[midPoint] How to import/create a resource definition with a custom ldap object

Andreas Küstner andreas.kuestner at daasi.de
Tue Mar 22 16:01:50 CET 2016


Hello List,

i try to import a openldap-server resource. Connection is established
but my custom ldap object class (customPerson) won`t work.

I tried it with a xml-resource-definiton file from midpoint samples. I
modified the <schema>-Section to fit the object class. Here is a snippet:


---code---:
<definition>
			<xsd:complexType name="customPerson">
				<xsd:annotation>
					<xsd:appinfo>
						<ra:resourceObject />
						<ra:identifier>ri:entryUUID</ra:identifier>
						<ra:secondaryIdentifier>ri:sn</ra:secondaryIdentifier>
						<ra:displayNameAttribute>ri:sn</ra:displayNameAttribute>
						<ra:namingAttribute>ri:sn</ra:namingAttribute>
						<ra:nativeObjectClass>customPerson</ra:nativeObjectClass>
						<ra:auxiliary>true</ra:auxiliary>
					</xsd:appinfo>
				</xsd:annotation>
				<xsd:sequence>
					<xsd:element name="uuid" type="xsd:string">
						<xsd:annotation>
							<xsd:appinfo>
								<a:displayOrder>120</a:displayOrder>
								<ra:nativeAttributeName>uuid</ra:nativeAttributeName>
								<ra:frameworkAttributeName>uuid</ra:frameworkAttributeName>
							</xsd:appinfo>
						</xsd:annotation>
					</xsd:element>
					<xsd:element name="sn" type="xsd:string">
						<xsd:annotation>
							<xsd:appinfo>
								<a:displayOrder>110</a:displayOrder>
								<ra:nativeAttributeName>sn</ra:nativeAttributeName>
								<ra:frameworkAttributeName>__NAME__</ra:frameworkAttributeName>
							</xsd:appinfo>
						</xsd:annotation>
					</xsd:element>
					<xsd:element maxOccurs="unbounded" minOccurs="0" name="cn"
						type="xsd:string">
						<xsd:annotation>
							<xsd:appinfo>
								<a:displayOrder>130</a:displayOrder>
								<ra:nativeAttributeName>cn</ra:nativeAttributeName>
								<ra:frameworkAttributeName>cn</ra:frameworkAttributeName>
							</xsd:appinfo>
						</xsd:annotation>
					</xsd:element>
					<xsd:element minOccurs="0" name="entryUUID" type="xsd:string">
						<xsd:annotation>
							<xsd:appinfo>
								<a:displayOrder>100</a:displayOrder>
								<a:access>read</a:access>
								<ra:nativeAttributeName>entryUUID</ra:nativeAttributeName>
								<ra:frameworkAttributeName>__UID__</ra:frameworkAttributeName>
							</xsd:appinfo>
						</xsd:annotation>
					</xsd:element>
				</xsd:sequence>
			</xsd:complexType>
			</definition>

		  <!-- workaround to MID-2723 -->
		  <generationConstraints>
			  <generateObjectClass>ri:inetOrgPerson</generateObjectClass>
			  <generateObjectClass>ri:groupOfUniqueNames</generateObjectClass>
			  <generateObjectClass>ri:groupOfNames</generateObjectClass>
			  <generateObjectClass>ri:organizationalUnit</generateObjectClass>
			  <generateObjectClass>ri:customPerson</generateObjectClass>
		  </generationConstraints>

	  </schema>

----end code---


If i did it with the GUI wizard my customPerson class is recognized,
but some attributes are missing (sn for example).


What am i missing?

Here is my CustomPerson ldap class:

olcObjectClasses: {1}( Custom.ldap.oc:2 NAME 'CustomPerson' SUP top
AUXILIARY DESC '
Custom Person' X-ORIGIN 'Custom Ltd.' MUST ( uuid ) MAY ( cn ) )
structuralObjectClass: olcSchemaConfig
entryUUID: 1b1704ba-f0c6-1034-934d-13ecb1063800
creatorsName: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
createTimestamp: 20150916135351Z
olcAttributeTypes: {0}( Custom.ldap.attr:2 NAME 'CustomIsDisabled' DESC
'determines
whether the person is active or inactive (e.g. retired), defaults to
false if
not set' SYNTAX '1.3.6.1.4.1.1466.115.121.1.7' EQUALITY booleanMatch X-ORIGI
N 'Custom Ltd.' SINGLE-VALUE )
olcAttributeTypes: {1}( Custom.ldap.attr:3 NAME 'CustomUserNames' DESC
'user names o
f the person; use Kerberos principal name preferably' SYNTAX
1.3.6.1.4.1.1466
.115.121.1.15 EQUALITY caseIgnoreMatch SUBSTR caseIgnoreSubstringsMatch
X-ORI
GIN 'Custom Ltd.' )
olcAttributeTypes: {2}( Custom.ldap.attr:4 NAME 'CustomMail' DESC
'auxiliary mail ad
resses' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26{256} EQUALITY
caseIgnoreIA5Match
SUBSTR caseIgnoreIA5SubstringsMatch X-ORIGIN 'Custom Ltd.' )
olcAttributeTypes: {3}( Custom.ldap.attr:5 NAME 'CustomSource' DESC
'primary source
of this entity' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 EQUALITY
caseIgnoreIA5Ma
tch SUBSTR caseIgnoreIA5SubstringsMatch X-ORIGIN 'Custom Ltd.' SINGLE-V
ALUE )
olcAttributeTypes: {4}( Custom.ldap.attr:6 NAME
'CustomIdentityCardNumber' DESC 'ide
ntity card number' SYNTAX 1.3.6.1.4.1.1466.115.121.1.26 EQUALITY
caseIgnoreIA
5Match SUBSTR caseIgnoreIA5SubstringsMatch X-ORIGIN 'Custom Ltd.' SINGL
E-VALUE )
olcAttributeTypes: {5}( Custom.ldap.attr:1 NAME 'uuid' DESC 'universally
unique i
dentifier' SYNTAX 1.3.6.1.1.16.1 EQUALITY uuidMatch ORDERING
uuidOrderingMatc
h X-ORIGIN 'Custom Ltd.' SINGLE-VALUE )
entryCSN: 20160205161704.898523Z#000000#000#000000
modifiersName: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
modifyTimestamp: 20160205161704Z

Thank you for help!

Best Regards
Andy



More information about the midPoint mailing list