search

jamf / JamfMigrator

A tool to migrate data granularly between Jamf Pro servers
MIT License
140 stars 10 forks source link

Failed (409). Create error: Problem with LDAP Server name. #42

Closed macmule closed 4 years ago

macmule commented 4 years ago

Seeing a 409 error when trying to migrate LDAP servers & groups.

20191216_211250 [CreateEndpoints] [jamfgroups] dotmobi-admins - Failed (409).  Create error: Problem with LDAP Server name.
20191216_211258 ----------- Starting Migration -----------
20191216_211258 [CreateEndpoints] [jamfgroups] dotmobi-backoff - Failed (409).  Create error: Problem with LDAP Server name.

The LDAP server is there already, ldap.datajar.co.uk.. XML below:

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<group>
    <name>dotmobi-backoff</name>
    <access_level>Full Access</access_level>
    <privilege_set>Custom</privilege_set>
    <ldap_server>
        <name>ldap.datajar.co.uk</name>
    </ldap_server>
    <site>
        <name>None</name>
    </site>
    <privileges>
        <jss_objects>
            <privilege>Read Advanced Computer Searches</privilege>
            <privilege>Read Advanced Mobile Device Searches</privilege>
            <privilege>Read Advanced User Searches</privilege>
            <privilege>Read Advanced User Content Searches</privilege>
            <privilege>Read AirPlay Permissions</privilege>
            <privilege>Read Allowed File Extension</privilege>
            <privilege>Read_API_Integrations</privilege>
            <privilege>Read Attachment Assignments</privilege>
            <privilege>Read Device Enrollment Program Instances</privilege>
            <privilege>Read Buildings</privilege>
            <privilege>Read Categories</privilege>
            <privilege>Read Classes</privilege>
            <privilege>Read Computer Enrollment Invitations</privilege>
            <privilege>Read Computer Extension Attributes</privilege>
            <privilege>Read Computer PreStage Enrollments</privilege>
            <privilege>Read Computers</privilege>
            <privilege>Read Configurations</privilege>
            <privilege>Read Departments</privilege>
            <privilege>Read Device Name Patterns</privilege>
            <privilege>Read Directory Bindings</privilege>
            <privilege>Read Disk Encryption Configurations</privilege>
            <privilege>Read Disk Encryption Institutional Configurations</privilege>
            <privilege>Read Dock Items</privilege>
            <privilege>Read eBooks</privilege>
            <privilege>Read Enrollment Customizations</privilege>
            <privilege>Read Enrollment Profiles</privilege>
            <privilege>Read Patch External Source</privilege>
            <privilege>Read File Attachments</privilege>
            <privilege>Read Distribution Points</privilege>
            <privilege>Read Push Certificates</privilege>
            <privilege>Read iBeacon</privilege>
            <privilege>Read Infrastructure Managers</privilege>
            <privilege>Read Inventory Preload Records</privilege>
            <privilege>Read VPP Invitations</privilege>
            <privilege>Read Accounts</privilege>
            <privilege>Read JSON Web Token Configuration</privilege>
            <privilege>Read Keystores</privilege>
            <privilege>Read LDAP Servers</privilege>
            <privilege>Read Licensed Software</privilege>
            <privilege>Read Mac Applications</privilege>
            <privilege>Read macOS Configuration Profiles</privilege>
            <privilege>Read Maintenance Pages</privilege>
            <privilege>Read Managed Preference Profiles</privilege>
            <privilege>Read Mobile Device Applications</privilege>
            <privilege>Read iOS Configuration Profiles</privilege>
            <privilege>Read Mobile Device Enrollment Invitations</privilege>
            <privilege>Read Mobile Device Extension Attributes</privilege>
            <privilege>Read Mobile Device Managed App Configurations</privilege>
            <privilege>Read Mobile Device PreStage Enrollments</privilege>
            <privilege>Read Mobile Devices</privilege>
            <privilege>Read NetBoot Servers</privilege>
            <privilege>Read Network Integration</privilege>
            <privilege>Read Network Segments</privilege>
            <privilege>Read Packages</privilege>
            <privilege>Read Patch Management Software Titles</privilege>
            <privilege>Read Patch Policies</privilege>
            <privilege>Read Peripheral Types</privilege>
            <privilege>Read Personal Device Configurations</privilege>
            <privilege>Read Personal Device Profiles</privilege>
            <privilege>Read Policies</privilege>
            <privilege>Read PreStages</privilege>
            <privilege>Read Printers</privilege>
            <privilege>Read Provisioning Profiles</privilege>
            <privilege>Read Push Certificates</privilege>
            <privilege>Read Removable MAC Address</privilege>
            <privilege>Read Restricted Software</privilege>
            <privilege>Read Scripts</privilege>
            <privilege>Read Self Service Bookmarks</privilege>
            <privilege>Read Self Service Branding Configuration</privilege>
            <privilege>Read Sites</privilege>
            <privilege>Read Smart Computer Groups</privilege>
            <privilege>Read Smart Mobile Device Groups</privilege>
            <privilege>Read Smart User Groups</privilege>
            <privilege>Read Software Update Servers</privilege>
            <privilege>Read Static Computer Groups</privilege>
            <privilege>Read Static Mobile Device Groups</privilege>
            <privilege>Read Static User Groups</privilege>
            <privilege>Read User Extension Attributes</privilege>
            <privilege>Read User</privilege>
            <privilege>Read VPP Assignment</privilege>
            <privilege>Read VPP Administrator Accounts</privilege>
            <privilege>Read Webhooks</privilege>
        </jss_objects>
        <jss_settings>
            <privilege>Read Activation Code</privilege>
            <privilege>Update Activation Code</privilege>
            <privilege>Read Apache Tomcat Settings</privilege>
            <privilege>Read Apple Configurator Enrollment</privilege>
            <privilege>Read Education Settings</privilege>
            <privilege>Read Mobile Device App Maintenance Settings</privilege>
            <privilege>Read Automatic Mac App Updates Settings</privilege>
            <privilege>Read Autorun Imaging</privilege>
            <privilege>Read Cache</privilege>
            <privilege>Read Change Management</privilege>
            <privilege>Read Computer Check-In</privilege>
            <privilege>Read Cloud Distribution Point</privilege>
            <privilege>Read Clustering</privilege>
            <privilege>Read Computer Inventory Collection</privilege>
            <privilege>Read Conditional Access</privilege>
            <privilege>Read Customer Experience Metrics</privilege>
            <privilege>Read Engage Settings</privilege>
            <privilege>Read GSX Connection</privilege>
            <privilege>Read Patch Internal Source</privilege>
            <privilege>Read Jamf Imaging</privilege>
            <privilege>Read Parent App Settings</privilege>
            <privilege>Read JSS URL</privilege>
            <privilege>Read Limited Access Settings</privilege>
            <privilege>Read Retention Policy</privilege>
            <privilege>Read Mobile Device Inventory Collection</privilege>
            <privilege>Read Password Policy</privilege>
            <privilege>Read Patch Management Settings</privilege>
            <privilege>Read PKI</privilege>
            <privilege>Read Re-enrollment</privilege>
            <privilege>Read Computer Security</privilege>
            <privilege>Read Self Service</privilege>
            <privilege>Read App Request Settings</privilege>
            <privilege>Read Mobile Device Self Service</privilege>
            <privilege>Read SSO Settings</privilege>
            <privilege>Read SMTP Server</privilege>
            <privilege>Read SSO Settings</privilege>
            <privilege>Read User-Initiated Enrollment</privilege>
        </jss_settings>
        <jss_actions></jss_actions>
        <recon></recon>
        <casper_admin>
            <privilege>Use Casper Admin</privilege>
        </casper_admin>
        <casper_remote></casper_remote>
        <casper_imaging></casper_imaging>
    </privileges>
    <members></members>
</group>
BIG-RAT commented 4 years ago

Confirmed. Looks like something changed on the server side. I'm able to migrate to a Jamf Server running v10.13 but not one running v10.17. What version is running on the server you're trying to migrate to?

macmule commented 4 years ago

10.17.1, also getting a 409 on a couple of profiles.. will check them later today.

On Mon, 16 Dec 2019 at 23:02, Leslie Helou notifications@github.com wrote:

Confirmed. Looks like something changed on the server side. I'm able to migrate to a Jamf Server running v10.13 but not one running v10.17. What version is running on the server you're trying to migrate to?

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/jamf/JamfMigrator/issues/42?email_source=notifications&email_token=AASZZTWE4W5PH4NHHULMCATQZACGRA5CNFSM4J3RGMIKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEHANURA#issuecomment-566286916, or unsubscribe https://github.com/notifications/unsubscribe-auth/AASZZTWSSWBADGY55K23UVTQZACGRANCNFSM4J3RGMIA .

--

Regards,

Ben

macmule commented 4 years ago

The profiles might be something else, but just had someone mention a similar LDAP API issue with jamf 10.17.x in the jss-api slack channel

BIG-RAT commented 4 years ago

Looks like LDAP groups need to resolve the LDAP server id rather then name now (Jamf Pro v10.17) - thanks @daniel-maclaughlin for the heads up. Fix coming shortly...

macmule commented 4 years ago

Awesome.. thanks @BIG-RAT.

I would thank @daniel-maclaughlin, but.. he knows.. :P

BIG-RAT commented 4 years ago

Fix implemented in version 5.0.0. Appreciated the heads up @macmule.