[midPoint] MidPoint gives error (OpenLDAP)

Parttimaa Jan jan.parttimaa at myy.haaga-helia.fi
Thu Nov 8 14:21:55 CET 2018


Hi Arnošt,


Thank you for the response. Here is my answers:


"can you see the 'gidNumber' attribute in GUI when you create new role manually (there is that tricky checkbox to show all attributes)?"


Yes. Here is the screenshot<https://haagahelia-my.sharepoint.com/:i:/g/personal/a1602738_myy_haaga-helia_fi/EVdscvFhPhRDrSMwmnp_MO8BGx170aBLp0WO3X8pzp3Fjw?e=imUs9g>.


"If you can't midpoint does not see your role schema extension. In your startup log there is a line 'Loading extension schemas from folder /home/....' or similar that points to the right folder for extensions. Are there any extension related problems in the log?"


I'm not sure. I took copy from my log file. Can you find something odd? Copy of the log is here: midpoint.log<https://haagahelia-my.sharepoint.com/:u:/g/personal/a1602738_myy_haaga-helia_fi/EXi1-vQly0BMlAo933RjCcIB3N6ONsBnNUoJj56PRQXmxA?e=gs0Uv3>. On this log there are no sensitive and private information.


"Also check your file and folder permissions if on linux."


My schema-folder (/opt/midpoint/var/schema) rights are following:


Octal: 0750

Group: root

Owner: root


And schema extension file (unix.xsd) was following ones:


Octal: 0744

Group: root

Owner: root


I also discover this error message on "Resource -> [my resource name] -> "Show using wizard":


screenshot2.PNG<https://haagahelia-my.sharepoint.com/:i:/g/personal/a1602738_myy_haaga-helia_fi/EbuDUktIqq5CkKcYfuKsuMQBrUW2RJBstZb_zYeNEV8YFg?e=SPJQFO>


Could this be the main problem for this issue?


Best Regards,

Jan Parttimaa


Jan Parttimaa

1602738,

Tietojenkäsittelyn koulutusohjelma,

Haaga-Helia ammattikorkeakoulu, Pasilan kampus


________________________________
Lähettäjä: midPoint <midpoint-bounces at lists.evolveum.com> käyttäjän Arnošt Starosta - AMI Praha a.s. <arnost.starosta at ami.cz> puolesta
Lähetetty: torstai 8. marraskuuta 2018 11.18
Vastaanottaja: midPoint General Discussion
Aihe: Re: [midPoint] MidPoint gives error (OpenLDAP)

Hi Jan,

can you see the 'gidNumber' attribute in GUI when you create new role manually (there is that tricky checkbox to show all attributes)?

If you can't midpoint does not see your role schema extension. In your startup log there is a line 'Loading extension schemas from folder /home/....' or similar that points to the right folder for extensions. Are there any extension related problems in the log? Also check your file and folder permissions if on linux.

arnost

st 7. 11. 2018 v 13:56 odesílatel Parttimaa Jan <jan.parttimaa at myy.haaga-helia.fi<mailto:jan.parttimaa at myy.haaga-helia.fi>> napsal:

Hi,


I'm trying to add new Posix group called "linux-group" to Midpoint but the Midpoint gives following error:


No target item that would conform to the path extension/gidNumber in mapping 'sequenceGID' in role:31ea66ac-1a8e-11e5-8ab8-001e8c717e5b(LDAP Unix Group Metarole) in delta for role:null(linux-group)


The complete error is in the attachments.


I have installed this schema<https://raw.githubusercontent.com/Evolveum/midpoint/master/testing/story/src/test/resources/schema/unix.xsd> to Midpoint on the following location ("/opt/midpoint/var/schema"). I have also checked this wiki article<https://wiki.evolveum.com/display/midPoint/LDAP+PosixAccount+and+PosixGroup+Management> (including imported all files in the table) and this blog post<https://evolveum.com/blog/simplifying-ldap-group-management-using-midpoint-posix-groups/>.


What should I do so I can make Posix groups?


I use MidPoint 3.8. OpenLDAP server has been connected successfully to MidPoint.


Best regards,

Jan Parttimaa


Jan Parttimaa

1602738,

Tietojenkäsittelyn koulutusohjelma,

Haaga-Helia ammattikorkeakoulu, Pasilan kampus

_______________________________________________
midPoint mailing list
midPoint at lists.evolveum.com<mailto:midPoint at lists.evolveum.com>
http://lists.evolveum.com/mailman/listinfo/midpoint


--



Arnošt Starosta
solution architect

gsm: [+420] 603 794 932
e‑mail: arnost.starosta at ami.cz<mailto:arnost.starosta at ami.cz>

AMI Praha a.s.
Pláničkova 11, 162 00 Praha 6

tel.: [+420] 274 783 239 | web: www.ami.cz<http://dtp.ami.cz/www.ami.cz>

[AMI Praha a.s.]

Textem tohoto e‑mailu podepisující neslibuje uzavřít ani neuzavírá za společnost AMI Praha a.s. jakoukoliv smlouvu. Každá smlouva, pokud bude uzavřena, musí mít výhradně písemnou formu.

Tento e‑mail je určen výhradně pro potřeby jeho adresáta/ů a může obsahovat důvěrné nebo osobní informace. Nejste‑li zamýšleným příjemcem, je zakázáno jakékoliv zveřejňování, zprostředkování nebo jiné použití těchto informací. Pokud jste obdrželi e‑mail neoprávněně, informujte o tom prosím odesílatele a vymažte neprodleně všechny kopie tohoto e‑mailu včetně všech jeho příloh. Nakládáním s neoprávněně získanými informacemi se vystavujete riziku právního postihu.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20181108/02a7bd17/attachment.htm>


More information about the midPoint mailing list