[midPoint] Reading attributes without appropriate object class
Orlandis Brown
brownolb1 at gmail.com
Tue Jan 13 01:06:45 CET 2026
Our AD team populates eduPerson attributes for accounts, but apparently
does not provision them with the eduPerson object class. In order to read
from the eduPerson schema in midPoint, eduPerson needs to be an auxiliary
object class of the account object type. During synchronization, midPoint
attempts to modify the AD account with eduPerson object class. I would like
to override this behavior somehow, since the LDAP account used to bind does
not have permission to modify the object class.
How can I read eduPerson schema attributes without modifying the object
class of the source account?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20260112/d9d73a93/attachment.htm>
More information about the midPoint
mailing list