[midPoint] Midpoint LDAP objectClasses
Mencel, Matt
mr-mencel at wiu.edu
Wed Aug 24 18:31:05 CEST 2016
OK I'm back to trying to get an LDAP resource configured. I understand a
bit more of the workings of midpoint now so maybe I can get further on this
today. I've used the 389DS sample as a basic starting point.
The LDAP system is actually an old Sun DS system and I'm pretty sure the
OCs are not setup according to any standard best practice. Here is a very
basic user object example.
[1] DN = [uid=matt,ou=People,dc=wiu,dc=edu]
> [1] -------------------- : --------------------
> [1] objectClass : top
> [1] -------------------- : --------------------
> [1] objectClass : person
> [1] cn : Matthew R Mencel
> [1] sn : Mencel
> [1] -------------------- : --------------------
> [1] objectClass : wiuPerson
> [1] givenName : Matthew
> [1] uid : matt
In my resource I've tried defining wiuPerson as an auxiliaryObjectClass
like this...
<schemaHandling>
> <objectType>
> <kind>account</kind>
> <intent>person</intent>
> <displayName>Person Account</displayName>
> <default>true</default>
> <objectClass>ri:person</objectClass>
> <auxiliaryObjectClass>wiuPerson</auxiliaryObjectClass>
> <attribute>
> <ref>ri:dn</ref>
> <displayName>Distinguished Name</displayName>
> <outbound>
> <!-- Name cannot be weak. Changes in name trigger
> object rename. -->
> <source>
> <path>$user/name</path>
> </source>
> <expression>
> <script>
> <code>
> basic.composeDnWithSuffix('uid', name,
> 'ou=people,dc=wiu,dc=edu')
> </code>
> </script>
> </expression>
> </outbound>
> </attribute>
> <attribute>
> <ref>ri:cn</ref>
> <displayName>Common Name</displayName>
> <outbound>
> <source>
> <path>$user/fullName</path>
> </source>
> </outbound>
> <inbound>
> <strength>weak</strength>
> <target>
> <path>$user/fullName</path>
> </target>
> </inbound>
> </attribute>
> <attribute>
> <ref>ri:sn</ref>
> <outbound>
> <source>
> <path>familyName</path>
> </source>
> </outbound>
> <inbound>
> <strength>weak</strength>
> <target>
> <path>$user/familyName</path>
> </target>
> </inbound>
> </attribute>
> <attribute>
> <ref>ri:givenName</ref>
> <outbound>
> <source>
> <path>$user/givenName</path>
> </source>
> </outbound>
> <inbound>
> <strength>weak</strength>
> <target>
> <path>$user/givenName</path>
> </target>
> </inbound>
> </attribute>
Midpoint doesn't like that though and tells me that givenName is not in the
person OC...
There is no attribute named '{
> http://midpoint.evolveum.com/xml/ns/public/resource/instance-3}givenName'
> in object class '{
> http://midpoint.evolveum.com/xml/ns/public/resource/instance-3}person'
> (defined in schema handling for 'Person Account (kind: ACCOUNT, intent:
> person)').
...which of course it is not. So how do I define givenName so I can use it
in midpoint?
Thanks,
Matt
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20160824/3ef5e304/attachment.htm>
More information about the midPoint
mailing list