[midPoint] attributeOrValueExists ERROR LDAP

Wojciech Staszewski wojciech.staszewski at diagnostyka.pl
Wed Dec 21 13:03:36 CET 2016


I have the same issue with LDAP with attributes from some objectclasses (e.g. SambaSamAccount).
And when I'm using my own custom auxiliary objectclass (OC), Midpoint tries to add this objectclass to LDAP accounts which already have this OC and I got errors.
I temoprary removed these OC from schema and don't use attributes from them.


W dniu 21.12.2016 o 07:17, oleg okunev pisze:
> Hello.
> 
> Strange problem i get when trying to modify decription in user which have link to AD account
> config of schema handling
> 
> <attribute>
>     <ref>ri:description</ref>
>        <outbound>
>          <source>
>              <path>description</path>
>          </source>
>        </outbound>
>        <inbound>
>          <target>
>              <path>description</path>
>          </target>
>        </inbound>
> </attribute>
> 
> 
> *Preview changes*
> 
> 
>       Modify User Archangel Gabriel (Gabriel)
> 
>  
> Item	Old value	New value
> Description	New Desc	New Desc NEW
> 
> 
> 
>       Secondary changes: 2 objects
> 
>  
> 
> 
>       Modify User Archangel Gabriel (Gabriel)
> 
>  
> Item	Old value	New value
> Description	New Desc	New Desc NEW
> 
> 
>       Modify Shadow CN=Archangel Gabriel,OU=Sky,OU=Earth,DC=abb-test,DC=akbars,DC=ru
> 
>  
> Item	Value
> resourceRef	 Active Directory Medusa (LDAPS) v2
> kind	ACCOUNT
> intent	default
> 
> 
>       Modify attributes
> 
>  
> Item	Old value	New value
> description	 	New Desc NEW
> 
> 
> 
> GOT this ERROR
> 
> Schema violation during processing shadow:
> shadow: CN=Archangel Gabriel,OU=Sky,OU=Earth,DC=abb-test,DC=akbars,DC=ru (OID:92d4a278-8d4f-46a3-af88-56bdf8529a95):
> Schema violation: Invalid attribute: org.identityconnectors.framework.common.exceptions.InvalidAttributeValueException(Error modifying LDAP entry CN=Archangel Gabriel,OU=Sky,OU=Earth,DC=abb-test,DC=akbars,DC=ru: [add:description: New Desc Second,]: attributeOrValueExists: 00002081: AtrErr: DSID-030F154F, #1:??0: 00002081: DSID-030F154F, problem 1006 (ATT_OR_VALUE_EXISTS), data 0, Att d (description)?? (20)):
> 
> it looks like midpoint trying to add NEW attribute - i cant understand why not modify existing attribute value
> 
> I know it must be simple but i trying to search and failed(((
> i got 3 object classes : user group and OU
> 
> and one more thing
> after error decription is different - in user new - in AD old
> if i make reconcile -  in AD it became emty
> and after that any first decription  writes well in AD.
> 
> 
> 
> -- 
> oleg okunev
> 
> --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
> 
> 
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> http://lists.evolveum.com/mailman/listinfo/midpoint
>
Numer KRS: 0000381559 (Sąd Rejonowy dla Krakowa-Śródmieścia w Krakowie, XI Wydział Gospodarczy KRS)
NIP: 675-12-65-009; REGON: 356366975
Kapitał zakładowy: 33 756 500 zł.

Pomyśl o środowisku zanim wydrukujesz ten e-mail.


More information about the midPoint mailing list