OIM java.net.NoRouteToHostException: No route to host org.identityconnectors.framework.common.exceptions.ConnectorException: java.net.NoRouteToHostException: No route to host
Don't get confused with the java.net.SocketException: Network is unreachable, which simply means that the server is not
reachable. You can test this by doing a simple ping against the IP address and/or the hostname.
Other Error Message
Other Error Messages:
org.identityconnectors.framework.common.exceptions.ConnectorException: java.net.SocketException: Network is unreachable
Note: If your IP works though your hostname doesn't, then it's likely a DNS issue. If you have 2 servers (or as I have it, 2 VMs) within the same subnet, you can determine this by logging in as root and editing the nameserver with the IP address within the /etc/resolv.conf file. Once you've done that, try pinging the hostname again
Now, going back to the No route to host
Now, going back to the No route to host
org.identityconnectors.framework.common.exceptions.ConnectorException: java.net.NoRouteToHostException: No route to host
Knowing you can connect to the AD server, ensure the connector server service is running on the AD domain (or if you have a separate server running the connector server, test that instead)
Once that's been tested, log into the (identity system administration) sysadmin console and click on 'system configuration' on the right hand side. Within there you will see both the connector server AND the AD server. The simple visual error does not indicate which host is not reachable. Ensure within the IT resource 'host' parameter contains either the IP address or the hostname. My issue wasn't that the Active Directory IT Resource was unreachable but in fact the connector server was no reachable.
In my case I had to change the nameserver within the /etc/resolv.conf configuration file. Furthermore, I changed the host from the IP address to now the full hostname+domain (in my case it's hostname1.technicalconfessions.local)
About the author
Daniel is a Technical Manager with over 10 years of consulting expertise in the Identity and Access Management space.Daniel has built from scratch this blog as well as technicalconfessions.com
Follow Daniel on twitter @nervouswiggles
Comments
Other Posts
AS I was migrating my environment into an S3 environment, I wanted to leverage off the SES services that AWS provide, more specifically, to leverage the off the SMTP functionality by sending an email via PHP
Read More...
The WeMos D1 is a ESP8266 WiFi based board is an extension to the current out-of-the-box library that comes with the Arduino installation. Because of this, you need to import in the libraries as well as acknowledging the specific board. This process is highly confusion with a number of different individuals talking about a number of different ways to integrate.
Read More...
NameID element must be present as part of the Subject in the Response message, please enable it in the IDP configuration.
Read More...
For what I see, there's not too many supportive documentations out there that will demonstrate how provision AD group membership with the ICF connector using OpenIDM. The use of the special ldapGroups attribute is not explained anywhere in the Integrators guides to to the date of this blog. This quick blog identifies the tasks required to provision AD group membership from OpenIDM to AD using the LDAP ICF connector. However this doesn't really explain what ldapGroups actually does and there's no real worked example of how to go from an Assignment to ldapGroups to an assigned group in AD. I wrote up a wiki article for my own reference: AD group memberships automatically to users This is just my view, others may disagree, but I think the implementation experience could be improved with some more documentation and a more detailed example here.
Read More...
In the past, the similar error occurred though for the Oracle Identity Management solution. invalidcredentialexception remote framework key is invalid Because they all share the ICF connector framework, the error/solution would be the same.
Read More...
org.forgerock.script.exception.ScriptCompilationException: missing ; before statement
Read More...
ForgeRock IDM - org.forgerock.script.exception.ScriptCompilationException: missing ; before statement
Read More...
When performing the attempt of a reconciliation from ForgeRock IDM to Active Directory, I would get the following error
Read More...
In the past, the similar error occurred though for the Oracle Identity Management solution. invalidcredentialexception remote framework key is invalid Because they all share the ICF connector framework, the error/solution would be the same.
Read More...
During the reconcilation from OpenIDM to the ICF google apps connector, the following error response would occur. ERROR Caused by com.google.api.client.auth.oauth2.TokenResponseException 400 Bad Request - invalid_grant
Read More...
Tags
Recent Posts
Monthly Activity
Group by date