Compartilhar via


Dealing with OpenLDAP XMA 1.1: Template Bugs and Quick Fix

I was not able to find much guidance out there about the issues I found when attempting to use this great XMA, so I decided to write this post in case others find it useful.

After installing OpenLDAP XMA (https://openldap-xma.sourceforge.net) MSI package, you will find a new MA available in ILM list of MAs, called “OpenLDAP XMA”. When creating the MA to connect to your LDAP directory, you have to input the connection information: server, port, user and password. After that, you will find the “Configure Additional Parameters” dialog and the first issues with it.

image

The XMA template (%ProgramFiles%\Microsoft Identity Integration Server\UIShell\XMLs\PackagedMAs\OLXMAPackage.xml) contains a few bugs that make the MA fail with “stopped-extensible-extension-error” errors:

  • SASL. The source code does not treat this parameter at all, so having it makes the MA fail to run. This parameter is not mentioned in the Configuration Guide. As this is a parameter built into the XMA template, the “Remove” button is grayed-out (See notes about SASL support at https://blogs.msdn.com/adamw/archive/2007/06/27/openldap-milestone-1-release-scheduled-for-6-29-07.aspx).
  • namingContext. This parameter should be called namingContexts. This parameter is properly documented in the Configuration Guide.
  • pagedSearch. It says “true” as default value. However, treating this parameter as boolean is commented out in the code, so if you use “true” or anything other than “NONE”, “PAGING” or “TRAWLING”, will default to “NONE”, so pagedSearch=true ends up not using paged searches at all. If the directory requires using paged searches, the MA will fail. This parameter is properly documented in the Configuration Guide.

So here I have a OLXMAPackage.xml replacement that you can drop in your “%ProgramFiles%\Microsoft Identity Integration Server\UIShell\XMLs\PackagedMAs” directory overwriting the existing one. It just removes SASL parameter, fixes the typo error for namingContexts parameter and sets default pagedSearch to “PAGING”, rather than “true” .