[midPoint] Override LDAP resource password with user schema extension value in role inducement

Rene Zeipelt zeipelt at uni-wuppertal.de
Wed Nov 11 11:29:20 CET 2020 

Hello, again, not really solved because mp does not send out the extra 
password to the resource (but it saves a hash).
At your wiki 
https://wiki.evolveum.com/display/midPoint/Custom+Schema+Extension the 
ProtectedStringType is listed (as a secondaryPassword).
So how can I implement this to sync to a LDAP (OpenLDAP) resource account?
Changes of other (extension) attributes are detected and are provided to 
the resource in contrast to that type.
Thanks for any help.
Regards
Rene Zeipelt

Am 10.11.2020 um 08:08 schrieb Rene Zeipelt via midPoint:
> Hello, solved by a extra resource definition with its own credentials 
> sync:
> ...
> <credentials>
>   <password>
>     <outbound>
>       <source>
>         <path>$focus/extension/fa_vpn_pwd_1</path>
>       </source>
>     </outbound>
>   </password>
> </credentials>
> ...
> Role inducement for extra account link to the new resource and 
> correlation aims to the new extra uid.
> Sorry for noise.
> Best Regards
> Rene Zeipelt
>
> Am 09.11.2020 um 14:44 schrieb Rene Zeipelt via midPoint:
>> Hello,
>> we are testing to save a second accounts with extra uid and password 
>> for a LDAP resource.
>> So we extend the UserType to save the values and define a role with 
>> the inducement
>> account construction. In the LDAP resource schema handling we set
>> ...
>> <credentials>
>>   <password>
>>     <outbound/>
>>   </password>
>> </credentials>
>> ...
>> Now we want to override that password by the role inducement account 
>> construction.
>> Is this handle by the userPassword attribute or is it not possible to 
>> change it in that way?
>> Thanks for any help.
>> Regards
>> Rene Zeipelt
>>
>>
>> _______________________________________________
>> midPoint mailing list
>> midPoint at lists.evolveum.com
>> https://lists.evolveum.com/mailman/listinfo/midpoint
>
>
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> https://lists.evolveum.com/mailman/listinfo/midpoint


-- 
_________________________________________________________

BERGISCHE UNIVERSITÄT WUPPERTAL
Zentrum fuer Informations- und Medienverarbeitung - ZIM

Gaussstr. 20
D-42097 Wuppertal (Germany)

room  : P.06.09
phone : +49 202 439 2236
fax   : +49 202 439 2910
e-mail: zeipelt at uni-wuppertal.de
_________________________________________________________

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20201111/5f3c5d7a/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5341 bytes
Desc: S/MIME Cryptographic Signature
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20201111/5f3c5d7a/attachment.bin>

More information about the midPoint mailing list