[midPoint] Unknown LDAP attribute pwdAccountLockedTime

Keith LeValley klevalley2 at davenport.edu
Thu Mar 25 20:32:16 CET 2021 

Attempting to set up a quick demo to show some colleagues some of the
capabilities of midpoint next week.  I setup an openldap connector using
the ldap connector and it has been working but now I am getting the
following error when I try to reconcile users:

ErrorGot unexpected exception: java.lang.IllegalArgumentException: Unknown
LDAP attribute pwdAccountLockedTime (translated from ICF attribute
pwdAccountLockedTime)
I used the openldap resource from github and to be honest I really don't
care about the ability to lock accounts for the demo if it's easy to simply
get around the error.  Below is the capabilities section of the connector
(if other sections are helpful I can get them also, it's just a really long
xml file so I didn't want to blow up the email)

<capabilities>
        <cachingMetadata>

<retrievalTimestamp>2021-03-25T15:06:15.623-04:00</retrievalTimestamp>
            <serialNumber>fe8e6c15dc55d43c-56ae57148f4f79d9</serialNumber>
        </cachingMetadata>
        <native xmlns:cap="
http://midpoint.evolveum.com/xml/ns/public/resource/capabilities-3">
            <cap:schema/>
            <cap:liveSync/>
            <cap:testConnection/>
            <cap:create/>
            <cap:update>
                <cap:delta>true</cap:delta>

<cap:addRemoveAttributeValues>true</cap:addRemoveAttributeValues>
            </cap:update>
            <cap:delete/>
            <cap:script>
                <cap:host>
                    <cap:type>connector</cap:type>
                </cap:host>
            </cap:script>
            <cap:activation>
                <cap:lockoutStatus/>
            </cap:activation>
            <cap:credentials>
                <cap:password>
                    <cap:returnedByDefault>false</cap:returnedByDefault>
                </cap:password>
            </cap:credentials>
            <cap:auxiliaryObjectClasses/>
            <cap:pagedSearch/>
            <cap:read>

<cap:returnDefaultAttributesOption>true</cap:returnDefaultAttributesOption>
            </cap:read>
        </native>
    </capabilities>

Thank you again for all your help you guys have provided.
-- 
Keith LeValley
Identity Services Architect, Davenport University
phone:  (616) 732-1102
klevalley2 at davenport.edu
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20210325/a1fe43dd/attachment.htm>

More information about the midPoint mailing list