<html>
<head>
<meta content="text/html; charset=UTF-8" http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div class="moz-cite-prefix">Ah, this is a stupidity in original AD
connector that I've inherited.<br>
(And didn't have the courage to fix up to now.)<br>
Sorry for that.<br>
<br>
For groups, please use <b>samAccountName</b> (not sAMAccountName)
as for users.<br>
<br>
Best regards,<br>
Pavol<br>
<br>
</div>
<blockquote
cite="mid:CAFkZXY6Y_W7ptVSkE4K1Q+FCM3uYe5cUzr5fFC3RD2a6nRXGPg@mail.gmail.com"
type="cite">
<div dir="ltr">Spoke too soon, seems it errors when using
sAMAccountName under the object type,
<div><br>
</div>
<div><span style="color:rgb(185,74,72);font-family:'Helvetica
Neue',Helvetica,Arial,sans-serif;font-size:12px;line-height:17.142858505249px;background-color:rgb(242,222,222)">Definition
of attribute sAMAccountName not found in object class {<a
moz-do-not-send="true"
href="http://midpoint.evolveum.com/xml/ns/public/resource/instance-3%7DCustomGroupObjectClass">http://midpoint.evolveum.com/xml/ns/public/resource/instance-3}CustomGroupObjectClass</a> </span></div>
</div>
<div class="gmail_extra"><br>
<div class="gmail_quote">On Thu, Nov 27, 2014 at 4:40 PM, Jason
Everling <span dir="ltr"><<a moz-do-not-send="true"
href="mailto:jeverling@bshp.edu" target="_blank">jeverling@bshp.edu</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">
<div dir="ltr">Hah, nevermind, I just needed create a
attribute for sAMAccountName under the objecttype using
the +name+ outbound,
<div><br>
</div>
<div>JASON</div>
</div>
<div class="HOEnZb">
<div class="h5">
<div class="gmail_extra"><br>
<div class="gmail_quote">On Thu, Nov 27, 2014 at 4:36
PM, Jason Everling <span dir="ltr"><<a
moz-do-not-send="true"
href="mailto:jeverling@bshp.edu" target="_blank">jeverling@bshp.edu</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">
<div dir="ltr">Not sure why I didn't think about
that after looking at it so many times, working
now.
<div><br>
</div>
<div>One more question, the roles get created in
AD as groups now but it does not update the
sAMAccountName, so it created the
cn=tester,ou=groups,dc=test,dc=local and
common name is testers but the sAMAccountName
or the Group Name (Pre Windows 2000) is a
random value like $K61000-DN631FIPKSLL</div>
<div><br>
</div>
<div>How can that be fixed?</div>
<div><br>
</div>
<div>Thanks Again!</div>
<span><font color="#888888">
<div>JASON</div>
</font></span></div>
<div>
<div>
<div class="gmail_extra"><br>
<div class="gmail_quote">On Thu, Nov 27,
2014 at 4:18 PM, Pavol Mederly <span
dir="ltr"><<a moz-do-not-send="true"
href="mailto:mederly@evolveum.com"
target="_blank">mederly@evolveum.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote"
style="margin:0 0 0 .8ex;border-left:1px
#ccc solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000">
<div>Hello Jason,<br>
<br>
as far as I know, in Active
Directory CN is not updateable. It
suffices to create/update icfs:name
attribute, and CN is updated
automatically.<br>
<br>
So, I would suggest to drop outbound
mapping from CN attribute, i.e. this
one:<br>
<br>
<outbound><br>
<source><br>
<path>$focus/name</path><br>
</source><br>
</outbound><br>
<br>
Best regards,<br>
Pavol
<div>
<div><br>
<br>
On 27. 11. 2014 19:23, Jason
Everling wrote:<br>
</div>
</div>
</div>
<blockquote type="cite">
<div>
<div>
<div dir="ltr">I cannot figure
this one out, I followed the
groups sync in the wiki and
from the github samples along
with the metarole and role
template.
<div><br>
</div>
<div>When creating a role in
Midpoint it attempts to
create the group in AD but I
get an error, look at the
debug page it has the
correct DN and CN.</div>
<div><br>
</div>
<div><span><span>operation.com.evolveum.midpoint.model.impl.lens.ChangeExecutor.execute</span></span><span></span>
<div>
<ul
style="margin:0px;list-style:none
outside
none;padding:0px">
<li style="padding:1px
0px;list-style:none
outside
none;margin:0px;text-overflow:ellipsis;overflow:auto"><span>Security
violation during
processing shadow
shadow: null
(OID:null): Attempt
to add shadow with
non-createable
attribute {<a
moz-do-not-send="true"
href="http://midpoint.evolveum.com/xml/ns/public/resource/instance-3%7Dcn"
target="_blank">http://midpoint.evolveum.com/xml/ns/public/resource/instance-3}cn</a></span></li>
<li title="Fatal error"
style="padding:2px 0px
1px
25px;list-style:none
outside
none;margin:5px 0px
0px;text-overflow:ellipsis;overflow:auto;background-image:url(http://10.200.0.155/midpoint/img/messages-error-icon.png);background-repeat:no-repeat"><span
style="margin-top:0px">Security violation during processing shadow
shadow: null
(OID:null): Attempt
to add shadow with
non-createable
attribute {<a
moz-do-not-send="true"
href="http://midpoint.evolveum.com/xml/ns/public/resource/instance-3%7Dcn"
target="_blank">http://midpoint.evolveum.com/xml/ns/public/resource/instance-3}cn</a></span></li>
</ul>
</div>
</div>
<div>
<div><br>
</div>
<div>
<table>
<tbody>
<tr>
<th
style="padding:5px;line-height:1.428571429;vertical-align:top;border:1px
solid
rgb(221,221,221);background-color:rgb(249,249,249)">Activity</th>
<th
style="padding:5px;line-height:1.428571429;vertical-align:top;border:1px
solid
rgb(221,221,221);background-color:rgb(249,249,249)">Status</th>
<th
style="padding:5px;line-height:1.428571429;vertical-align:top;border:1px
solid
rgb(221,221,221);background-color:rgb(249,249,249)">Resource
object (if
applicable)</th>
</tr>
<tr>
<td
style="padding:5px;line-height:1.428571429;vertical-align:top;border:1px
solid
rgb(221,221,221)"><span>Computing
projections of
the focus object</span></td>
<td
style="padding:5px;line-height:1.428571429;vertical-align:top;border:1px
solid
rgb(221,221,221)"><span
title="SUCCESS"
style="color:rgb(70,136,71);display:inline-block;font-family:FontAwesome;line-height:0.75em;font-size:1.33333333333333em;vertical-align:-15%;width:1.28571428571429em;text-align:center"></span><br>
</td>
<td
style="padding:5px;line-height:1.428571429;vertical-align:top;border:1px
solid
rgb(221,221,221)"><span></span><br>
</td>
</tr>
<tr>
<td
style="padding:5px;line-height:1.428571429;vertical-align:top;border:1px
solid
rgb(221,221,221);background-color:rgb(249,249,249)"><span>Entitlement
(group) on
Active Directory</span></td>
<td
style="padding:5px;line-height:1.428571429;vertical-align:top;border:1px
solid
rgb(221,221,221);background-color:rgb(249,249,249)"><span
title="FATAL_ERROR"
style="color:rgb(185,74,72);display:inline-block;font-family:FontAwesome;line-height:0.75em;font-size:1.33333333333333em;vertical-align:-15%;width:1.28571428571429em;text-align:center"></span><br>
</td>
<td
style="padding:5px;line-height:1.428571429;vertical-align:top;border:1px
solid
rgb(221,221,221);background-color:rgb(249,249,249)"><span>Add:Fatal
error ->
cn=TESTER,ou=Groups,dc=test,dc=local</span></td>
</tr>
</tbody>
</table>
</div>
<div><br>
</div>
<div>I attached the AD
Resource, Role Template,
and MetaRole</div>
</div>
</div>
<br>
</div>
</div>
<font><br>
<br>
CONFIDENTIALITY NOTICE:<br>
This e-mail together with any
attachments is proprietary and
confidential; intended for only
the recipient(s) named above and
may contain information that is
privileged. You should not retain,
copy or use this e-mail or any
attachments for any purpose, or
disclose all or any part of the
contents to any person. Any views
or opinions expressed in this
e-mail are those of the author and
do not represent those of the
Baptist School of Health
Professions. If you have received
this e-mail in error, or are not
the named recipient(s), you are
hereby notified that any review,
dissemination, distribution or
copying of this communication is
prohibited by the sender and to do
so might constitute a violation of
the Electronic Communications
Privacy Act, 18 U.S.C. section
2510-2521. Please immediately
notify the sender and delete this
e-mail and any attachments from
your computer. </font><br>
<br>
<fieldset></fieldset>
<br>
<pre>_______________________________________________
midPoint mailing list
<a moz-do-not-send="true" href="mailto:midPoint@lists.evolveum.com" target="_blank">midPoint@lists.evolveum.com</a>
<a moz-do-not-send="true" href="http://lists.evolveum.com/mailman/listinfo/midpoint" target="_blank">http://lists.evolveum.com/mailman/listinfo/midpoint</a>
</pre>
</blockquote>
<br>
</div>
<br>
_______________________________________________<br>
midPoint mailing list<br>
<a moz-do-not-send="true"
href="mailto:midPoint@lists.evolveum.com"
target="_blank">midPoint@lists.evolveum.com</a><br>
<a moz-do-not-send="true"
href="http://lists.evolveum.com/mailman/listinfo/midpoint"
target="_blank">http://lists.evolveum.com/mailman/listinfo/midpoint</a><br>
<br>
</blockquote>
</div>
<br>
</div>
</div>
</div>
</blockquote>
</div>
<br>
</div>
</div>
</div>
</blockquote>
</div>
<br>
</div>
<br>
<font size="2"><br>
<br>
CONFIDENTIALITY NOTICE:<br>
This e-mail together with any attachments is proprietary and
confidential; intended for only the recipient(s) named above and
may contain information that is privileged. You should not
retain, copy or use this e-mail or any attachments for any
purpose, or disclose all or any part of the contents to any
person. Any views or opinions expressed in this e-mail are those
of the author and do not represent those of the Baptist School
of Health Professions. If you have received this e-mail in
error, or are not the named recipient(s), you are hereby
notified that any review, dissemination, distribution or copying
of this communication is prohibited by the sender and to do so
might constitute a violation of the Electronic Communications
Privacy Act, 18 U.S.C. section 2510-2521. Please immediately
notify the sender and delete this e-mail and any attachments
from your computer. </font><br>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
midPoint mailing list
<a class="moz-txt-link-abbreviated" href="mailto:midPoint@lists.evolveum.com">midPoint@lists.evolveum.com</a>
<a class="moz-txt-link-freetext" href="http://lists.evolveum.com/mailman/listinfo/midpoint">http://lists.evolveum.com/mailman/listinfo/midpoint</a>
</pre>
</blockquote>
<br>
</body>
</html>