我正在尝试在 PingFederate 7.2.0 中配置出站配置。当我尝试使用 provmgr.bat 从 Active Directory 获取用户时,它失败了。在我的屏幕上显示以下输出 -
D:\pingfederate-7.2.0\pingfederate\bin>provmgr.bat -c 2 --show-user -g 1cbc1a1f4a3a4431b8ada8454ee77857
User not found in internal database.
User not found in LDAP!
provmgr.log 说
DEBUG main org.springframework.ldap.core.support.AbstractContextSource - Not using LDAP pooling
DEBUG main org.springframework.ldap.core.support.AbstractContextSource - Trying provider Urls: ldaps://10.242.169.171
DEBUG main org.springframework.ldap.core.support.AbstractContextSource - AuthenticationSource not set - using default implementation
DEBUG main org.springframework.ldap.core.support.AbstractContextSource - Not using LDAP pooling
DEBUG main org.springframework.ldap.core.support.AbstractContextSource - Trying provider Urls: ldaps://10.242.169.171
DEBUG main com.pingidentity.configservice.impl.ConfigStoreImpl - Loading config file: D:\pingfederate-7.2.0\pingfederate\server\default\data\config-store\com.pingidentity.provisioner.directory.spring.PagingLdapTemplate.xml
DEBUG main com.pingidentity.provisioner.directory.spring.PagingLdapTemplate - Page size: 500
DEBUG main com.pingidentity.provisioner.directory.spring.PagingLdapTemplate - VLV sort key:cn
DEBUG main com.pingidentity.provisioner.directory.spring.PagingLdapTemplate - Paging algorithm: auto
INFO main com.pingidentity.provisioner.mapping.IdentityMapper - Empty field, ignoring.
INFO main com.pingidentity.provisioner.mapping.IdentityMapper - Empty field, ignoring.
INFO main com.pingidentity.provisioner.mapping.IdentityMapper - Empty field, ignoring.
INFO main com.pingidentity.provisioner.mapping.IdentityMapper - Empty field, ignoring.
INFO main com.pingidentity.provisioner.mapping.IdentityMapper - Empty field, ignoring.
INFO main com.pingidentity.provisioner.mapping.IdentityMapper - Empty field, ignoring.
INFO main com.pingidentity.provisioner.mapping.IdentityMapper - Empty field, ignoring.
INFO main com.pingidentity.provisioner.mapping.IdentityMapper - Empty field, ignoring.
INFO main com.pingidentity.provisioner.mapping.IdentityMapper - Empty field, ignoring.
INFO main com.pingidentity.provisioner.mapping.IdentityMapper - Empty field, ignoring.
INFO main com.pingidentity.provisioner.mapping.IdentityMapper - Empty field, ignoring.
INFO main com.pingidentity.provisioner.mapping.IdentityMapper - Empty field, ignoring.
INFO main com.pingidentity.provisioner.mapping.IdentityMapper - Empty field, ignoring.
INFO main com.pingidentity.provisioner.mapping.IdentityMapper - Empty field, ignoring.
INFO main com.pingidentity.provisioner.mapping.IdentityMapper - Empty field, ignoring.
INFO main com.pingidentity.provisioner.mapping.IdentityMapper - Empty field, ignoring.
INFO main com.pingidentity.provisioner.mapping.IdentityMapper - Empty field, ignoring.
INFO main com.pingidentity.provisioner.mapping.IdentityMapper - Empty field, ignoring.
DEBUG main org.springframework.ldap.pool.factory.DirContextPoolableObjectFactory - Creating a new READ_ONLY DirContext
DEBUG main org.springframework.ldap.core.support.AbstractContextSource - Got Ldap context on server 'ldaps://10.242.169.171'
DEBUG main org.springframework.ldap.pool.factory.DirContextPoolableObjectFactory - Created new READ_ONLY DirContext='javax.naming.ldap.InitialLdapContext@147890f'
DEBUG main org.springframework.ldap.pool.validation.DefaultDirContextValidator - DirContext 'javax.naming.ldap.InitialLdapContext@147890f' passed validation.
正如它所说,它能够创建一个 DirContext 我认为与 Active Directory 的连接正在工作。我已经三次检查了基本 DN 和其他参数。这些都很好。谁能告诉我这里有什么问题?