<html>
<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
</head>
<body text="#000000" bgcolor="#FFFFFF">
Hi,<br>
<br>
I'd recomment to try either:<br>
<br>
- using the latest build of the LDAP connector:
<a class="moz-txt-link-freetext" href="https://github.com/Evolveum/connector-ldap">https://github.com/Evolveum/connector-ldap</a><br>
or<br>
- using latest midpoint 3.3 snapshot<br>
<br>
To avoid upgrading your database etc. it's probably faster to use
the new connector version.<br>
<br>
If you already have version 1.4.2.0-SNAPSHOT in midPoint (I don't
remember what version was bundled with MP 3.2), you should do this:<br>
<br>
1) download/git clone sources of the LDAP connector<br>
2) temporarily change pom.xml - the version from 1.4.2.0-SNAPSHOT to
e.g. 1.4.2.0.<b>a</b>-SNAPSHOT (you cannot have two connectors of
the same type with the same versions)<br>
3) build the connector<br>
<br>
The connector (JAR) should be placed to
$midpoint.home/icf-connectors directory and after restarting Tomcat,
you are ready to use it. Check if the corresponding Connector object
is created in Repository for this new connector and edit your
resource and update the connectorRef oid value to the new Connector.<br>
<br>
If this works, problem was fixed meanwhile in the connector.<br>
If this does not work, please let us know / create JIRA for this.<br>
<br>
Thanks,<br>
Ivan<br>
<br>
<div class="moz-cite-prefix">On 10/22/2015 04:19 PM,
<a class="moz-txt-link-abbreviated" href="mailto:midpoint@mybtinternet.com">midpoint@mybtinternet.com</a> wrote:<br>
</div>
<blockquote
cite="mid:29171323.51948.1445523575671.JavaMail.defaultUser@defaultHost"
type="cite">Hi,<br>
<br>
I was doing a delete of the resource from configuration each
time before importing the resource; was not<br>
expecting the schema to have survived ... although I did not do
that for the last test before post, else I may<br>
have caught one issue; thx for reminding me.<br>
<br>
A number of directories, including OpenDJ, IBM, etc, support
schema definition using a unique string instead<br>
of OID (dotted notation). This makes the process easier, less
prone to error, and you don't have to track<br>
OID numbers actively. When defining my auxiliary objectClas in
this way, midpoint seems to ignore it, e.g.:<br>
<br>
<span> </span>attributeTypes: ( <span style="color: rgb(0, 0,
255);"><b>myCallSign-OID</b></span> NAME 'myCallSign' DESC 'Call
Sign' EQUALITY caseIgnoreMatch ORDERING caseIgnoreOrderingMatch
SUBSTR caseIgnoreSubstringsMatch SYNTAX
1.3.6.1.4.1.1466.115.121.1.15 USAGE userApplications )<br>
<span> </span>objectClasses: ( <span style="color: rgb(0, 0,
255);"><b>myPerson-OID</b></span> NAME 'myPerson' DESC 'My
Person' SUP top AUXILIARY MAY ( myCallSign ) )<br>
<br>
If however I use dotted notation OID, the objectClass is
recognised, e.g.:<br>
<br>
attributeTypes: ( <span style="color: rgb(0, 0, 255);"><b>2.1.1.1.1</b></span>
NAME 'myCallSign' DESC 'Call Sign' EQUALITY caseIgnoreMatch
ORDERING caseIgnoreOrderingMatch SUBSTR caseIgnoreSubstringsMatch
SYNTAX 1.3.6.1.4.1.1466.115.121.1.15 USAGE userApplications )<br>
objectClasses: ( <span style="color: rgb(0, 0, 255);"><b>2.1.1.1.0</b></span>
NAME 'myPerson' DESC 'My Person' SUP top AUXILIARY MAY (
myCallSign ) )<br>
<br>
In 3.1.1 with the old connector the first definition worked and
I have used this syntax for several years;<br>
hope we do not have to regress ...<br>
<br>
Regards,<br>
Anton<br>
<br>
<blockquote style="margin-right: 0px; margin-left:15px;">----Original
message----<br>
From : <a class="moz-txt-link-abbreviated" href="mailto:ivan.noris@evolveum.com">ivan.noris@evolveum.com</a><br>
Date : 22/10/2015 - 13:41 (BST)<br>
To : <a class="moz-txt-link-abbreviated" href="mailto:midpoint@lists.evolveum.com">midpoint@lists.evolveum.com</a><br>
Subject : Re: [midPoint] New ldap connector and auxiliary
objectClasses<br>
<br>
<meta content="text/html; charset=utf-8"
http-equiv="Content-Type">
Hi,<br>
<br>
do you have your new attributes (coming from ri:myPerson) in the
resource <schema>? (Not in schema handling).<br>
<br>
To be sure, edit please your resource using Configuration -
Repository objects and delete <schema> .. .</schema>
element and then save and try to test connection. After this,
check the <schema> element if it contains your ri:myPerson
object class and its attributes...<br>
<br>
My coleagues are using this new LDAP connector (but in master)
and there were some fixes, but I can't tell now if it was
related to auxiliary classes.<br>
<br>
Ivan<br>
<br>
<div class="moz-cite-prefix">On 10/22/2015 02:30 PM, <a
moz-do-not-send="true" class="moz-txt-link-abbreviated"
href="mailto:midpoint@mybtinternet.com"><a class="moz-txt-link-abbreviated" href="mailto:midpoint@mybtinternet.com">midpoint@mybtinternet.com</a></a>
wrote:<br>
</div>
<blockquote
cite="mid:15205466.39985.1445517053518.JavaMail.defaultUser@defaultHost"
type="cite">Hi,<br>
<br>
I was trying:<br>
<br>
<!-- snip --><br>
<schemaHandling><br>
<objectType><br>
<displayName>Default
Account</displayName><br>
<default>true</default><br>
<objectClass>ri:inetOrgPerson</objectClass><br>
<b><auxiliaryObjectClass>ri:myPerson</auxiliaryObjectClass></b><br>
<attribute><br>
<ref>ri:dn</ref><br>
<displayName>Distinguished
Name</displayName><br>
<limitations><br>
<minOccurs>0</minOccurs><br>
<access><br>
<read>true</read><br>
<add>true</add><br>
<modify>false</modify><br>
</access><br>
</limitations><br>
<matchingRule>mr:stringIgnoreCase</matchingRule><br>
<outbound><br>
<strength>weak</strength><br>
<source><br>
<path>$user/name</path><br>
</source><br>
<expression><br>
<script><br>
<!-- No explicit script
language was specified. It means that this is Groovy --><br>
<code><br>
'uid=' + name + iterationToken
+ ',ou=staff,dc=internal,dc=example,dc=com'<br>
</code><br>
</script><br>
</expression><br>
</outbound><br>
</attribute><br>
<!-- snip --><br>
<!-- snip --><br>
<b> <attribute><br>
<c:ref>ri:myCallSign</c:ref><br>
<exclusiveStrong>false</exclusiveStrong><br>
<tolerant>true</tolerant><br>
<fetchStrategy>implicit</fetchStrategy><br>
<outbound><br>
<authoritative>false</authoritative><br>
<exclusive>false</exclusive><br>
<strength>normal</strength><br>
<source><br>
<c:path>extension/myCallSign</c:path><br>
</source><br>
</outbound><br>
<inbound><br>
<authoritative>false</authoritative><br>
<exclusive>false</exclusive><br>
<strength>normal</strength><br>
<target><br>
<c:path>extension/myCallSign</c:path><br>
</target><br>
</inbound><br>
</attribute></b><br>
<!-- snip --><br>
<br>
When having attributes defined in the schema handling,
midPoint complains about them;<br>
When only the auxiliary objectClass defined, midPoint says it
can't be found. myCallSign<br>
is an attribute of myPerson objectClass.<br>
<br>
Regards,<br>
Anton<br>
<br>
<br>
<br>
<blockquote style="margin-right: 0px; margin-left:15px;">----Original
message----<br>
From : <a moz-do-not-send="true"
class="moz-txt-link-abbreviated"
href="mailto:ivan.noris@evolveum.com">ivan.noris@evolveum.com</a><br>
Date : 22/10/2015 - 13:15 (BST)<br>
To : <a moz-do-not-send="true"
class="moz-txt-link-abbreviated"
href="mailto:midpoint@lists.evolveum.com">midpoint@lists.evolveum.com</a><br>
Subject : Re: [midPoint] New ldap connector and auxiliary
objectClasses<br>
<br>
<meta content="text/html; charset=utf-8"
http-equiv="Content-Type">
Hi,<br>
could you please paste your <objectType> definition
from schema handling?<br>
<br>
Ivan<br>
<br>
<div class="moz-cite-prefix">On 10/22/2015 01:36 PM, <a
moz-do-not-send="true" class="moz-txt-link-abbreviated"
href="mailto:midpoint@mybtinternet.com"><a class="moz-txt-link-abbreviated" href="mailto:midpoint@mybtinternet.com">midpoint@mybtinternet.com</a></a>
wrote:<br>
</div>
<blockquote
cite="mid:10419466.34073.1445513804668.JavaMail.defaultUser@defaultHost"
type="cite">Hi Guys,<br>
<br>
Trying to use the new LDAP connector in 3.2; but having
issues with my auxiliary objectClass.<br>
<br>
I have tried using:
<auxiliaryObjectClass>ri:myPerson</auxiliaryObjectClass><br>
in the account section of schema definition. This seems
to be the method implied by the UNIX user<br>
sample scenario ... although not used on the account
section per se.<br>
<br>
After resource load, which is apparently successful,
browsing to "List resources" throws an error<br>
that the objectclass myPerson was not found. When
looking at the objectClasses listed in the<br>
connector, it does not seem to be listed. Also enable
read schema, seems to make not diff. Tried<br>
test connection; again no diff.<br>
<br>
This used to work with 3.1.1 and the previous connector.<br>
<br>
If I do a ldapsearch for schema on OpenDJ, my custom
objectclass is returned; Apache Directory<br>
Studio also recognises the auxiliary objectclass. Thus,
is this:<br>
<span><span> </span>- an issue with how I'm
referencing the auxiliary objectClass?<br>
</span>- a bug in the new LDAP connector?<br>
<span> </span>- Something else?<br>
<br>
Thx,<br>
Anton<br>
<br>
<br>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
midPoint mailing list
<a moz-do-not-send="true" class="moz-txt-link-abbreviated" href="mailto:midPoint@lists.evolveum.com">midPoint@lists.evolveum.com</a>
<a moz-do-not-send="true" class="moz-txt-link-freetext" href="http://lists.evolveum.com/mailman/listinfo/midpoint">http://lists.evolveum.com/mailman/listinfo/midpoint</a>
</pre>
</blockquote>
<br>
<pre class="moz-signature" cols="72">--
Ing. Ivan Noris
Senior Identity Management Engineer & IDM Architect
evolveum.com evolveum.com/blog/
___________________________________________________
"Semper Id(e)M Vix."
</pre>
<br>
</blockquote>
<br>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
midPoint mailing list
<a moz-do-not-send="true" class="moz-txt-link-abbreviated" href="mailto:midPoint@lists.evolveum.com">midPoint@lists.evolveum.com</a>
<a moz-do-not-send="true" class="moz-txt-link-freetext" href="http://lists.evolveum.com/mailman/listinfo/midpoint">http://lists.evolveum.com/mailman/listinfo/midpoint</a>
</pre>
</blockquote>
<br>
<pre class="moz-signature" cols="72">--
Ing. Ivan Noris
Senior Identity Management Engineer & IDM Architect
evolveum.com evolveum.com/blog/
___________________________________________________
"Semper Id(e)M Vix."
</pre>
<br>
</blockquote>
<br>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
midPoint mailing list
<a class="moz-txt-link-abbreviated" href="mailto:midPoint@lists.evolveum.com">midPoint@lists.evolveum.com</a>
<a class="moz-txt-link-freetext" href="http://lists.evolveum.com/mailman/listinfo/midpoint">http://lists.evolveum.com/mailman/listinfo/midpoint</a>
</pre>
</blockquote>
<br>
<pre class="moz-signature" cols="72">--
Ing. Ivan Noris
Senior Identity Management Engineer & IDM Architect
evolveum.com evolveum.com/blog/
___________________________________________________
"Semper Id(e)M Vix."
</pre>
</body>
</html>