[midPoint] Discovering Custom objectClasses
Keith Hazelton
keith.hazelton at wisc.edu
Tue Sep 20 14:38:15 CEST 2016
Radovan,
That looks like it. Coincidentally I was looking at exactly that part of the wiki just before seeing this email =)
Will give it a try.
Thanks! --Keith
___________________________________
email & jabber: keith.hazelton at wisc.edu<mailto:keith.hazelton at wisc.edu>
calendar: http://go.wisc.edu/i6zxx0
From: midPoint <midpoint-bounces at lists.evolveum.com> on behalf of Radovan Semancik <radovan.semancik at evolveum.com>
Reply-To: midPoint General Discussion <midpoint at lists.evolveum.com>
Date: Tuesday, September 20, 2016 at 07:29
To: midPoint General Discussion <midpoint at lists.evolveum.com>
Subject: Re: [midPoint] Discovering Custom objectClasses
Hi,
I think I see the problem. It is the namespace of the eduPerson object class. You have to use the "ri" namespace (http://midpoint.evolveum.com/xml/ns/public/resource/instance-3). MidPoint does not know that eduPerson is not core LDAP schema. LDAP server reports eduPerson in exactly the same way as any other core object class. Therefore for midPoint eduPerson and inetOrgPerson are just different object classes from the same namespace.
(Yes, theoretically we could look at object class OIDs and use that, but there is no support for namespaces in ConnId anyway and that would complicate the things by a great deal. So we are not doing that.)
So, if you replace e:eduPerson with ri:eduPerson then your configuration should work.
If you are interested in a deeper explanation you can find it here:
https://wiki.evolveum.com/display/midPoint/Resource+Schema
https://wiki.evolveum.com/display/midPoint/Resource+and+Connector+Schema+Explanation
--
Radovan Semancik
Software Architect
evolveum.com
On 09/19/2016 06:58 PM, Keith Hazelton wrote:
Message 1 of 2 --Keith
___________________________________
A big thank you to Radovan for this very informative wiki page on auxiliary object classes.
But even with this, I am having trouble getting my OpenDJ Resource configuration to handle eduPerson and eduMember auxiliary object classes on the account structural object class, inetOrgPerson. The full text of the first error result is attached.
Here are the steps I had taken so far:
1) Added an xmlns declaration for edu* object classes and attributes at the top of the resource element
a. xmlns:e=http://id.internet2.edu/namespaces/edu
2) Added the two auxiliary object classes in the schema / generationconstraintselement
a. <!-- khazelton See if the edu* object classes need to be included here -->
b. <generateObjectClass>e:eduPerson</generateObjectClass>
c. <generateObjectClass>e:eduMember</generateObjectClass>
3) Added declaration of eduPerson and eduMember attributes to schema / definition element
a. <!-- -->
b. <!-- khazelton begin supplemental schema defs: auxiliary object classes and attributes for eduPerson and eduMember -->
c. <!-- -->
d. <xsd:complexType name="e:eduPerson">
e. <xsd:annotation>
f. <xsd:appinfo>
g. <ra:resourceObject/>
h. <ra:nativeObjectClass>e:eduPerson</ra:nativeObjectClass>
i. </xsd:appinfo>
j. </xsd:annotation>
k. <xsd:sequence>
l. <xsd:element maxOccurs="unbounded"
m. minOccurs="0"
n. name="eduscopedaffil"
o. type="xsd:string">
p. <xsd:annotation>
q. <xsd:appinfo>
r. <a:displayOrder>120</a:displayOrder>
s. <a:matchingRule xmlns:qn147="http://prism.evolveum.com/xml/ns/public/matching-rule-3"<http://prism.evolveum.com/xml/ns/public/matching-rule-3>>qn147:stringIgnoreCase</a:matchingRule>
t. <ra:nativeAttributeName>eduPersonScopedAffiliation</ra:nativeAttributeName>
u. <ra:frameworkAttributeName>eduscopedaffil</ra:frameworkAttributeName>
v. </xsd:appinfo>
w. </xsd:annotation>
x. </xsd:element>
y. <xsd:element maxOccurs="unbounded"
z. minOccurs="0"
aa. name="eduentitlement"
bb. type="xsd:string">
cc. <xsd:annotation>
dd. <xsd:appinfo>
ee. <a:displayOrder>130</a:displayOrder>
ff. <a:matchingRule xmlns:qn147="http://prism.evolveum.com/xml/ns/public/matching-rule-3"<http://prism.evolveum.com/xml/ns/public/matching-rule-3>>qn147:stringIgnoreCase</a:matchingRule>
gg. <ra:nativeAttributeName>eduPersonEntitlement</ra:nativeAttributeName>
hh. <ra:frameworkAttributeName>eduentitlement</ra:frameworkAttributeName>
ii. </xsd:appinfo>
jj. </xsd:annotation>
kk. </xsd:element>
ll. </xsd:sequence>
i. </xsd:complexType>
mm. <!-- -->
nn. <xsd:complexType name="e:eduMember">
oo. <xsd:annotation>
pp. <xsd:appinfo>
qq. <ra:resourceObject/>
rr. <ra:nativeObjectClass>e:eduMember</ra:nativeObjectClass>
ss. </xsd:appinfo>
tt. </xsd:annotation>
uu. <xsd:sequence>
vv. <xsd:element maxOccurs="unbounded"
ww. minOccurs="0"
xx. name="initials"
yy. type="xsd:string">
zz. <xsd:annotation>
aaa. <xsd:appinfo>
bbb. <a:displayOrder>120</a:displayOrder>
ccc. <a:matchingRule xmlns:qn147="http://prism.evolveum.com/xml/ns/public/matching-rule-3"<http://prism.evolveum.com/xml/ns/public/matching-rule-3>>qn147:stringIgnoreCase</a:matchingRule>
ddd. <ra:nativeAttributeName>isEduMemberOf</ra:nativeAttributeName>
eee. <ra:frameworkAttributeName>edumemberof</ra:frameworkAttributeName>
fff. </xsd:appinfo>
ggg. </xsd:annotation>
hhh. </xsd:element>
iii. </xsd:sequence>
jjj. </xsd:complexType>
kkk. <!-- -->
lll. <!-- khazelton end of supplemental schema defs: auxiliary object classes and attributes for eduPerson and eduMember -->
mmm. <!-- -->
4) Added eduPerson and eduMember to the schemHandling element:
a. <objectClass>ri:inetOrgPerson</objectClass>
b. <auxiliaryObjectClass>e:eduPerson</auxiliaryObjectClass>
c. <auxiliaryObjectClass>e:eduMember</auxiliaryObjectClass>
d. <!-- khazelton added eduPerson and eduMember as auxiliary object classes -->
5) Added eduPerson and eduMember attributes to the schemaHandling element:
a. <!-- eduPerson and eduMember attributes -->
b. <attribute>
c. <c:ref>e:eduPersonAffiliation</c:ref>
d. <displayName>eduPersonAffiliation</displayName>
e. <outbound>
f. <source>
g. <c:path>$user/eduaffil</c:path>
h. </source>
i. </outbound>
j. <inbound>
k. <target>
l. <c:path>$user/eduaffil</c:path>
m. </target>
n. </inbound>
o. </attribute>
p. <attribute>
q. <c:ref>e:eduMemberOf</c:ref>
r. <displayName>eduMemberOf</displayName>
s. <outbound>
t. <source>
u. <c:path>$user/edumemberof</c:path>
v. </source>
w. </outbound>
x. <inbound>
y. <target>
z. <c:path>$user/edumemberof</c:path>
aa. </target>
bb. </inbound>
cc. </attribute>
dd. <!-- end of eduPerson and eduMember attributes -->
Thanks in advance for pointing me in the right direction. --Keith
___________________________________
email & jabber: keith.hazelton at wisc.edu<mailto:keith.hazelton at wisc.edu>
calendar: http://go.wisc.edu/i6zxx0
From: midPoint <midpoint-bounces at lists.evolveum.com><mailto:midpoint-bounces at lists.evolveum.com> on behalf of Radovan Semancik <radovan.semancik at evolveum.com><mailto:radovan.semancik at evolveum.com>
Reply-To: midPoint General Discussion <midpoint at lists.evolveum.com><mailto:midpoint at lists.evolveum.com>
Date: Thursday, September 15, 2016 at 05:11
To: midPoint General Discussion <midpoint at lists.evolveum.com><mailto:midpoint at lists.evolveum.com>
Subject: Re: [midPoint] Discovering Custom objectClasses
Hi,
I have realized that there is some confusion about the use of auxiliary object classes. Therefore I have added a bit of new documentation to fill the gap:
https://wiki.evolveum.com/display/midPoint/Auxiliary+Object+Classes
--
Radovan Semancik
Software Architect
evolveum.com
_______________________________________________
midPoint mailing list
midPoint at lists.evolveum.com<mailto:midPoint at lists.evolveum.com>
http://lists.evolveum.com/mailman/listinfo/midpoint
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20160920/1c7aff94/attachment.htm>
More information about the midPoint
mailing list