[midPoint] Cannot sync attributes to AD

Pálos Gustáv gustav.palos at evolveum.com
Thu Jan 11 12:27:00 CET 2018 

Hi Jan,

try to use maxOccurs=1, like:
<attribute>
<c:ref>ri:description</c:ref>
<displayName>Description</displayName>
<!-- in AD schema defined as multi value, but in realistic single -->
<limitations>
<minOccurs>0</minOccurs>
<maxOccurs>1</maxOccurs>
</limitations>
<outbound>
.....
</outbound>
</attribute>

2017-12-29 18:19 GMT+01:00 Jan Kaspar <Caspi at seznam.cz>:

> Hi all,
>
> I have latest midpoint 3.7 version and I am expiriencing an error with
> syncing description on user and group object ou to AD.
> When object in AD has null value of description attribute it works. I can
> easily add description and suffix " - managed by MidPoint"
> Problem is when i change the value to difedrent one, or in ad there is
> already some value.
>
> then i got and error:
> OperationAdd attribute values (Icf)MessageInvalid attribute:
> org.identityconnectors.framework.common.exceptions.
> InvalidAttributeValueException(Error modifying LDAP entry
> CN=Blanca.Parker,OU=Users,OU=CZ,DC=HELL,DC=LOCAL: [add:description:
> pepina1 - Managed by MidPoint,]: attributeOrValueExists: 00002081: AtrErr:
> DSID-030F181A, #1:??0: 00002081: DSID-030F181A, problem 1006
> (ATT_OR_VALUE_EXISTS), data 0, Att d (description)?? (20))Parameters
> uid [e61d0dc3-33dc-4ba1-a623-a243edbdfa52]
> objectClass [crOCD ({http://midpoint.evolveum.com/xml/ns/public/resource/
> instance-3}user)]
> options [OperationOptions: {}]
> attributes [[Attribute: {Name=description, Value=[pepina1 - Managed by
> MidPoint]}]]Context
> connector [class org.identityconnectors.framework.impl.api.local.
> LocalConnectorFacadeImpl]ErrorInvalid attribute: org.identityconnectors.
> framework.common.exceptions.InvalidAttributeValueException(Error
> modifying LDAP entry CN=Blanca.Parker,OU=Users,OU=CZ,DC=HELL,DC=LOCAL:
> [add:description: pepina1 - Managed by MidPoint,]: attributeOrValueExists:
> 00002081: AtrErr: DSID-030F181A, #1:??0: 00002081: DSID-030F181A, problem
> 1006 (ATT_OR_VALUE_EXISTS), data 0, Att d (description)?? (20))show
> com.evolveum.midpoint.util.exception.SchemaException: Invalid attribute:
> org.identityconnectors.framework.common.exceptions.
> InvalidAttributeValueException(Error modifying LDAP entry
> CN=Blanca.Parker,OU=Users,OU=CZ,DC=HELL,DC=LOCAL: [add:description:
> pepina1 - Managed by MidPoint,]: attributeOrValueExists: 00002081: AtrErr:
> DSID-030F181A, #1:??0: 00002081: DSID-030F181A, problem 1006
> (ATT_OR_VALUE_EXISTS), data 0, Att d (description)?? (20)) at
> com.evolveum.midpoint.provisioning.ucf.impl.connid.
> ConnIdUtil.lookForKnownCause(ConnIdUtil.java:352) at
> com.evolveum.midpoint.provisioning.ucf.impl.connid.ConnIdUtil.
> processConnIdException(ConnIdUtil.java:215) at com.evolveum.midpoint.
> provisioning.ucf.impl.connid.ConnectorInstanceConnIdImpl.modifyObject(
> ConnectorInstanceConnIdImpl.java:1715) at com.evolveum.midpoint.
> provisioning.impl.ResourceObjectConverter.executeModify(
> ResourceObjectConverter.java:769) at com.evolveum.midpoint.
> provisioning.impl.ResourceObjectConverter.modifyResourceObject(
> ResourceObjectConverter.java:571) at com.evolveum.midpoint.
> provisioning.impl.ShadowCache.modifyShadow(ShadowCache.java:745) at
> com.evolveum.midpoint.provisioning.impl.ProvisioningServiceImpl.
> modifyObject(ProvisioningServiceImpl.java:671) at
> com.evolveum.midpoint.model.impl.lens.ChangeExecutor.
> modifyProvisioningObject(ChangeExecutor.java:1495) at
> com.evolveum.midpoint.model.impl.lens.ChangeExecutor.executeModification(ChangeExecutor.java:1369)
> at com.evolveum.midpoint.model.impl.lens.ChangeExecutor.
> executeDelta(ChangeExecutor.java:909) at com.evolveum.midpoint.model.
> impl.lens.ChangeExecutor.executeChanges(ChangeExecutor.java:318) at
> com.evolveum.midpoint.model.impl.lens.Clockwork.lambda$
> processSecondary$0(Clockwork.java:635) at com.evolveum.midpoint.model.
> impl.lens.LensUtil.partialExecute(LensUtil.java:947) at
> com.evolveum.midpoint.model.impl.lens.LensUtil.
> partialExecute(LensUtil.java:934) at com.evolveum.midpoint.model.
> impl.lens.Clockwork.processSecondary(Clockwork.java:633) at
> com.evolveum.midpoint.model.impl.lens.Clockwork.click(Clockwork.java:479)
> at com.evolveum.midpoint.model.impl.lens.Clockwork.run(Clockwork.java:202)
> at com.evolveum.midpoint.model.impl.controller.ModelController.
> executeChanges(ModelController.java:538) at com.evolveum.midpoint.web.
> component.progress.ProgressPanel$14.callWithContextPrepared(ProgressPanel.java:605)
> at com.evolveum.midpoint.web.component.progress.ProgressPanel$14.
> callWithContextPrepared(ProgressPanel.java:591) at
> com.evolveum.midpoint.web.component.SecurityContextAwareCallable.call(
> SecurityContextAwareCallable.java:59) at java.util.concurrent.FutureTask.run(Unknown
> Source) at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown
> Source) at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown
> Source) at java.lang.Thread.run(Unknown Source)
>
> Thanks Jan
>
>
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> http://lists.evolveum.com/mailman/listinfo/midpoint
>
>


-- 
Gustáv Pálos
Identity Engineer
evolveum.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20180111/31264eb2/attachment.htm>

More information about the midPoint mailing list