Thx Pavol! That is getting me very close ... <br><br>Took a while to figure out just how to do it; the documentation can be clearer; e.g. where<br>the value of ObjectClassesExtensionFile is set and which system it should be stored on. I<br>saw a ref in the UI that seemed to allow for this, but this didn't work for me.<br><br>I have defined my custom schema entries in the AccountObjectClass section and can<br>retrieve and set values if my auxiliary objectClass is present on the user. Obviously<br>creating an account with schema extension fails as newly created users will not have<br>the auxiliary objectClass (yet).<br><br>I was hoping it is possible to override the objectClasses in the schema handling, but<br>can't find an example. The other option, I guess, would be to use the the custom<br>schema feature of ObjectClassesExtensionFile, but I have a few questions on this:<br>1) Is the objectClass type always Tenant?<br>2) Does this add an objectClass in addition of the user class or instead of the user class?<br>3) How / when are the custom scripts called?<br>4) Is there examples on how to use the custom schema feature?<br><br>Thx!<br><br>Regards,<br> Anton<br><br><br><blockquote style="margin-right: 0px; margin-left:15px;">----Original message----<br>From : mederly@evolveum.com<br>Date : 02/07/2015 - 15:17 (BST)<br>To : midpoint@lists.evolveum.com<br>Subject : Re: [midPoint] Active Directory and custom attributes & auxiliary objectclass<br><br>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
<div class="moz-cite-prefix">Hello Anton,<br>
<br>
the AD connector schema can now be extended via configuration.
Please see <a href="https://wiki.evolveum.com/display/midPoint/Extending+AD+and+Exchange+Connector+Schema+HOWTO">https://wiki.evolveum.com/display/midPoint/Extending+AD+and+Exchange+Connector+Schema+HOWTO</a>
for a simple HOWTO.<br>
<br>
However, contrary to what's written there, I would recommend using
the latest versions of AD/Exchange connector and ConnId:<br>
- Exchange Connector: 1.4.1.20283 (<a href="https://wiki.evolveum.com/display/midPoint/Exchange+Connector">https://wiki.evolveum.com/display/midPoint/Exchange+Connector</a>)<br>
- Connector Server: 1.4.0.84 (<a href="https://wiki.evolveum.com/display/midPoint/.NET+Connector+Server">https://wiki.evolveum.com/display/midPoint/.NET+Connector+Server</a>)<br>
<br>
Also please note that auxiliary object classes are not supported
for AD. What you need to do is to extend the basic
AccountObjectClass (or object class for group/OU) with your custom
attributes.<br>
<br>
Best regards,<br>
Pavol<br>
<br>
On 2. 7. 2015 16:10, <a class="moz-txt-link-abbreviated" href="mailto:midpoint@mybtinternet.com">midpoint@mybtinternet.com</a> wrote:<br>
</div>
<blockquote cite="mid:25085999.40778.1435846210242.JavaMail.defaultUser@defaultHost" type="cite">Hi,<br>
<br>
We intend managing a number of different directories with
similar data but for populations of users that<br>
must be stored separately. We also have a fairly extensive
number of custom attributes grouped in an<br>
auxiliary objectClass.<br>
<br>
For OpenDJ, I was able to setup the resources and am able to
manage all the custom attributes; e.g.<br>
the connector allows definition of which classes to use.<br>
<br>
Now trying to replicate with AD and have basic AD provisioning
working; however, I don't see similar<br>
options for defining additional objectClasses to use. Have
looked in Jira; all references suggest modifying<br>
objectClasses.xml and building a custom instance of the
connector. I don't see how the custom<br>
objectClass is referenced. Have I missed something?<br>
<br>
As for building a custom instance of the connector; I would
prefer not to do that as:<br>
<span> </span>1) we could run into issues that are related to
our attempt of implementing<br>
2) each time there is a new fix, we would need to go and
retro-fit and rebuild<br>
3) each time we extend the schema, we need to go and ammend
and rebuild<br>
<br>
While I may be able to build a custom instance, once this is
handed-over to business-as-usual, they<br>
most certainly will not have the skills to support this.<br>
<br>
Is this still the process to follow at this time, or has this
changed? If not changed, is there a plan to<br>
make the AD adapter configurable ito custom schema (like
OpenDJ)? Time-frame?<br>
<br>
Thx<br>
<br>
Regards,<br>
Anton<br>
<br>
<br>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
midPoint mailing list
<a class="moz-txt-link-abbreviated" href="mailto:midPoint@lists.evolveum.com">midPoint@lists.evolveum.com</a>
<a class="moz-txt-link-freetext" href="http://lists.evolveum.com/mailman/listinfo/midpoint">http://lists.evolveum.com/mailman/listinfo/midpoint</a>
</pre>
</blockquote>
<br>
<br></blockquote><br><p></p>