[midPoint] OpenLDAP, can't search users, NumberFormatException.

Wojciech Staszewski wojciech.staszewski at diagnostyka.pl
Sat Feb 3 15:10:47 CET 2018 

Well, there are some inconsistencies between LDAP Integer and Java
Integer format.

LDAP:

/RFC 4517, chap. 3.3.16 : 3.3.16. Integer A value of the Integer syntax
is a //*whole number of *unlimited magnitude**//. The LDAP-specific encoding of a value of this syntax is the optionally
signed decimal digit character string representation of the number (for
example, the number 1321 is represented by the character string "1321")./

As you can see, the maximum value of LDAP integer is practically
*unlimited*.
But if the connector recognizes the LDAP Integer value it uses Java
integer for that which has hard limit: 2^31.

What interesting, setting "long" in the connector schema to override
that, does not work.
I don't know if this is Java or connector issue, probably the connector.

Can I do something with it without getting a Java doctorate?

Regards
WS


W dniu 03.02.2018 o 12:27, Wojciech Staszewski pisze:
>
> Hello!
>
> I'm trying to configure OpenLDAP resource. I am using for the users
> some other objectClasses, i.e: "sambaSamAccount".
>
> In the user section of SchemaHandling I added the auxiliaryObjectClasses:
>
> <auxiliaryObjectClass>ri:sambaSamAccount</auxiliaryObjectClass>
>
> But if I go to the resource and try to browse accounts I have an error:
>
> /Operation//*
> operation.com.evolveum.midpoint.web.component.data.SelectableBeanObjectDataProvider.searchObjects*/
>
>
> /Message//
> //Couldn't list objects./
>
> /Error//
> //Got unexpected exception: java.lang.NumberFormatException: For input
> string: "87730534435"/
>
> The numeric value that is causing error comes from the
> "sambaPwdMustChange" attribute from the "sambaSamAccount" object class.
> This the only place in my LDAP where this particular value exists.
>
> In the schema section of resource configuration it was recognized as
> Integer data type, as in the ldap schema extension this is integer:
>
> /attributetype ( 1.3.6.1.4.1.7165.2.1.29 NAME 'sambaPwdMustChange'//
> //        DESC 'Timestamp of when the password will expire'//
> //        EQUALITY integerMatch//
> //        SYNTAX 1.3.6.1.4.1.1466.115.121.1.27 SINGLE-VALUE )/
>
> I modifed the resource schema manually and set this attribute as
> "long" and also tried "string" but the error is still the same.
>
> I tried to use different connector version, from 1.4.4 up to 1.5.1 and
> this not helped.
> Midpoint version 3.7-post-fixes from yesterday's build.
>
> Any ideas?
> Thanks a lot!
> WS
>
>
>
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> http://lists.evolveum.com/mailman/listinfo/midpoint
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20180203/13e8e2f6/attachment.htm>

More information about the midPoint mailing list