[midPoint] define custom schema for ldap resource

Jeria, Esteban esteban.jeria at cgi.com
Fri Jun 15 14:14:12 CEST 2018


Hi,

I have some more details about the problem that I have with the existing ldap resource schema. I noticed that the custom class is currently set as STRUCTURAL instead of AUXILIARY, so then when I try to modify any user attribute through midPoint, I have  an error attributeOrValueExists.
After some tests, I suspect that midPoint seems to always trying to add the auxiliary classes, no matter if they exist or not, but given that mine it is set to structural, it fail.

I afraid that overwriting the resource schema locally will not work, so is there any workaround for this situation?

Esteban Jeria
esteban.jeria at cgi.com<mailto:esteban.jeria at cgi.com>
Conseiller CGI / CGI Consultant
Sécurité - Gestion des Identités et des Accès / Security - Identity and Access Management
514-415-3000 ext.1018296

From: Jeria, Esteban [mailto:esteban.jeria at cgi.com]
Sent: Wednesday, June 13, 2018 12:11 PM
To: midPoint General Discussion
Cc: Landry, Robert
Subject: [midPoint] define custom schema for ldap resource

Hi,

I'm trying to figure out how to define an auxiliary object class to overwrite or extend a ldap resource schema.
We have an old Oracle Directory Server that has some custom classes which are not properly configured or they are incomplete, so instead of try to fix them, I was wondering if there is a way to use my own schema definition and add it to the one retrieved from resource at the run-time.
I looked in your wiki page and in this forum but all that I found is how to extend the midPoint schema and not the one of a resource.

---------
I tried adding the custom-ldap-extension.xsd on midPoint directory/schema

<xsd:schema elementFormDefault="qualified"
     targetNamespace="http://midpoint.evolveum.com/xml/ns/custom/ldap-extension"<https://urldefense.proofpoint.com/v2/url?u=http-3A__midpoint.evolveum.com_xml_ns_custom_ldap-2Dextension-2522&d=DwQFAw&c=H50I6Bh8SW87d_bXfZP_8g&r=3iM986yl1CVC_rjHiE-INe9tiSAFCd7Ih6_50tgvu0w&m=KXwaVHDVz_6Strc23dQEsouxgNLbWGqlUD2BbwE23Ng&s=ypxo-SYM7WrRtHOcw-wP-OLx4AyCQw5MoDheMXf6ugM&e=>
     xmlns:tns="http://midpoint.evolveum.com/xml/ns/custom/ldap-extension"
     xmlns:a="http://prism.evolveum.com/xml/ns/public/annotation-3"
     xmlns:ra="http://midpoint.evolveum.com/xml/ns/public/resource/annotation-3"
     xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
     xmlns:xsd="http://www.w3.org/2001/XMLSchema">

    <xsd:import namespace="http://prism.evolveum.com/xml/ns/public/annotation-3"/><https://urldefense.proofpoint.com/v2/url?u=http-3A__prism.evolveum.com_xml_ns_public_annotation-2D3-2522_-253E&d=DwQFAw&c=H50I6Bh8SW87d_bXfZP_8g&r=3iM986yl1CVC_rjHiE-INe9tiSAFCd7Ih6_50tgvu0w&m=KXwaVHDVz_6Strc23dQEsouxgNLbWGqlUD2BbwE23Ng&s=U024t1SEx4w_m973WOYjz_z3v8-i5XtKYQnK-BhVUp8&e=>
     <xsd:import namespace="http://midpoint.evolveum.com/xml/ns/public/resource/annotation-3"/><https://urldefense.proofpoint.com/v2/url?u=http-3A__midpoint.evolveum.com_xml_ns_public_resource_annotation-2D3-2522_-253E&d=DwQFAw&c=H50I6Bh8SW87d_bXfZP_8g&r=3iM986yl1CVC_rjHiE-INe9tiSAFCd7Ih6_50tgvu0w&m=KXwaVHDVz_6Strc23dQEsouxgNLbWGqlUD2BbwE23Ng&s=peOzWRtpuvEKq4SR7t959Bi-1zs87iPT74770SGfjF4&e=>

   <xsd:complexType name="customprofile">
      <xsd:annotation>
         <xsd:appinfo>
            <ra:resourceObject/>
            <ra:nativeObjectClass>customprofile</ra:nativeObjectClass>
         </xsd:appinfo>
      </xsd:annotation>

      <xsd:sequence>
         <xsd:element name="matricule" type="xsd:string" maxOccurs="unbounded" minOccurs="0">
            <xsd:annotation>
               <xsd:appinfo>
                  <a:displayOrder>150</a:displayOrder>
                  <ra:nativeAttributeName>matricule</ra:nativeAttributeName>
                  <ra:frameworkAttributeName>matricule</ra:frameworkAttributeName>
               </xsd:appinfo>
            </xsd:annotation>
         </xsd:element>
...

Then I restricted the schema definition to only the standard classes
...
      <schema>
         <generationConstraints>
             <generateObjectClass>ri:groupOfNames</generateObjectClass>
             <generateObjectClass>ri:inetOrgPerson</generateObjectClass>
             <generateObjectClass>ri:organizationalUnit</generateObjectClass>
             <generateObjectClass>ri:person</generateObjectClass>
         </generationConstraints>
...

And I added the reference to the namespace on the connector
           xmlns:ext="http://prism.evolveum.com/xml/ns/custom/ldap-extension"

but, I didn't find a way to make it work when trying to map the attributes from this class.


Esteban Jeria
esteban.jeria at cgi.com<mailto:esteban.jeria at cgi.com>
Conseiller CGI / CGI Consultant
Sécurité - Gestion des Identités et des Accès / Security - Identity and Access Management

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20180615/c80d8e26/attachment.htm>


More information about the midPoint mailing list