issues in the past but rectified with the great help from Hornbill's TrevorKillick. Post your Conf here (but hide any personal information) then we can see in more detail on what it could be. Thanks, Samuel 1
Martyn Houghton Posted June 16, 2016 Posted June 16, 2016 Neil As per Samuel comment, suspect it is a missing double quote, comma or closing bracket in the json file. It would be worth editing the file in a intelligent editor such as Notepad++ which will make it easier to see the structure of the file. Cheers Martyn
samwoo Posted June 16, 2016 Posted June 16, 2016 Hello, Looking at the log you posted again, i can also see that the API Key has not been set. Whatever user you have assigned in the Conf file would need an API Key created against it Administration -> System -> Organisational Data -> Users -> "Search for User" -> API Keys -> "Create API Key" Then copy the API Key and paste it in the relevant place in the Conf. And yes as Martyn has mention with regards to the message : "invalid character 'F'....." there could be a typo somewhere with missing characters or even an extra character. Thanks, Samuel
neilhsfc Posted June 16, 2016 Author Posted June 16, 2016 Thanks for this guys. Still throws the error about the 'F', do I need to put false in quotes? Now stuck again, I don't think I was using the correct user to authenticate, but I am only allowed to have the user I have used as a "basic user" it won't allow me to change the type from "Basic" It will not let me assign higher roles to that specific user to use elevated rights. Here is my conf file: "APIKey": "the one i create for the user: installer", "InstanceId": "hsfc", "UpdateUserType":false, "UserRoleAction":"Create", "LDAPServerConf": { "Server": "FQDN of Domain Controller", "UserName": "installer", "Password": "i'm not that stupid", "Port": 389, "ConnectionType": "", "InsecureSkipVerify":false, "Scope": 1, "DerefAliases": 1, "SizeLimit": 0, "TimeLimit": 0, "TypesOnly":false, "Filter": "(objectClass=user)", "DSN": "OU=Roaming_Users,OU=Users,OU=Roaming_Profile_Users,OU=NetFlow,DC=havering-sfc,DC=local", "Debug":false }, "UserMapping":{ "UserId":"[sAMAccountName]", "UserType":"basic", "Name":"[cn]", "Password":"", "FirstName":"[givenName]", "LastName":"[sn]", "JobTitle":"", "Site":"", "Phone":"telephoneNumber", "Email":"[mail]", "Mobile":"", "AbsenceMessage":"", "TimeZone":"", "Language":"", "DateTimeFormat":"", "DateFormat":"", "TimeFormat":"", "CurrencySymbol":"", "CountryCode":"" }, "UserAccountStatus":{ "Action":"Update", "Enabled":false, "Status":"active" }, "UserProfileMapping":{ "MiddleName":"", "JobDescription":"", "Manager":"", "WorkPhone":"", "Qualifications":"", "Interests":"", "Expertise":"", "Gender":"", "Dob":"", "Nationality":"", "Religion":"", "HomeTelephone":"", "SocialNetworkA":"", "SocialNetworkB":"", "SocialNetworkC":"", "SocialNetworkD":"", "SocialNetworkE":"", "SocialNetworkF":"", "SocialNetworkG":"", "SocialNetworkH":"", "PersonalInterests":"", "homeAddress":"", "PersonalBlog":"", "Attrib1":"1", "Attrib2":"2", "Attrib3":"3", "Attrib4":"4", "Attrib5":"5", "Attrib6":"6", "Attrib7":"7", "Attrib8":"8" }, "UserManagerMapping":{ "Action":"Create", "Enabled":False, "Attribute":"[manager]", "GetIDFromName":true, "Regex":"CN=(.*?)(?:,[A-Z]+=|$)", "Reverse":true }, "LDAPAttributes":[ "cn", "sn", "telephoneNumber", "mobile", "sAMAccountName", "userPrincipalName", "givenName", "description", "department", "manager" ], "Roles":[ "Basic User Role", "Self Service Role" ], "SiteLookup":{ "Action":"Both", "Enabled": false, "Attribute":"" }, "OrgLookup":{ "Action":"Both", "Enabled":false, "Attribute":"[department]", "Type":2, "Membership":"member", "TasksView":false, "TasksAction":false } }
samwoo Posted June 16, 2016 Posted June 16, 2016 Try this conf (i used the details you have provided except for where you see it highlighted): Quote { "APIKey": "TO UPDATE FROM A DEFAULT USER IN HORNBILL", "InstanceId": "YOUR INSTANCE SAME AS THE ONE IN YOUR HORNBILL LINK", "UpdateUserType": false, "UserRoleAction": "Both", "LDAPServerConf": { "Server": "YOUR AD SERVER", "UserName": "YOUR AD USERNAME", "Password": "YOUR AD PASSWORD", "Port": YOUR AD PORT, "ConnectionType": "", "InsecureSkipVerify": false, "Scope": 1, "DerefAliases": 1, "SizeLimit": 0, "TimeLimit": 0, "TypesOnly": false, "Filter": "(objectClass=user)", "DSN": "YOUR AD DSN", "Debug": false }, "UserMapping":{ "UserId":"[sAMAccountName]", "UserType":"basic", "Name":"[cn]", "Password":"", "FirstName":"[givenName]", "LastName":"[sn]", "JobTitle":"[title]", "Site":"", "Phone":"[telephoneNumber]", "Email":"[mail]", "Mobile":"[mobile]", "AbsenceMessage":"", "TimeZone":"", "Language":"", "DateTimeFormat":"", "DateFormat":"", "TimeFormat":"", "CurrencySymbol":"", "CountryCode":"" }, "UserAccountStatus":{ "Action":"Update", "Enabled": false, "Status":"active" }, "UserProfileMapping":{ "MiddleName":"", "JobDescription":"", "Manager":"", "WorkPhone":"", "Qualifications":"", "Interests":"", "Expertise":"", "Gender":"", "Dob":"", "Nationality":"", "Religion":"", "HomeTelephone":"", "SocialNetworkA":"", "SocialNetworkB":"", "SocialNetworkC":"", "SocialNetworkD":"", "SocialNetworkE":"", "SocialNetworkF":"", "SocialNetworkG":"", "SocialNetworkH":"", "PersonalInterests":"", "homeAddress":"", "PersonalBlog":"", "Attrib1":"", "Attrib2":"", "Attrib3":"", "Attrib4":"", "Attrib5":"", "Attrib6":"", "Attrib7":"", "Attrib8":"" }, "UserManagerMapping":{ "Action":"Both", "Enabled":true, "Attribute":"[manager]", "GetIDFromName":true, "Regex":"CN=(.*?)(?:,[A-Z]+=|$)", "Reverse":true }, "LDAPAttributes":[ "cn", "sn", "sAMAccountName", "userPrincipalName", "givenName", "description", "manager", "mail", "mobile", "telephonenumber", "mobile", "title" ], "Roles":[ "Self Service User", "Basic User Role" ], "SiteLookup":{ "Action":"Both", "Enabled": false, "Attribute":"" }, "OrgLookup":{ "Action":"Both", "Enabled":false, "Attribute":"[sAMAccountName]", "Type":2, "Membership":"member", "TasksView":false, "TasksAction":false } }
neilhsfc Posted June 16, 2016 Author Posted June 16, 2016 Ok, it appears you need to put false in quotes "". Still getting this in the command prompt though: [DEBUG] Flag - Dry Run true [ERROR] Error Decoding Configuration File: json: cannot unmarshal string into Go value of type bool [DEBUG] Instance Endpoint https://eurapi.hornbill.com/hsfc/xmlmc/ [ERROR] Unable to write to log Unable to load the user security session [DEBUG] Attempting Connection to LDAP...
neilhsfc Posted June 16, 2016 Author Posted June 16, 2016 Thanks for the (much needed) help! OK, slightly more success now, but have got this error now. C:\ldap_user_import_win_x64_v2_0_3>ldap_user_import.exe [DEBUG] ---- XMLMC LDAP Import Utility V2.0.3 ---- [DEBUG] Flag - Config File conf.json [DEBUG] Flag - Zone eur [DEBUG] Flag - Dry Run false [DEBUG] Instance Endpoint https://eurapi.hornbill.com/hsfc/xmlmc/ [ERROR] Unable to write to log Unable to load the user security session [DEBUG] Attempting Connection to LDAP... Server: DOMAIN CONTROLLER NAME Port: 389 Type: Skip Verify: false Debug: false [DEBUG] LDAP Results: 10 10 / 10 [========================================================] 100.00 % 22s Processing Complete! [ERROR] Error encountered please check the log file [ERROR] Error Count: 10 [DEBUG] Updated: 0 [DEBUG] Updated Skipped: 0 [DEBUG] Created: 0 [DEBUG] Created Skipped: 0 [DEBUG] Profiles Updated: 0 [DEBUG] Profiles Skipped: 0 [DEBUG] Time Taken: 24.4214657s [ERROR] Unable to write to log Unable to load the user security session [ERROR] Unable to write to log Unable to load the user security session [ERROR] Unable to write to log Unable to load the user security session [ERROR] Unable to write to log Unable to load the user security session [ERROR] Unable to write to log Unable to load the user security session [ERROR] Unable to write to log Unable to load the user security session [ERROR] Unable to write to log Unable to load the user security session [ERROR] Unable to write to log Unable to load the user security session [ERROR] Unable to write to log Unable to load the user security session [DEBUG] ---- XMLMC LDAP Import Complete ---- C:\ldap_user_import_win_x64_v2_0_3>
samwoo Posted June 16, 2016 Posted June 16, 2016 No problem Ok, if you go into the log folder next to the LDAP_Import tool, what does the latest log file show?
Martyn Houghton Posted June 16, 2016 Posted June 16, 2016 Neil I suspect the user you are logging into the instance as, does not have sufficient permissions. Are you able to try it with the full rights system admin user that Hornbill setup with your instance originally? Cheers Martyn 2
neilhsfc Posted June 16, 2016 Author Posted June 16, 2016 Thanks Sam and Martyn, I will take a look at these in the morning. I suspect that it will be the user I am using to authenticate. 1
neilhsfc Posted June 17, 2016 Author Posted June 17, 2016 Hi Guys, hopfully you can help? It appears that the ldap_user_import tool is not creating the users or updating them. Could you take a look at the log and let me know what is going on? It looks like 2016/06/17 08:39:42 [ERROR] Unable to Create User: Unable to load the user security session is the issue. Thanks! 2016/06/17 09:39:39 [DEBUG] ---- XMLMC LDAP Import Utility V2.0.3 ---- 2016/06/17 09:39:39 [DEBUG] Flag - Config File conf.json 2016/06/17 09:39:39 [DEBUG] Flag - Zone eur 2016/06/17 09:39:39 [DEBUG] Flag - Dry Run false 2016/06/17 09:39:39 [DEBUG] Flag - Workers 1 2016/06/17 09:39:39 [DEBUG] Loading Config File: C:\ldap_user_import_win_x64_v2_0_3/conf.json 2016/06/17 09:39:39 [DEBUG] Instance Endpoint https://eurapi.hornbill.com/hsfc/xmlmc/ 2016/06/17 09:39:40 [ERROR] Unable to write to log Unable to load the user security session 2016/06/17 09:39:40 [DEBUG] Attempting Connection to LDAP... Server: hsfc-dcpm01 Port: 389 Type: Skip Verify: false Debug: false 2016/06/17 09:39:40 [DEBUG] Creating LDAP Connection 2016/06/17 09:39:40 [DEBUG] LDAP Search Query {Server:hsfc-dcpm01 UserName:REMOVED Password:REMOVED Port:389 ConnectionType: InsecureSkipVerify:false Scope:1 DerefAliases:1 SizeLimit:0 TimeLimit:0 TypesOnly:false Filter:(objectClass=user) DSN:OU=Roaming_Users,OU=Users,OU=Roaming_Profile_Users,OU=NetFlow,DC=havering-sfc,DC=local Debug:false} ---- 2016/06/17 09:39:40 [DEBUG] LDAP Results: 10 2016/06/17 09:39:40 [DEBUG] Processing Users 2016/06/17 09:39:42 2016/06/17 08:39:40 [DEBUG] Buffer For Job: 1 - Worker: 1 - User: _roaming_users 2016/06/17 08:39:41 [ERROR] Unable to Search For User: Unable to load the user security session 2016/06/17 08:39:41 [DEBUG] Create User: _roaming_users 2016/06/17 08:39:41 [DEBUG] password 2016/06/17 08:39:41 [DEBUG] Auto Generated Password for: _Roaming_Users - JBbpxcxBHh 2016/06/17 08:39:41 [ERROR] Unable to Load LDAP Attribute: givenName For Input Param: [givenName] 2016/06/17 08:39:41 [ERROR] Unable to Load LDAP Attribute: sn For Input Param: [sn] 2016/06/17 08:39:41 [ERROR] Unable to Load LDAP Attribute: title For Input Param: [title] 2016/06/17 08:39:41 [ERROR] Unable to Load LDAP Attribute: telephoneNumber For Input Param: [telephoneNumber] 2016/06/17 08:39:41 [ERROR] Unable to Load LDAP Attribute: mail For Input Param: [mail] 2016/06/17 08:39:42 [ERROR] Unable to Create User: Unable to load the user security session 2016/06/17 09:39:44 2016/06/17 08:39:42 [DEBUG] Buffer For Job: 2 - Worker: 1 - User: aja 2016/06/17 08:39:43 [ERROR] Unable to Search For User: Unable to load the user security session 2016/06/17 08:39:43 [DEBUG] Create User: aja 2016/06/17 08:39:43 [DEBUG] password 2016/06/17 08:39:43 [DEBUG] Auto Generated Password for: AJA - sbDmXrifiE 2016/06/17 08:39:44 [ERROR] Unable to Create User: Unable to load the user security session 2016/06/17 09:39:46 2016/06/17 08:39:44 [DEBUG] Buffer For Job: 3 - Worker: 1 - User: emg 2016/06/17 08:39:45 [ERROR] Unable to Search For User: Unable to load the user security session 2016/06/17 08:39:45 [DEBUG] Create User: emg 2016/06/17 08:39:45 [DEBUG] password 2016/06/17 08:39:45 [DEBUG] Auto Generated Password for: EMG - DlrYLmoYzM 2016/06/17 08:39:45 [ERROR] Unable to Load LDAP Attribute: telephoneNumber For Input Param: [telephoneNumber] 2016/06/17 08:39:46 [ERROR] Unable to Create User: Unable to load the user security session 2016/06/17 09:39:48 2016/06/17 08:39:46 [DEBUG] Buffer For Job: 4 - Worker: 1 - User: gmm 2016/06/17 08:39:47 [ERROR] Unable to Search For User: Unable to load the user security session 2016/06/17 08:39:47 [DEBUG] Create User: gmm 2016/06/17 08:39:47 [DEBUG] password 2016/06/17 08:39:47 [DEBUG] Auto Generated Password for: GMM - LELQgIkhzN 2016/06/17 08:39:48 [ERROR] Unable to Create User: Unable to load the user security session 2016/06/17 09:39:50 2016/06/17 08:39:48 [DEBUG] Buffer For Job: 5 - Worker: 1 - User: jih 2016/06/17 08:39:49 [ERROR] Unable to Search For User: Unable to load the user security session 2016/06/17 08:39:49 [DEBUG] Create User: jih 2016/06/17 08:39:49 [DEBUG] password 2016/06/17 08:39:49 [DEBUG] Auto Generated Password for: JIH - MOSKhGHCVZ 2016/06/17 08:39:49 [ERROR] Unable to Load LDAP Attribute: title For Input Param: [title] 2016/06/17 08:39:49 [ERROR] Unable to Load LDAP Attribute: telephoneNumber For Input Param: [telephoneNumber] 2016/06/17 08:39:50 [ERROR] Unable to Create User: Unable to load the user security session 2016/06/17 09:39:52 2016/06/17 08:39:50 [DEBUG] Buffer For Job: 6 - Worker: 1 - User: jtm 2016/06/17 08:39:51 [ERROR] Unable to Search For User: Unable to load the user security session 2016/06/17 08:39:51 [DEBUG] Create User: jtm 2016/06/17 08:39:51 [DEBUG] password 2016/06/17 08:39:51 [DEBUG] Auto Generated Password for: JTM - ykWfHSwUEM 2016/06/17 08:39:52 [ERROR] Unable to Create User: Unable to load the user security session 2016/06/17 09:39:54 2016/06/17 08:39:52 [DEBUG] Buffer For Job: 7 - Worker: 1 - User: pcc 2016/06/17 08:39:53 [ERROR] Unable to Search For User: Unable to load the user security session 2016/06/17 08:39:53 [DEBUG] Create User: pcc 2016/06/17 08:39:53 [DEBUG] password 2016/06/17 08:39:53 [DEBUG] Auto Generated Password for: PCC - EvyVvRfCDH 2016/06/17 08:39:54 [ERROR] Unable to Create User: Unable to load the user security session 2016/06/17 09:39:55 2016/06/17 08:39:54 [DEBUG] Buffer For Job: 8 - Worker: 1 - User: pec 2016/06/17 08:39:54 [ERROR] Unable to Search For User: Unable to load the user security session 2016/06/17 08:39:54 [DEBUG] Create User: pec 2016/06/17 08:39:54 [DEBUG] password 2016/06/17 08:39:54 [DEBUG] Auto Generated Password for: PEC - RPOfhAruXS 2016/06/17 08:39:55 [ERROR] Unable to Create User: Unable to load the user security session 2016/06/17 09:39:57 2016/06/17 08:39:55 [DEBUG] Buffer For Job: 9 - Worker: 1 - User: rao 2016/06/17 08:39:56 [ERROR] Unable to Search For User: Unable to load the user security session 2016/06/17 08:39:56 [DEBUG] Create User: rao 2016/06/17 08:39:56 [DEBUG] password 2016/06/17 08:39:56 [DEBUG] Auto Generated Password for: RAO - spWRwsOyIh 2016/06/17 08:39:57 [ERROR] Unable to Create User: Unable to load the user security session 2016/06/17 09:39:59 2016/06/17 08:39:57 [DEBUG] Buffer For Job: 10 - Worker: 1 - User: roaming 2016/06/17 08:39:58 [ERROR] Unable to Search For User: Unable to load the user security session 2016/06/17 08:39:58 [DEBUG] Create User: roaming 2016/06/17 08:39:58 [DEBUG] password 2016/06/17 08:39:58 [DEBUG] Auto Generated Password for: roaming - eEQRqPJrIG 2016/06/17 08:39:58 [ERROR] Unable to Load LDAP Attribute: title For Input Param: [title] 2016/06/17 08:39:58 [ERROR] Unable to Load LDAP Attribute: telephoneNumber For Input Param: [telephoneNumber] 2016/06/17 08:39:58 [ERROR] Unable to Load LDAP Attribute: mail For Input Param: [mail] 2016/06/17 08:39:59 [ERROR] Unable to Create User: Unable to load the user security session 2016/06/17 09:39:59 [ERROR] Error encountered please check the log file 2016/06/17 09:39:59 [ERROR] Error Count: 10 2016/06/17 09:39:59 [DEBUG] Updated: 0 2016/06/17 09:39:59 [DEBUG] Updated Skipped: 0 2016/06/17 09:39:59 [DEBUG] Created: 0 2016/06/17 09:39:59 [DEBUG] Created Skipped: 0 2016/06/17 09:39:59 [DEBUG] Profiles Updated: 0 2016/06/17 09:39:59 [DEBUG] Profiles Skipped: 0 2016/06/17 09:39:59 [DEBUG] Time Taken: 20.6560181s 2016/06/17 09:40:00 [ERROR] Unable to write to log Unable to load the user security session 2016/06/17 09:40:01 [ERROR] Unable to write to log Unable to load the user security session 2016/06/17 09:40:02 [ERROR] Unable to write to log Unable to load the user security session 2016/06/17 09:40:03 [ERROR] Unable to write to log Unable to load the user security session 2016/06/17 09:40:04 [ERROR] Unable to write to log Unable to load the user security session 2016/06/17 09:40:05 [ERROR] Unable to write to log Unable to load the user security session 2016/06/17 09:40:06 [ERROR] Unable to write to log Unable to load the user security session 2016/06/17 09:40:07 [ERROR] Unable to write to log Unable to load the user security session 2016/06/17 09:40:08 [ERROR] Unable to write to log Unable to load the user security session 2016/06/17 09:40:08 [DEBUG] ---- XMLMC LDAP Import Complete ----
Martyn Houghton Posted June 17, 2016 Posted June 17, 2016 Neil Still think it appears to be be a permission issue wit the user you are logging into your instance as through the LDAP Import tool. If you log into Hornbill using the credentials you have in the conf file, are you able to create a user manually through the Administration UI? Cheers Martyn
Steve Giller Posted June 17, 2016 Posted June 17, 2016 37 minutes ago, neilhsfc said: 2016/06/17 08:39:41 [ERROR] Unable to Search For User: Unable to load the user security session 37 minutes ago, neilhsfc said: 2016/06/17 09:39:40 [ERROR] Unable to write to log Unable to load the user security session Both of these seem to verify that it's insufficient permissions (or a non-existent user!).
Martyn Houghton Posted June 17, 2016 Posted June 17, 2016 Neil Just to confirm that it is indeed permission and not the LDAP conf, I would give the user the 'Super User Role' as a temporary test, to see if the import is then successful in creating the users. At the moment the wiki just says ' A Valid API Assigned to a user with enough rights to process the import', so perhaps Hornbill can provide some more detailed definition of what exact permissions/roles are required. Cheers Martyn
neilhsfc Posted June 17, 2016 Author Posted June 17, 2016 Thanks for that Martyn and DeadMeat! Yay another error! "you cannot assign a role that has a privilege level of 'admin' to a basic user account. " I cannot change this users account off of basic, something to do with number of licensed users.
Martyn Houghton Posted June 17, 2016 Posted June 17, 2016 Neil I think this is the root cause of your issue, the user you have been given to use does not have sufficient permission to undertake the change your own permission, let alone setup other accounts. The user account for the LDAP insert will need to be type User, you can change this at the top of the user screen under basic information and if not already give the user the permission to setup users. It is not possible for the 'basic' user type to be used by the LDAP Import tool, as it will never have sufficient permissions. Cheers Martyn
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now