[midPoint] Read-Only LDAP-Ressouce? Only pull data from LDAP resource?
Radovan Semancik
radovan.semancik at evolveum.com
Mon Sep 14 10:14:40 CEST 2020
On 11. 9. 2020 20:05, Oliver Schonefeld via midPoint wrote:
> ...
> I'd like to tell midpoint, to just read some stuff but don't care
> otherwise about the data in the directory.
>
> ...
That's not really what midPoint was designed do to.
MidPoint likes when things in order - as they really should be,
especially in LDAP directories. Especially in things that affect the
schema. There are good reasons for that. If the schema is wrong,
midPoint is not sure that it can interpret the data correctly. This is
perhaps quite a low risk in LDAP, as attribute definitions are global.
But midPoint is built to work with almost any system. And it may be a
problem if there is a system with auxiliary object classes where
auxiliary object classes would have conflicting attribute definitions.
MidPoint wants to make sure it interprets the data correctly, as wrong
interpretation may have severe consequences.
However, I know that reality is not always nice. If the auxiliary object
classes are the problem (and they often are), there is a trick how to
make midPoint to be a less of a nitpick. See "Read-only Auxiliary Object
Classes" here:
https://wiki.evolveum.com/display/midPoint/Auxiliary+Object+Classes
--
Radovan Semancik
Software Architect
evolveum.com
More information about the midPoint
mailing list