[midPoint] Active Directory and custom attributes & auxiliary objectclass

Pavol Mederly mederly at evolveum.com
Thu Jul 2 16:17:24 CEST 2015 

Hello Anton,

the AD connector schema can now be extended via configuration. Please 
see 
https://wiki.evolveum.com/display/midPoint/Extending+AD+and+Exchange+Connector+Schema+HOWTO 
for a simple HOWTO.

However, contrary to what's written there, I would recommend using the 
latest versions of AD/Exchange connector and ConnId:
- Exchange Connector:  1.4.1.20283 
(https://wiki.evolveum.com/display/midPoint/Exchange+Connector)
- Connector Server: 1.4.0.84 
(https://wiki.evolveum.com/display/midPoint/.NET+Connector+Server)

Also please note that auxiliary object classes are not supported for AD. 
What you need to do is to extend the basic AccountObjectClass (or object 
class for group/OU) with your custom attributes.

Best regards,
Pavol

On 2. 7. 2015 16:10, midpoint at mybtinternet.com wrote:
> Hi,
>
>   We intend managing a number of different directories with similar 
> data but for populations of users that
>   must be stored separately. We also have a fairly extensive number of 
> custom attributes grouped in an
>   auxiliary objectClass.
>
>   For OpenDJ, I was able to setup the resources and am able to manage 
> all the custom attributes; e.g.
>   the connector allows definition of which classes to use.
>
>   Now trying to replicate with AD and have basic AD provisioning 
> working; however, I don't see similar
>   options for defining additional objectClasses to use. Have looked in 
> Jira; all references suggest modifying
>   objectClasses.xml and building a custom instance of the connector. I 
> don't see how the custom
>   objectClass is referenced. Have I missed something?
>
>   As for building a custom instance of the connector;  I would prefer 
> not to do that as:
> 1) we could run into issues that are related to our attempt of 
> implementing
>     2) each time there is a new fix, we would need to go and retro-fit 
> and rebuild
>     3) each time we extend the schema, we need to go and ammend and 
> rebuild
>
>   While I may be able to build a custom instance, once this is 
> handed-over to business-as-usual, they
>   most certainly will not have the skills to support this.
>
>   Is this still the process to follow at this time, or has this 
> changed? If not changed, is there a plan to
>   make the AD adapter configurable ito custom schema (like OpenDJ)? 
> Time-frame?
>
>   Thx
>
> Regards,
>   Anton
>
>
>
>
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> http://lists.evolveum.com/mailman/listinfo/midpoint

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20150702/c1e8598b/attachment.htm>

More information about the midPoint mailing list