lekshmy

I tried creating a New User through Identity Manger and got the following exception

"An internal server error occurred. Your call was not processed. Contact the site administrator for details"

This is the code and trace files.

[CsfMessaging.Operation(Name = "CreateUser_req", Action = IdentityActions.CREATEUSERREQUEST,ResponseType=typeof(bool))]

public bool CreateUser_req(IdentityData person)
{

CsfSdk.Message message = CsfSdk.Message.CreateMessage(IdentityManagerActions.CreateUserRequest, new Uri(IDENTITYMANAGER));


Microsoft.ConnectedServices.Contracts.IdentityManager.CreateUserRequest request = new Microsoft.ConnectedServices.Contracts.IdentityManager.CreateUserRequest();

request.User = new User();
request.User.UserId = person.UserID;

request.UserName = "Sample User";
request.Password = person.password;
request.OrganizationId = "CSFService";


message.SetBodyObject(request);

CsfClient.MessageSender sender = new Microsoft.ConnectedServices.Sdk.Client.MessageSender();



UsernameOverTransportAssertion assertion = new UsernameOverTransportAssertion();
assertion.UsernameTokenProvider = new UsernameTokenProvider("DOMAIN\\IDM-Service","CSFserver123$");

Policy policy = new Policy(assertion);
sender.SetPolicy(policy);

try
{

Microsoft.ConnectedServices.Contracts.IdentityManager.CreateUserResponse response = sender.SendSync<Microsoft.ConnectedServices.Contracts.IdentityManager.CreateUserResponse>(message);
string sam = response.SamAccountName;
}

catch (Exception e)
{

throw new Exception("Error creating user........Try " + e.Message);
}

return true;

}

INPUT TRACE FILE :

< xml version="1.0" encoding="utf-8" >
<log>
<inputMessage utc="6/26/2007 11:35:48 AM" messageId="urn:uuid:67bef208-ada3-41b0-8283-8f5439b5cb16">
<processingStep description="Unprocessed message">
<soap:Envelope xmlnsTongue Tiedoap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<soap:Body>
<IdentityData xmlns="http://localhost:9105/data/">
<UserID>abc@DOMAIN</UserID>
<password>password123$</password>
</IdentityData>
</soap:Body>
</soap:Envelope>
</processingStep>
<processingStep description="Entering SOAP filter Microsoft.Web.Services3.Security.Wse2PipelinePolicy+LegacyFilterWrapper" />
<processingStep description="Exited SOAP filter Microsoft.Web.Services3.Security.Wse2PipelinePolicy+LegacyFilterWrapper" />
<processingStep description="Entering SOAP filter Microsoft.Web.Services3.Security.Wse2PipelinePolicy+LegacyFilterWrapper" />
<processingStep description="Exited SOAP filter Microsoft.Web.Services3.Security.Wse2PipelinePolicy+LegacyFilterWrapper" />
<processingStep description="Processed message">
<soap:Envelope xmlnsTongue Tiedoap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<soap:Body>
<IdentityData xmlns="http://localhost:9105/data/">
<UserID>abc@DOMAIN</UserID>
<password>password123$</password>
</IdentityData>
</soap:Body>
</soap:Envelope>
</processingStep>
</inputMessage>
<inputMessage utc="6/26/2007 11:35:53 AM" messageId="urn:uuid:31da4684-b1d3-4d8d-bc77-e2aa74037093">
<processingStep description="Unprocessed message">
<env:Envelope xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:env="http://www.w3.org/2003/05/soap-envelope">
<env:Header>
<wsa:Action>http://Microsoft/ConnectedServices/2006/06/IdentityManager/Fault</wsa:Action>
<wsa:From>
<wsa:Address>http://localhost/IdentityManager30/IdentityManager.ashx</wsa:Address>
</wsa:From>
<wsa:MessageID>urn:uuid:31da4684-b1d3-4d8d-bc77-e2aa74037093</wsa:MessageID>
<wsa:RelatesTo>urn:uuid:70d5bf46-f133-46d8-8268-d520841f6bbd</wsa:RelatesTo>
<wsa:To>http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous</wsa:To>
<wsseTongue Tiedecurity>
<wsu:Timestamp wsu:Id="Timestamp-047cff3a-be84-486c-9615-628783e9dd48">
<wsu:Created>2007-06-26T11:35:53Z</wsu:Created>
<wsu:Expires>2007-06-26T11:40:53Z</wsu:Expires>
</wsu:Timestamp>
</wsseTongue Tiedecurity>
</env:Header>
<env:Body>
<env:Fault>
<env:Code>
<env:Value>envTongue Tiedender</env:Value>
<envTongue Tiedubcode>
<env:Value xmlnsStick out tonguerefix5="http://Microsoft/ConnectedServices/2006/06/IdentityManager/">prefix5:21000</env:Value>
</envTongue Tiedubcode>
</env:Code>
<env:Reason>
<env:Text xml:lang="en">An internal server error occurred. Your call was not processed. Contact the site administrator for details.</env:Text>
</env:Reason>
<env:Node>http://localhost/IdentityManager30/IdentityManager.ashx</env:Node>
</env:Fault>
</env:Body>
</env:Envelope>
</processingStep>
<processingStep description="Entering SOAP filter Microsoft.Web.Services3.Design.UsernameOverTransportAssertion+ClientInputFilter" />
<processingStep description="Exited SOAP filter Microsoft.Web.Services3.Design.UsernameOverTransportAssertion+ClientInputFilter" />
<processingStep description="Processed message">
<env:Envelope xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:env="http://www.w3.org/2003/05/soap-envelope">
<env:Header />
<env:Body>
<env:Fault>
<env:Code>
<env:Value>envTongue Tiedender</env:Value>
<envTongue Tiedubcode>
<env:Value xmlnsStick out tonguerefix5="http://Microsoft/ConnectedServices/2006/06/IdentityManager/">prefix5:21000</env:Value>
</envTongue Tiedubcode>
</env:Code>
<env:Reason>
<env:Text xml:lang="en">An internal server error occurred. Your call was not processed. Contact the site administrator for details.</env:Text>
</env:Reason>
<env:Node>http://localhost/IdentityManager30/IdentityManager.ashx</env:Node>
</env:Fault>
</env:Body>
</env:Envelope>
</processingStep>
</inputMessage>
</log>

OUTPUT TRACE:

< xml version="1.0" encoding="utf-8" >
<log>
<outputMessage utc="6/26/2007 11:35:52 AM" messageId="urn:uuid:70d5bf46-f133-46d8-8268-d520841f6bbd">
<processingStep description="Unprocessed message">
<env:Envelope xmlns:env="http://www.w3.org/2003/05/soap-envelope">
<env:Body>
<CreateUser xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://Microsoft/ConnectedServices/2006/06/IdentityManager/">
<User>
<UserId>abc@DOMAIN</UserId>
<Properties />
</User>
<UserName>Sample User</UserName>
<OrganizationId>CSFService</OrganizationId>
<Password>password123$</Password>
<GroupIds />
</CreateUser>
</env:Body>
</env:Envelope>
</processingStep>
<processingStep description="Entering SOAP filter Microsoft.Web.Services3.Design.UsernameOverTransportAssertion+ClientOutputFilter" />
<processingStep description="Exited SOAP filter Microsoft.Web.Services3.Design.UsernameOverTransportAssertion+ClientOutputFilter" />
<processingStep description="Processed message">
<env:Envelope xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:env="http://www.w3.org/2003/05/soap-envelope">
<env:Header>
<wsa:Action>http://Microsoft/ConnectedServices/2006/06/IdentityManager/CreateUser</wsa:Action>
<wsa:MessageID>urn:uuid:70d5bf46-f133-46d8-8268-d520841f6bbd</wsa:MessageID>
<wsa:ReplyTo>
<wsa:Address>http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous</wsa:Address>
</wsa:ReplyTo>
<wsa:To>http://localhost/IdentityManager30/IdentityManager.ashx</wsa:To>
<wsseTongue Tiedecurity env:mustUnderstand="true">
<wsu:Timestamp wsu:Id="Timestamp-649e977b-30e6-4ec6-b260-bc3842aa41f5">
<wsu:Created>2007-06-26T11:35:52Z</wsu:Created>
<wsu:Expires>2007-06-26T11:40:52Z</wsu:Expires>
</wsu:Timestamp>
<wsse:UsernameToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="SecurityToken-b83e46d7-ef5e-47bd-bb09-14eeb08f0c0a">
<wsse:Username>NGNDNS\IDM-Service</wsse:Username>
<wsseStick out tongueassword Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">CSFserver123$</wsseStick out tongueassword>
<wsse:Nonce>WEdSLsa+8b0QTrM4dof5NA==</wsse:Nonce>
<wsu:Created>2007-06-26T11:35:52Z</wsu:Created>
</wsse:UsernameToken>
</wsseTongue Tiedecurity>
</env:Header>
<env:Body>
<CreateUser xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://Microsoft/ConnectedServices/2006/06/IdentityManager/">
<User>
<UserId>abc@DOMAIN</UserId>
<Properties />
</User>
<UserName>Sample User</UserName>
<OrganizationId>CSFService</OrganizationId>
<Password>password123$</Password>
<GroupIds />
</CreateUser>
</env:Body>
</env:Envelope>
</processingStep>
</outputMessage>
<outputMessage utc="6/26/2007 11:35:54 AM" messageId="urn:uuid:977526e2-b1e2-479f-ab05-144e24a4b70c">
<processingStep description="Unprocessed message">
<soap:Envelope xmlnsTongue Tiedoap="http://schemas.xmlsoap.org/soap/envelope/">
<soap:Body>
<soap:Fault>
<faultcode>soapTongue Tiederver</faultcode>
<faultstring>System.Web.Services.Protocols.SoapException: Error creating user........Try An internal server error occurred. Your call was not processed. Contact the site administrator for details. ---&gt; System.Exception: Error creating user........Try An internal server error occurred. Your call was not processed. Contact the site administrator for details.
at NewUser.CreateUser_req(IdentityData person) in e:\SL47537\SL47537_NewUser\App_Code\Service.cs:line 108
--- End of inner exception stack trace ---</faultstring>
<faultactor>http://localhost:9105/SL47537_NewUser/NewUser.ashx</faultactor>
<detail />
</soap:Fault>
</soap:Body>
</soap:Envelope>
</processingStep>
<processingStep description="Entering SOAP filter Microsoft.Web.Services3.Security.Wse2PipelinePolicy+LegacyFilterWrapper" />
<processingStep description="Exited SOAP filter Microsoft.Web.Services3.Security.Wse2PipelinePolicy+LegacyFilterWrapper" />
<processingStep description="Entering SOAP filter Microsoft.Web.Services3.Security.Wse2PipelinePolicy+LegacyFilterWrapper" />
<processingStep description="Exited SOAP filter Microsoft.Web.Services3.Security.Wse2PipelinePolicy+LegacyFilterWrapper" />
<processingStep description="Processed message">
<soap:Envelope xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlnsTongue Tiedoap="http://schemas.xmlsoap.org/soap/envelope/">
<soap:Header>
<wsa:Action>http://schemas.xmlsoap.org/ws/2004/08/addressing/fault</wsa:Action>
<wsa:From>
<wsa:Address>http://localhost:9105/SL47537_NewUser/NewUser.ashx</wsa:Address>
</wsa:From>
<wsa:MessageID>urn:uuid:977526e2-b1e2-479f-ab05-144e24a4b70c</wsa:MessageID>
<wsa:RelatesTo>urn:uuid:67bef208-ada3-41b0-8283-8f5439b5cb16</wsa:RelatesTo>
<wsa:To>http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous</wsa:To>
<wsseTongue Tiedecurity>
<wsu:Timestamp wsu:Id="Timestamp-9b67fc30-b250-454d-9550-5c7fb360c074">
<wsu:Created>2007-06-26T11:35:54Z</wsu:Created>
<wsu:Expires>2007-06-26T11:40:54Z</wsu:Expires>
</wsu:Timestamp>
</wsseTongue Tiedecurity>
</soap:Header>
<soap:Body>
<soap:Fault>
<faultcode>soapTongue Tiederver</faultcode>
<faultstring>System.Web.Services.Protocols.SoapException: Error creating user........Try An internal server error occurred. Your call was not processed. Contact the site administrator for details. ---&gt; System.Exception: Error creating user........Try An internal server error occurred. Your call was not processed. Contact the site administrator for details.
at NewUser.CreateUser_req(IdentityData person) in e:\SL47537\SL47537_NewUser\App_Code\Service.cs:line 108
--- End of inner exception stack trace ---</faultstring>
<faultactor>http://localhost:9105/SL47537_NewUser/NewUser.ashx</faultactor>
<detail />
</soap:Fault>
</soap:Body>
</soap:Envelope>
</processingStep>
</outputMessage>
</log>




Re: Connected Services Framework Not able to create New User through Identity Manager

lekshmy

I figured out the problem ,there was a dependency on the active directory OU and ACE's permission like the caller account must belong to the ALLUSERS@HOSTINGGROUP of that OU .When I added the account to that group my call was processed by the Identity Manager component. Smile






Re: Connected Services Framework Not able to create New User through Identity Manager

Ying Zeng

I am having a bit problem with IDM. The write operations all failed while read operations work fine. I think this is the same problem as your first post.

In my setup, I manually created a ProviderOU from AD admin tool and then try to create organization/user within this OU using IDM. My csfservice account belongs to all CSF requestor groups. My first try was that ProviderOU does not have any group policy and it failed. My second try was to create a new group policy for ProviderOU and then edit group policy object to add csfservice account to have Full control. However, this failed again.

I am not AD expert so I can't find anything called Allusers@HOSTINGGROUP type of thing anywhere in my AD. Could you please share some hint on how to have this configured for my csfservice account so that it has write permission to my ProviderOU

Thanks,
Ying