[midPoint] Discovering Custom objectClasses
Jason Everling
jeverling at bshp.edu
Fri Aug 19 23:57:34 CEST 2016
Your correlation looks a little funky to me for the user type, maybe you
meant to use 'cn' and not 'sn' ? for AD we use sAMAccountName
OpenLDAP sample is using 'uid'
https://github.com/Evolveum/midpoint/blob/master/samples/
resources/openldap/openldap-localhost-medium.xml#L425
Someone else though would be able to dig into it further,
JASON
On Fri, Aug 19, 2016 at 2:41 PM, Mencel, Matt <mr-mencel at wiu.edu> wrote:
> So attempting to do a sync results in an error.
>
> 2016-08-19 14:36:13,720 [] [midPointScheduler_Worker-7] ERROR
> (com.evolveum.midpoint.provisioning.impl.ShadowCache): Schema error:
> Auxiliary object class {http://midpoint.evolveum.com/
> xml/ns/public/resource/instance-3}shadowAccount specified in
> shadow:null(null) does not exist
>
> I'll put the stacktrace in the gist.
>
> https://gist.github.com/MattMencel/2a3208371a1b0ce422e0b4923df413f7
>
> Matt
>
>
> On Fri, Aug 19, 2016 at 10:47 AM, Radovan Semancik <
> radovan.semancik at evolveum.com> wrote:
>
>> Hi,
>>
>> Yes, that should work.
>> Just check that you have correct lowercase/uppercase form for the
>> attribute names. LDAP is (mostly) case insensitive, but midPoint is case
>> sensitive. Look at the <schema> part of the resource definition. That is
>> generated from the resource. Look for your auxiliary object class
>> definition there. And use the same capitalization as you see in the
>> <schema> section.
>>
>> --
>> Radovan Semancik
>> Software Architectevolveum.com
>>
>>
>>
>>
>> On 08/19/2016 05:23 PM, Mencel, Matt wrote:
>>
>> Thanks Radovan,
>>
>> That helps. Do I declare the auxiliary's attributes in the same place as
>> the default objectClass then? I'm getting this error in the UI...
>>
>> There is no attribute named '{http://midpoint.evolveum.com
>>> /xml/ns/public/resource/instance-3}wiuId' in object class '{
>>> http://midpoint.evolveum.com/xml/ns/public/resource/instance-3}person'
>>> (defined in schema handling for 'User Account (kind: ACCOUNT, intent:
>>> person)').
>>
>>
>> https://gist.github.com/MattMencel/2a3208371a1b0ce422e0b4923df413f7
>>
>> On Fri, Aug 19, 2016 at 9:54 AM, Radovan Semancik <
>> radovan.semancik at evolveum.com> wrote:
>>
>>> Hi,
>>>
>>> On 08/19/2016 04:26 PM, Mencel, Matt wrote:
>>>
>>> I have multiple LDAP objectclasses that contain all the attributes that
>>> make up a person's identity. I've associated multiple OCs with the same
>>> kind/intent in midpoint and am getting a warning in the UI.
>>>
>>>> There are multiple schema handling definitions for kind/intent:
>>>> ACCOUNT/person.
>>>
>>> Should I be doing this another way?
>>>
>>>
>>> Yes. Just one of the objectclasses is structural (primary). Other object
>>> classes are auxiliary. MidPoint fully supports auxiliary object classes,
>>> but you need to use a slightly different approach. Use something like this:
>>>
>>> <schemaHandling>
>>> <objectType>
>>> <kind>account</kind>
>>> <displayName>Normal Account</displayName>
>>> <default>true</default>
>>> <objectClass>ri:inetOrgPerson</objectClass>
>>> <auxiliaryObjectClass>ri:posixAccount</auxiliaryObjectClass>
>>> <auxiliaryObjectClass>ri:foo</auxiliaryObjectClass>
>>> <auxiliaryObjectClass>ri:bar</auxiliaryObjectClass>
>>> ...
>>>
>>>
>>> --
>>> Radovan Semancik
>>> Software Architectevolveum.com
>>>
>>> _______________________________________________ midPoint mailing list
>>> midPoint at lists.evolveum.com http://lists.evolveum.com/mail
>>> man/listinfo/midpoint
>>
>> _______________________________________________
>> midPoint mailing listmidPoint at lists.evolveum.comhttp://lists.evolveum.com/mailman/listinfo/midpoint
>>
>>
>> _______________________________________________
>> midPoint mailing list
>> midPoint at lists.evolveum.com
>> http://lists.evolveum.com/mailman/listinfo/midpoint
>>
>>
>
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> http://lists.evolveum.com/mailman/listinfo/midpoint
>
>
--
CONFIDENTIALITY NOTICE:
This e-mail together with any attachments is proprietary and confidential;
intended for only the recipient(s) named above and may contain information
that is privileged. You should not retain, copy or use this e-mail or any
attachments for any purpose, or disclose all or any part of the contents to
any person. Any views or opinions expressed in this e-mail are those of the
author and do not represent those of the Baptist School of Health
Professions. If you have received this e-mail in error, or are not the
named recipient(s), you are hereby notified that any review, dissemination,
distribution or copying of this communication is prohibited by the sender
and to do so might constitute a violation of the Electronic Communications
Privacy Act, 18 U.S.C. section 2510-2521. Please immediately notify the
sender and delete this e-mail and any attachments from your computer.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20160819/57b26b3f/attachment.htm>
More information about the midPoint
mailing list