Skip to Content.
Sympa Menu

grouper-users - RE: [grouper-users] LDAP source unavailable

Subject: Grouper Users - Open Discussion List

List archive

RE: [grouper-users] LDAP source unavailable

Chronological Thread 
  • From: Chris Hyzer <>
  • To: Baron Fujimoto <>, "" <>
  • Subject: RE: [grouper-users] LDAP source unavailable
  • Date: Thu, 9 Aug 2012 00:39:28 +0000
  • Accept-language: en-US

Right, it is vt-ldap now, so maybe things like that are a little different...
sorry. Though it seems like the new behavior is better security :)


on behalf of Baron Fujimoto
Sent: Wednesday, August 08, 2012 4:21 PM

Subject: Re: [grouper-users] LDAP source unavailable

Sorry, closer examination of the grouper_error.log revealed the problem:
hostname didn't match the hostname in the ldap server's SSL certificate.
Mea culpa :(

It seems that the same configuration for the 2.0.0 instance does not throw
the though.

Baron Fujimoto
:: UH Information Technology Services
minutas cantorum, minutas balorum, minutas carboratum desendus pantorum

On Wed, Aug 08, 2012 at 03:48:46AM +0000, Chris Hyzer wrote:
: Can you start GSH, and do a subject search, and send the entire log along
(or just to me if you like). Also send a sanitized version of your
sources.xml. The ldap source should now use vt-ldap so it is a little
different, but it should work :)
: Thanks,
: Chris
: ________________________________________
: From: Baron Fujimoto
: Sent: Tuesday, August 07, 2012 8:41 PM
: To:

: Subject: [grouper-users] LDAP source unavailable
: I've been trying to upgrade from 2.0.0 to 2.1.1, but am encountering the
: following error when I invoke gsh:
: [main] ERROR SubjectCheckConfig.checkConfig(117) - - error with subject
source id: test LDAP, name: LDAP test, problem with getSubject by id, in
sources.xml: search searchSubject:
: edu.internet2.middleware.subject.SourceUnavailableException: Ldap
Exception: Pool is empty and object creation failed
: As far as I tell, all of the LDAP credential related items are the
: same in both sources.xml. Our LDAP logs show the LDAP bind for 2.0.0,
: but nothing for 2.1.1.
: There are other differences between the source.xml files, but it appears
: that the only ones not in id=gsa and id=grouperEntities where you are
: "It is recommended that you **not** change the default values for this
: adapter" appear to be related to limiting the number of results per page and
: for inclause related stuff.
: Any ideas?

Archive powered by MHonArc 2.6.16.

Top of Page