[midPoint] LDAP objectClass attribute

Petr Gašparík - AMI Praha a.s. petr.gasparik at ami.cz
Sun Nov 5 09:31:23 CET 2017


Hi guys,
we have some serious troubles working with objectClass attributes.

Situation:
- in LDAP, there is a lot of users with different objectClasses (7 to 20).
- in midPoint, we need to manage only few of them
(objectclass=person, objectclass=organizationalperson,
objectclass=inetorgperson, objectclass=inetUser, objectclass=top,
objectclass=inetMailUser, objectclass=cpostUser,
with inetOrgPerson being structural)

*Now, intented behaviour is:*
- set objectClass if there is less than minimal set (6, mentioned above)
- don't care about the rest (if ther is more than that)

So far
- we were able to set LDAP connector to add missing objectClass, BUT that
removes excessive objectClass (unwanted behaviour, a loss of services)
- we can also specify all possible objectClasses, BUT that also adds
unnecessary objectClasses (unwanted, add services)

Thanks to you all that tries to help us!

--

s pozdravem

Petr Gašparík
solution architect

gsm: [+420] 603 523 860
mail: petr.gasparik at ami.cz


AMI Praha a.s.
Pláničkova 11
162 00 Praha 6
tel.: [+420] 274 783 239
web: www.ami.cz


[image: AMI Praha a.s.]

Textem tohoto e-mailu podepisující neslibuje uzavřít ani neuzavírá za
společnost AMI Praha a.s.
jakoukoliv smlouvu. Každá smlouva, pokud bude uzavřena, musí mít výhradně
písemnou formu.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20171105/6e1aa4f1/attachment.htm>


More information about the midPoint mailing list