[midPoint] configuring an Active Directory Ldap with more than one entitlement type

Mon Aug 21 13:29:57 CEST 2017

Have you tried to use different "intent" for another entitlement?

WS

W dniu 21.08.2017 o 10:00, Daniel.Sommer at itconcepts.net pisze:
> Hello,
> 
>  
> 
> unfortunately i don’t find any help on the internet on it.We want to configure an ad with at least two entitlement types. I don’t knowanything, so i don’t know where to start about it.
> 
> Do i have to configure the ldap itself? Or is it just athing of correct configuring the resource.xml? My first try was just to copy the config for the first entitlement (group)
> 
> and replace intent and class by (ri:)privilege.
> 
> Midpoint then reports: 
> 
> "Object class {http://midpoint.evolveum.com/xml/ns/public/resource/instance-3}privilege as specified in entitlement type privilege was not found in the resource schema of entitlement type definition 'privilege' in defi
> 
> nition of resource:19d34120-36e3-4676-8057-c3080ec56d6d(TEST Active Directory (LDAP))"
> 
> 
> My schema block in this xml what we upload to midpoint is just that and works fine for groups and users. I just added the third <generateObjectClass>:
> 
> <schema>
>     <!-- workaround to MID-2723 -->
> <generationConstraints>
>         <generateObjectClass>ri:user</generateObjectClass>
>         <generateObjectClass>ri:group</generateObjectClass>
> 
>         <generateObjectClass>ri:privilege</generateObjectClass>
> 
> 
>     </generationConstraints>
> </schema>
> 
> 
>  
> 
>  
> 
> Thx in advance,
> 
>  
> 
> Daniel
> 
> Daniel Sommer
> Office: +49 228 908733 0 | Fax: +49 228 908733 1| Mobil: +49 176 162086 79
> 
> ITConcepts Professional GmbH -  In den Dauen 6 - DE 53117 Bonn
> 
> Website www.itconcepts.net <http://www.itconcepts.net>
> 
> <http://www.itconcepts.net/>   <http://www.itconcepts.net/index.php/about-cognitum>
> Besuchen Sie uns auch auf <http://www.xing.com/companies/itconceptsprofessionalgmbh/updates>   <http://www.linkedin.com/company/itconcepts>   <https://www.facebook.com/ITConcepts-Karriere-274907129252667/>   <https://twitter.com/ITConceptsJobs>
> 
> Trainings von ITConcepts
> 25.-29. September: One Identity Manager 7.x - Administration und Konfiguration (Kursinhalt <http://www.itconcepts.de/index.php/iam/one-identity-manager-basisschulung>).
> 23.-27. Oktober: One Identity Manager 7.x - Implementierung (Kursinhalt <http://www.itconcepts.de/index.php/iam/one-identity-manager-implementierer>).
> 
>  ITConcepts Professional GmbH Gf.: Sven Moog, Sitz Bonn, AG Bonn HRB 12947 - Ust-Id Nr: DE211482933
> ITConcepts Automotive GmbH Gf.: Sven Moog, Sitz Wolfsburg, AG Braunschweig HRB 204188 - Ust-Id Nr: DE223888748
> ITConcepts Operations GmbH Gf.: Sven Moog, Sitz Bonn, AG Bonn HRB 15454 - St.-Nr: 205/5726/0602
> 
> Diese E-Mail enthält vertrauliche und/oder rechtlich geschützte Informationen. Wenn Sie nicht der richtige Adressat sind
> oder diese E-Mail irrtümlich erhalten haben, informieren Sie bitte sofort den Absender und vernichten Sie diese Mail.
> Das unerlaubte Kopieren sowie die unbefugte Weitergabe dieser E-Mail sind nicht gestattet.
> 
> This e-mail may contain confidential and/or privileged information. If you are not the intended recipient
> (or have received this e-mail in error) please notify the sender immediately and destroy this e-mail.
> Any unauthorised copying, disclosure or distribution of the material in this e-mail is strictly forbidden.
> 
> 
> 
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> http://lists.evolveum.com/mailman/listinfo/midpoint
> 

-- 
Wojciech Staszewski
Administrator Systemów Sieciowych
tel. kom: 663 680 236
www.diagnostyka.pl
Diagnostyka Sp. z o. o.
ul. Prof. M. Życzkowskiego 16, 31-864 Kraków
Numer KRS: 0000381559 (Sąd Rejonowy dla Krakowa-Śródmieścia w Krakowie, XI Wydział Gospodarczy KRS)
NIP: 675-12-65-009; REGON: 356366975
Kapitał zakładowy: 33 756 500 zł.

Pomyśl o środowisku zanim wydrukujesz ten e-mail.