This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Log in to ask a question

LDAP Error Deploying Revision 1 to myEnv Invalid external ldap reference ldap_AD_QA.

Posted on 03-14-2019 01:05 PM
markruscitto
Bronze 2
Bronze 2
Reply posted on --/--/---- --:-- AM

Hi:

When I try to deploy a shared flow with the below ldap policy config I receive the error in the subject:

Policy config:

<Ldap async="false" continueOnError="false" enabled="true" name="LDAP-GetGroups">
  <DisplayName>LDAP-GetGroups</DisplayName>
  <LdapResource>ldap_AD_QA</LdapResource>
  <Search> 
    <BaseDN>ou=users,ou=internal,ou=enterprise,ou=org,dc=prudentialqa,dc=com</BaseDN> 
    <SearchQuery>(&(objectClass=user)(mail={emailAddress}))</SearchQuery>
    <Attributes> 
      <Attribute>memberOf</Attribute>
      <Attribute>uid</Attribute>
    </Attributes> 
    <Scope>subtree</Scope>
  </Search> 
</Ldap>

I've created ldap resource:see the request and response below(Please note this is the second external ldap resource we are creating, we have an existing one that connects to a different repository)

request:

<LdapResource name="ldap_AD_QA"> 
  <Connection> 
    <Hosts>
      <Host port="636">adssl.mydomainqa.com</Host>
    </Hosts> 
    <SSLEnabled>true</SSLEnabled> 
    <Version>3</Version> 
    <Authentication>simple</Authentication> 
    <ConnectionProvider>unboundid</ConnectionProvider> 
    <ServerSetType>round robin</ServerSetType> 
  </Connection> 
  <ConnectPool enabled="true"> 
    <Timeout>10000</Timeout> 
    <Maxsize>50</Maxsize> 
    <Prefsize>30</Prefsize> 
    <Initsize></Initsize> 
    <Protocol></Protocol> 
  </ConnectPool> 
  <Admin> 
    <DN>uid=mydomain\GBTS-Q-APITAMWS,dc=mydomainqa,dc=com</DN> 
    <Password>1mypass</Password> 
  </Admin> 
</LdapResource>

response:

{
    "admin": {
        "dN": "uid=mydomain\GBTS-Q-APITAMWS,dc=mydomainqa,dc=com",
        "password": "1mypass"
    },
    "connectPool": {
        "enabled": true,
        "initsize": 0,
        "maxsize": 50,
        "prefsize": 30,
        "protocol": "",
        "timeout": 10000
    },
    "connection": {
        "authentication": "simple",
        "connectionProvider": "unboundid",
        "hosts": [
            {
                "port": 636,
                "value": "adssl.mydomainqa.com"
            }
        ],
        "sSLEnabled": true,
        "serverSetType": "round robin",
        "version": 3
    },
    "name": "ldap_AD_QA"
}

Thanks for your help.

Mark

0 4 196
Topic Labels
0 Likes
4 REPLIES 4

Posted on --/--/---- --:-- AM
markruscitto
Bronze 2
Bronze 2
Reply posted on --/--/---- --:-- AM

this was user error..I created the resource in the wrong env.

Posted on --/--/---- --:-- AM
psbindra-usa
New Member
In response to markruscitto
Reply posted on --/--/---- --:-- AM

Hi Mark,

I am facing the same issue. Need your help to fix this.
I have ldap repository created on one of the ldap server:
curl -X POST -H "Content-Type: application/xml" \

  http://10.194.22.123:8080/v1/organizations/opdk/environments/test/ldapresources \
  -u x_admin@xx.com:password -d \
  '<LdapResource name="ldap1">
    <Connection>
      <Hosts>
        <Host>10.194.22.99</Host>
      </Hosts>
      <SSLEnabled>false</SSLEnabled>
      <Version>3</Version>
      <Authentication>simple</Authentication>
      <ConnectionProvider>unboundid</ConnectionProvider>
      <ServerSetType>round robin</ServerSetType>
    </Connection>
    <ConnectPool enabled="true">
      <Timeout>30000</Timeout>
      <Maxsize>50</Maxsize>
      <Prefsize>30</Prefsize>
      <Initsize></Initsize>
      <Protocol></Protocol>
    </ConnectPool>
    <Admin>
      <DN>cn=ldap-apigeeAdmin,ou=users,o=ude-api-catalog,dc=exc,dc=xx,dc=com</DN>
      <Password>password</Password>
    </Admin>
  </LdapResource>'

I am getting message "Error Deploying Revision 12 to test.Invalid external ldap reference ."

Here is my ldap policy:
<Ldap async="false" continueOnError="false" enabled="true" name="LDAP-Validation">
    <DisplayName>LDAP-Validation</DisplayName>
    <LdapResource name="ldap1" />
     <Authentication>
        <UserName ref="request.header.username"/>
        <Password ref="request.header.password"/>
        <Scope>subtree</Scope>
        <BaseDN>ou=users,o=ude-api-catalog,dc=exc,dc=xx,dc=com</BaseDN>
    </Authentication>
    <Search>
        <BaseDN>ou=users,o=ude-api-catalog,dc=exc,dc=xx,dc=com</BaseDN>
        <SearchQuery>mail={request.header.mail}</SearchQuery>
        <Attributes>
            <Attribute>myAttribute</Attribute>
        </Attributes>
        <Scope>subtree</Scope>
    </Search>
</Ldap>

checked Audit logs and get the following message:
Update revision 12 of API proxy Python-Web-Service_rev6_2020_10_12
a few seconds ago
admin admin
200

Operation UPDATE
Time Oct 13, 2020 6:44 PM
Request URI /v1/organizations/opdk/apis/Python-Web-Service_rev6_2020_10_12/revisions/12?validate=true 
User admin admin
Response Code 200

Request Body''opdk''

Please help me deploying this proxy to test environment

Thanks,
Best,
Param
0 Likes

Posted on --/--/---- --:-- AM
dchiesa1
Staff
In response to markruscitto
Reply posted on --/--/---- --:-- AM

Came here to suggest that! Glad you sorted it out.

0 Likes

Posted on --/--/---- --:-- AM
Not applicable
Reply posted on --/--/---- --:-- AM

you have to create LDAP resources in the environment, have to add the jar files in all the MPs and restart them.

ref: https://docs.apigee.com/api-platform/reference/policies/ldap-policy

0 Likes