[midPoint] New ldap connector and auxiliary objectClasses
midpoint at mybtinternet.com
midpoint at mybtinternet.com
Thu Oct 22 14:30:53 CEST 2015
Hi,
I was trying:
<!-- snip -->
<schemaHandling>
<objectType>
<displayName>Default Account</displayName>
<default>true</default>
<objectClass>ri:inetOrgPerson</objectClass>
<auxiliaryObjectClass>ri:myPerson</auxiliaryObjectClass>
<attribute>
<ref>ri:dn</ref>
<displayName>Distinguished Name</displayName>
<limitations>
<minOccurs>0</minOccurs>
<access>
<read>true</read>
<add>true</add>
<modify>false</modify>
</access>
</limitations>
<matchingRule>mr:stringIgnoreCase</matchingRule>
<outbound>
<strength>weak</strength>
<source>
<path>$user/name</path>
</source>
<expression>
<script>
<!-- No explicit script language was specified. It means that this is Groovy -->
<code>
'uid=' + name + iterationToken + ',ou=staff,dc=internal,dc=example,dc=com'
</code>
</script>
</expression>
</outbound>
</attribute>
<!-- snip -->
<!-- snip -->
<attribute>
<c:ref>ri:myCallSign</c:ref>
<exclusiveStrong>false</exclusiveStrong>
<tolerant>true</tolerant>
<fetchStrategy>implicit</fetchStrategy>
<outbound>
<authoritative>false</authoritative>
<exclusive>false</exclusive>
<strength>normal</strength>
<source>
<c:path>extension/myCallSign</c:path>
</source>
</outbound>
<inbound>
<authoritative>false</authoritative>
<exclusive>false</exclusive>
<strength>normal</strength>
<target>
<c:path>extension/myCallSign</c:path>
</target>
</inbound>
</attribute>
<!-- snip -->
When having attributes defined in the schema handling, midPoint complains about them;
When only the auxiliary objectClass defined, midPoint says it can't be found. myCallSign
is an attribute of myPerson objectClass.
Regards,
Anton
----Original message----
>From : ivan.noris at evolveum.com
Date : 22/10/2015 - 13:15 (BST)
To : midpoint at lists.evolveum.com
Subject : Re: [midPoint] New ldap connector and auxiliary objectClasses
Hi,
could you please paste your <objectType> definition from
schema handling?
Ivan
On 10/22/2015 01:36 PM,
midpoint at mybtinternet.com wrote:
Hi Guys,
Trying to use the new LDAP connector in 3.2; but having issues
with my auxiliary objectClass.
I have tried using:
<auxiliaryObjectClass>ri:myPerson</auxiliaryObjectClass>
in the account section of schema definition. This seems to be
the method implied by the UNIX user
sample scenario ... although not used on the account section per
se.
After resource load, which is apparently successful, browsing to
"List resources" throws an error
that the objectclass myPerson was not found. When looking at the
objectClasses listed in the
connector, it does not seem to be listed. Also enable read
schema, seems to make not diff. Tried
test connection; again no diff.
This used to work with 3.1.1 and the previous connector.
If I do a ldapsearch for schema on OpenDJ, my custom objectclass
is returned; Apache Directory
Studio also recognises the auxiliary objectclass. Thus, is this:
- an issue with how I'm referencing the
auxiliary objectClass?
- a bug in the new LDAP connector?
- Something else?
Thx,
Anton
_______________________________________________
midPoint mailing list
midPoint at lists.evolveum.com
http://lists.evolveum.com/mailman/listinfo/midpoint
--
Ing. Ivan Noris
Senior Identity Management Engineer & IDM Architect
evolveum.com evolveum.com/blog/
___________________________________________________
"Semper Id(e)M Vix."
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20151022/cdf535ae/attachment.htm>
More information about the midPoint
mailing list