[midPoint] Unknown LDAP attribute pwdAccountLockedTime

Fri Mar 26 05:36:34 CET 2021

Hi Keith,

try to put
<icfcldap:operationalAttributes>pwdAccountLockedTime
</icfcldap:operationalAttributes>
to resource configurationProperties:
https://wiki.evolveum.com/display/midPoint/OpenLDAP#OpenLDAP-ConnectorConfigurationExample

best regards

Gustav

št 25. 3. 2021 o 20:32 Keith LeValley via midPoint <
midpoint at lists.evolveum.com> napísal(a):

> Attempting to set up a quick demo to show some colleagues some of the
> capabilities of midpoint next week.  I setup an openldap connector using
> the ldap connector and it has been working but now I am getting the
> following error when I try to reconcile users:
>
> ErrorGot unexpected exception: java.lang.IllegalArgumentException:
> Unknown LDAP attribute pwdAccountLockedTime (translated from ICF attribute
> pwdAccountLockedTime)
> I used the openldap resource from github and to be honest I really don't
> care about the ability to lock accounts for the demo if it's easy to simply
> get around the error.  Below is the capabilities section of the connector
> (if other sections are helpful I can get them also, it's just a really long
> xml file so I didn't want to blow up the email)
>
> <capabilities>
>         <cachingMetadata>
>
> <retrievalTimestamp>2021-03-25T15:06:15.623-04:00</retrievalTimestamp>
>             <serialNumber>fe8e6c15dc55d43c-56ae57148f4f79d9</serialNumber>
>         </cachingMetadata>
>         <native xmlns:cap="
> http://midpoint.evolveum.com/xml/ns/public/resource/capabilities-3">
>             <cap:schema/>
>             <cap:liveSync/>
>             <cap:testConnection/>
>             <cap:create/>
>             <cap:update>
>                 <cap:delta>true</cap:delta>
>
> <cap:addRemoveAttributeValues>true</cap:addRemoveAttributeValues>
>             </cap:update>
>             <cap:delete/>
>             <cap:script>
>                 <cap:host>
>                     <cap:type>connector</cap:type>
>                 </cap:host>
>             </cap:script>
>             <cap:activation>
>                 <cap:lockoutStatus/>
>             </cap:activation>
>             <cap:credentials>
>                 <cap:password>
>                     <cap:returnedByDefault>false</cap:returnedByDefault>
>                 </cap:password>
>             </cap:credentials>
>             <cap:auxiliaryObjectClasses/>
>             <cap:pagedSearch/>
>             <cap:read>
>
> <cap:returnDefaultAttributesOption>true</cap:returnDefaultAttributesOption>
>             </cap:read>
>         </native>
>     </capabilities>
>
> Thank you again for all your help you guys have provided.
> --
> Keith LeValley
> Identity Services Architect, Davenport University
> phone:  (616) 732-1102
> klevalley2 at davenport.edu
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> https://lists.evolveum.com/mailman/listinfo/midpoint
>

-- 
s pozdravom

Gustáv Pálos
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20210326/bc4ed145/attachment-0001.htm>