[midPoint] Read-Only LDAP-Ressouce? Only pull data from LDAP resource?

Radovan Semancik radovan.semancik at evolveum.com
Mon Sep 14 10:14:40 CEST 2020


On 11. 9. 2020 20:05, Oliver Schonefeld via midPoint wrote:
> ...
> I'd like to tell midpoint, to just read some stuff but don't care
> otherwise about the data in the directory.
>
> ...


That's not really what midPoint was designed do to.

MidPoint likes when things in order - as they really should be, 
especially in LDAP directories. Especially in things that affect the 
schema. There are good reasons for that. If the schema is wrong, 
midPoint is not sure that it can interpret the data correctly. This is 
perhaps quite a low risk in LDAP, as attribute definitions are global. 
But midPoint is built to work with almost any system. And it may be a 
problem if there is a system with auxiliary object classes where 
auxiliary object classes would have conflicting attribute definitions. 
MidPoint wants to make sure it interprets the data correctly, as wrong 
interpretation may have severe consequences.

However, I know that reality is not always nice. If the auxiliary object 
classes are the problem (and they often are), there is a trick how to 
make midPoint to be a less of a nitpick. See "Read-only Auxiliary Object 
Classes" here: 
https://wiki.evolveum.com/display/midPoint/Auxiliary+Object+Classes


-- 
Radovan Semancik
Software Architect
evolveum.com




More information about the midPoint mailing list