<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40"><head><meta http-equiv=Content-Type content="text/html; charset=utf-8"><meta name=Generator content="Microsoft Word 12 (filtered medium)"><!--[if !mso]><style>v\:* {behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}
</style><![endif]--><style><!--
/* Font Definitions */
@font-face
{font-family:Wingdings;
panose-1:5 0 0 0 0 0 0 0 0 0;}
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;}
@font-face
{font-family:Consolas;
panose-1:2 11 6 9 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
margin-bottom:.0001pt;
font-size:10.0pt;
font-family:"Tahoma","sans-serif";
color:#1F497D;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
pre
{mso-style-priority:99;
mso-style-link:"Préformaté HTML Car";
margin:0cm;
margin-bottom:.0001pt;
font-size:10.0pt;
font-family:"Courier New";
color:black;}
p.MsoAcetate, li.MsoAcetate, div.MsoAcetate
{mso-style-priority:99;
mso-style-link:"Texte de bulles Car";
margin:0cm;
margin-bottom:.0001pt;
font-size:8.0pt;
font-family:"Tahoma","sans-serif";
color:#1F497D;}
p.MsoListParagraph, li.MsoListParagraph, div.MsoListParagraph
{mso-style-priority:34;
margin-top:0cm;
margin-right:0cm;
margin-bottom:0cm;
margin-left:36.0pt;
margin-bottom:.0001pt;
font-size:10.0pt;
font-family:"Tahoma","sans-serif";
color:#1F497D;}
span.PrformatHTMLCar
{mso-style-name:"Préformaté HTML Car";
mso-style-priority:99;
mso-style-link:"Préformaté HTML";
font-family:Consolas;
color:#1F497D;}
span.TextedebullesCar
{mso-style-name:"Texte de bulles Car";
mso-style-priority:99;
mso-style-link:"Texte de bulles";
font-family:"Tahoma","sans-serif";
color:#1F497D;}
span.EmailStyle22
{mso-style-type:personal;
font-family:"Tahoma","sans-serif";
color:#1F497D;}
span.EmailStyle23
{mso-style-type:personal;
font-family:"Tahoma","sans-serif";
color:#1F497D;}
span.EmailStyle24
{mso-style-type:personal;
font-family:"Tahoma","sans-serif";
color:#1F497D;}
span.message-info
{mso-style-name:message-info;}
span.EmailStyle26
{mso-style-type:personal-reply;
font-family:"Tahoma","sans-serif";
color:#1F497D;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:612.0pt 792.0pt;
margin:70.85pt 70.85pt 70.85pt 70.85pt;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]--></head><body bgcolor=white lang=FR link=blue vlink=purple><div class=WordSection1><p class=MsoNormal><span lang=EN-US style='color:#1F497D'>Hey Ivan,<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US style='color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span lang=EN-US style='color:#1F497D'>OK to test that OpenLDAP attribute. But I’m using out of the box OpenLDAP so if there’s something to activate it wouldn’t work on my current system ...<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US style='color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span lang=EN-US style='color:#1F497D'>Some comes the question about modifying an object.<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US style='color:#1F497D'>I know how to create and delete object but not how to modify one. Importing it again (with same OID) just tells me object already exists and doesn’t overwrite it.<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US style='color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span lang=EN-US style='color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span lang=EN-US style='color:#1F497D'>Regards,<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US style='color:#1F497D'>Salim<o:p></o:p></span></p><div><p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'><o:p> </o:p></span></p></div><p class=MsoNormal><span lang=EN-US style='color:#1F497D'><o:p> </o:p></span></p><div><div style='border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0cm 0cm 0cm'><p class=MsoNormal><b><span style='color:windowtext'>De :</span></b><span style='color:windowtext'> midpoint-bounces@lists.evolveum.com [mailto:midpoint-bounces@lists.evolveum.com] <b>De la part de</b> Ivan Noris<br><b>Envoyé :</b> jeudi 18 juillet 2013 12:32<br><b>À :</b> midpoint@lists.evolveum.com<br><b>Objet :</b> Re: [midPoint] New to midpoint, trying to figure out how things work<o:p></o:p></span></p></div></div><p class=MsoNormal><o:p> </o:p></p><p class=MsoNormal style='margin-bottom:12.0pt'>Hi Salim,<o:p></o:p></p><div><p class=MsoNormal>On 07/18/2013 12:05 PM, Salim Boulkour wrote:<o:p></o:p></p></div><blockquote style='margin-top:5.0pt;margin-bottom:5.0pt'><p class=MsoNormal>Hi Ivan,<o:p></o:p></p><p class=MsoNormal> <o:p></o:p></p><p class=MsoNormal><span lang=EN-US>I’ve been using Opera, and the green bar stating the success of the import didn’t show up, nor a orange or red one saying a problem occurred.</span><o:p></o:p></p><p class=MsoNormal><span lang=EN-US>I tried with Firefox and now have the detailed errors about the XML import </span><span lang=EN-US style='font-family:Wingdings'>J</span><o:p></o:p></p></blockquote><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Times New Roman","serif";color:black'><br>Great, so this was/is opera problem. I'll check this browser support status. Meanwhile please continue evaluating/testing with Firefox or Chrome (these are the best).<br><br><br><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US> </span><o:p></o:p></p><p class=MsoNormal><span lang=EN-US>The advanced schema doesn’t work out of the box with OpenLDAP.</span><o:p></o:p></p><p class=MsoNormal><span lang=EN-US>Midpoint is looking for ‘<span class=message-info>ds-pwp-account-disabled’ wich is specific to OpenDS from what I understood. So I used values 0 and 1 in attribute ‘roomNumber’ to get rid of related errors.</span></span><o:p></o:p></p><p class=MsoNormal style='margin-bottom:12.0pt'><span style='font-size:12.0pt;font-family:"Times New Roman","serif";color:black'><br>Yes, that attribute is specific to OpenDS / OpenDJ to support account activation/deactivation (enable/disable). I don't have OpenLDAP configured right now, so just by googling I've found:<o:p></o:p></span></p><pre>pwdAccountLockedTime: 000001010000Z<o:p></o:p></pre><p class=MsoNormal style='margin-bottom:12.0pt'><span style='font-size:12.0pt;font-family:"Times New Roman","serif";color:black'><br>(the value above means account is locked, from <a href="http://comments.gmane.org/gmane.network.openldap.general/40519">http://comments.gmane.org/gmane.network.openldap.general/40519</a>)<br><br>To configure your resource, this <b>might</b> work:<o:p></o:p></span></p><pre> <capabilities xmlns:cap=<a href="http://midpoint.evolveum.com/xml/ns/public/resource/capabilities-2">"http://midpoint.evolveum.com/xml/ns/public/resource/capabilities-2"</a>><o:p></o:p></pre><pre> <configured><o:p></o:p></pre><pre> <cap:activation><o:p></o:p></pre><pre> <cap:enableDisable><o:p></o:p></pre><pre> <cap:attribute>ri:pwdAccountLockedTime</cap:attribute><o:p></o:p></pre><pre> <cap:enableValue/><o:p></o:p></pre><pre> <cap:disableValue>000001010000Z</cap:disableValue><o:p></o:p></pre><pre> </cap:enableDisable><o:p></o:p></pre><pre> </cap:activation><o:p></o:p></pre><pre> </configured><o:p></o:p></pre><pre> </capabilities><o:p></o:p></pre><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Times New Roman","serif";color:black'><br>But it is only a long shot, can't test it now. Anyway your test with other attribute (roomNumber) should have already showed you how the activation works. Please if the above example works, tell us. Also, if it does not :)<br><br><br><o:p></o:p></span></p><p class=MsoNormal><span class=message-info><span lang=EN-US> </span></span><o:p></o:p></p><p class=MsoNormal><span class=message-info><span lang=EN-US> </span></span><o:p></o:p></p><p class=MsoNormal><span class=message-info><span lang=EN-US>For short, thanks to your help, I managed to make it work !</span></span><o:p></o:p></p><p class=MsoNormal><span class=message-info><span lang=EN-US> </span></span><o:p></o:p></p><p class=MsoNormal><span class=message-info><span lang=EN-US>Next steps : roles, and role based provisioning.</span></span><o:p></o:p></p><p class=MsoNormal><span class=message-info><span lang=EN-US>I might send some more questions later in the day ;)</span></span><o:p></o:p></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Times New Roman","serif";color:black'><br>Feel free to contact us :)<br>Thanks for the feedback.<br><br>Regards,<br>Ivan<br><br><br><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US> </span><o:p></o:p></p><p class=MsoNormal><span lang=EN-US> </span><o:p></o:p></p><p class=MsoNormal><span lang=EN-US> </span><o:p></o:p></p><p class=MsoNormal><span lang=EN-US>Regards,</span><o:p></o:p></p><div><p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif"'>Salim</span><o:p></o:p></p></div><p class=MsoNormal><span lang=EN-US> </span><o:p></o:p></p><div><div style='border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0cm 0cm 0cm'><p class=MsoNormal><b><span style='color:windowtext'>De :</span></b><span style='color:windowtext'> <a href="mailto:midpoint-bounces@lists.evolveum.com">midpoint-bounces@lists.evolveum.com</a> [<a href="mailto:midpoint-bounces@lists.evolveum.com">mailto:midpoint-bounces@lists.evolveum.com</a>] <b>De la part de</b> Ivan Noris<br><b>Envoyé :</b> mercredi 17 juillet 2013 23:06<br><b>À :</b> midPoint General Discussion<br><b>Objet :</b> Re: [midPoint] New to midpoint, trying to figure out how things work</span><o:p></o:p></p></div></div><p class=MsoNormal> <o:p></o:p></p><p class=MsoNormal style='margin-bottom:12.0pt'>Hi Salim,<br><br>the top right thing may be related to your browser (but this is just a guess). In current trunk (2.2) midPoint I haven't seen this (but I remember I have seen it some time ago). What browser is this?<br><br>But: after importing a resource, did you see a green/red bar above the upload button (in the page body)? This should be the result, and it is clickable to show some subresults. See attached screenshot.<br><br>But - if you see the resource in the RESOURCES page, with "?" icon, that becomes green after clicking, the test connection is successfull and you have imported it successfully.<br><br>To use "automatic" filling of the values, the sample you have imported is "too basic" :-) It has no configuration for such things, you can only manually fill the account attributes.<br><br>For more real-world example, please use the "opendj-localhost-resource-sync-no-extension-advanced.xml" sample. This sample is configured for both-way synchronization and provisioning, but you don't need the synchronization for using the provisioning.<br><br>In this sample, the sn, cn, uid attributes are mapped to midPoint user attributes and DN is constructed using midPoint name and ou=people,dc=example,dc=com suffix (be sure to change if your suffix differs). There are also some other attributes, but these are the mandatory for directory servers.<br><br>You can see how the attributes are mapped in the sample, see <schemaHandling> section and the LDAP attributes and their <outbound> expressions. To understand it further, please see at least:<br><br><a href="https://wiki.evolveum.com/display/midPoint/Mappings+and+Expressions">https://wiki.evolveum.com/display/midPoint/Mappings+and+Expressions</a><br><br>and pages referenced from there. But you should get an idea just by looking.<br><br>Good luck!<br><br>Regards,<br>Ivan<o:p></o:p></p><div><p class=MsoNormal>On 07/17/2013 05:38 PM, Salim Boulkour wrote:<o:p></o:p></p></div><blockquote style='margin-top:5.0pt;margin-bottom:5.0pt'><p class=MsoNormal><span lang=EN-US>Hey Ivan,</span><o:p></o:p></p><p class=MsoNormal><span lang=EN-US> </span><o:p></o:p></p><p class=MsoNormal><span lang=EN-US>Thanks for your feedback.</span><o:p></o:p></p><p class=MsoNormal><span lang=EN-US>I’ve been trying to create a new resource with the basic OpenDJ sample. Couldn’t find simpler LDAP example (renamed in “Basic OpenLDAP” here)</span><o:p></o:p></p><p class=MsoNormal><span lang=EN-US> </span><o:p></o:p></p><p class=MsoNormal><span lang=EN-US>I replaced few things like the admin, the secret, the IP adress and the base DN.</span><o:p></o:p></p><p class=MsoNormal><span lang=EN-US>When importing I have no error in logs :</span><o:p></o:p></p><p class=MsoNormal><span lang=EN-US>2013-07-17 17:27:54,988 [MODEL] [http-8080-1] INFO (com.evolveum.midpoint.model.importer.ObjectImporter): Imported object <a href="resource:bc5a0cea-10c8-4b04-b4c9-d28c4a638992%28Basic">resource:bc5a0cea-10c8-4b04-b4c9-d28c4a638992(Basic</a> OpenLDAP)</span><o:p></o:p></p><p class=MsoNormal><span lang=EN-US> </span><o:p></o:p></p><p class=MsoNormal><span lang=EN-US>But I get the red error message on the top right with no more clue :</span><o:p></o:p></p><p class=MsoNormal><img border=0 width=160 height=48 id="_x0000_i1025" src="cid:image001.png@01CE83D0.9F09F830"><o:p></o:p></p><p class=MsoNormal><span lang=EN-US> </span><o:p></o:p></p><p class=MsoNormal><span lang=EN-US>In the resources page, the Basic OpenLDAP is here, but status info stay at “?”. When testing connexion everything turns to green.</span><o:p></o:p></p><p class=MsoNormal><span lang=EN-US>So, is there a bug here ?</span><o:p></o:p></p><p class=MsoNormal><span lang=EN-US> </span><o:p></o:p></p><p class=MsoNormal><span lang=EN-US> </span><o:p></o:p></p><p class=MsoNormal><span lang=EN-US>Then, I try to attache an account to an already created user.</span><o:p></o:p></p><p class=MsoNormal><span lang=EN-US>Fillin’ in the account attributes doesn’t work. How can I use attributes from the user to fill in the account attributes ? (variable operator ?)</span><o:p></o:p></p><p class=MsoNormal><span lang=EN-US> </span><o:p></o:p></p><p class=MsoNormal><span lang=EN-US> </span><o:p></o:p></p></blockquote><p class=MsoNormal><span style='font-size:12.0pt'><br><br><br><br></span><o:p></o:p></p><pre>-- <o:p></o:p></pre><pre> Ing. Ivan Noris<o:p></o:p></pre><pre> Consultant<o:p></o:p></pre><pre> Evolveum, s.r.o<o:p></o:p></pre><pre> ___________________________________________________<o:p></o:p></pre><pre> "Semper cautus - semper paratus - semper idem Vix."<o:p></o:p></pre><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Times New Roman","serif";color:black'><br><br><br><o:p></o:p></span></p><pre>_______________________________________________<o:p></o:p></pre><pre>midPoint mailing list<o:p></o:p></pre><pre><a href="mailto:midPoint@lists.evolveum.com">midPoint@lists.evolveum.com</a><o:p></o:p></pre><pre><a href="http://lists.evolveum.com/mailman/listinfo/midpoint">http://lists.evolveum.com/mailman/listinfo/midpoint</a><o:p></o:p></pre><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Times New Roman","serif";color:black'><br><br><o:p></o:p></span></p><pre>-- <o:p></o:p></pre><pre> Ing. Ivan Noris<o:p></o:p></pre><pre> Consultant<o:p></o:p></pre><pre> Evolveum, s.r.o<o:p></o:p></pre><pre> ___________________________________________________<o:p></o:p></pre><pre> "Semper cautus - semper paratus - semper idem Vix."<o:p></o:p></pre></div></body></html>