<html>
<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
</head>
<body text="#000000" bgcolor="#FFFFFF">
Hi Jason,<br>
<br>
yes, with some restrictions - no home directory creation, no
scripting on server side, no Exchange support.<br>
<br>
My coleagues are already testing/deploying the connector and (will)
have more real-life experiences soon. I expect I will probably also
deploy it the following weeks.<br>
<br>
Regards,<br>
Ivan<br>
<br>
<div class="moz-cite-prefix">On 10/23/2015 09:59 PM, Jason Everling
wrote:<br>
</div>
<blockquote
cite="mid:CAFkZXY7GoCTcV0QoBiBxQ-Vz9jWpEvZXtnKoeHDdA6U5CaC_KQ@mail.gmail.com"
type="cite">
<div dir="ltr">A built-in AD connector? Wow, that is great! Does
that mean we would not have to rely on a connector server
anymore?
<div><br>
</div>
<div>JASON</div>
</div>
<div class="gmail_extra"><br>
<div class="gmail_quote">On Fri, Oct 23, 2015 at 9:25 AM,
Radovan Semancik <span dir="ltr"><<a
moz-do-not-send="true"
href="mailto:radovan.semancik@evolveum.com"
target="_blank"><a class="moz-txt-link-abbreviated" href="mailto:radovan.semancik@evolveum.com">radovan.semancik@evolveum.com</a></a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">Hi,<span
class=""><br>
<br>
On 10/23/2015 03:20 PM, <a moz-do-not-send="true"
href="mailto:midpoint@mybtinternet.com" target="_blank">midpoint@mybtinternet.com</a>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">
I agree with your principals around retrieving and
interpreting the schema. However,<br>
attribute names are not supposed to be case
sensitive. I have worked with many<br>
servers, and have only encountered one that was. I
believe this was configurable<br>
in that particular server.<br>
</blockquote>
<br>
</span>
Yes, that's right. They are not supposed to be case
sensitive. But I think it is good practice for operations to
use the same capitalization as is specified in the schema. I
have seen some problems with this in the past. I'm not sure
how much this applies to current LDAP servers, but it is
perhaps better to stay on the safe side. And the same
applies to object classes. Actually, I have seen a problem
with objectclass name capitalization just a couple of days
ago ...<span class=""><br>
<br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">
As for the server that provided no syntax
definitions; wow!! I have not encountered<br>
that before ... do you mean when querying the server
or no syntax period?<br>
</blockquote>
<br>
</span>
Actually, the attributeTypes definition provided syntax OID
(otherwise it would be a complete disaster). But there was
no ldapSyntaxes definition. None at all. Fortunately, the
Apache Directory API still works with this. Just instead of
attributeType.getSyntax().getOid() I had to use
attibuteType.getSyntaxOid() - which seems to be the same but
it is not. The former takes OID from ldapSyntaxes
definition, the latter takes it from attributeTypes
definition. So obviously, the former fails if there are no
ldapSyntaxes definition. Simple fix, but unless you
encounter a server like that it is hard to believe that this
can actually happen ...<br>
<br>
So, the bottom line is that the more LDAP servers are tested
with the new LDAP connector the more robust it will become.
For now we have tested it with OpenLDAP, OpenDJ, OpenDS,
389ds, eDirectory and Active Directory. I'd appreciate
reports of connector success/failure with any other
directory server.
<div class="HOEnZb">
<div class="h5"><br>
<br>
-- <br>
Radovan Semancik<br>
Software Architect<br>
<a moz-do-not-send="true" href="http://evolveum.com"
rel="noreferrer" target="_blank">evolveum.com</a><br>
<br>
_______________________________________________<br>
midPoint mailing list<br>
<a moz-do-not-send="true"
href="mailto:midPoint@lists.evolveum.com"
target="_blank">midPoint@lists.evolveum.com</a><br>
<a moz-do-not-send="true"
href="http://lists.evolveum.com/mailman/listinfo/midpoint"
rel="noreferrer" target="_blank">http://lists.evolveum.com/mailman/listinfo/midpoint</a><br>
</div>
</div>
</blockquote>
</div>
<br>
<br clear="all">
<div><br>
</div>
-- <br>
<div class="gmail_signature">
<div dir="ltr">JASON</div>
</div>
</div>
<br>
<font size="2"><br>
<br>
CONFIDENTIALITY NOTICE:<br>
This e-mail together with any attachments is proprietary and
confidential; intended for only the recipient(s) named above and
may contain information that is privileged. You should not
retain, copy or use this e-mail or any attachments for any
purpose, or disclose all or any part of the contents to any
person. Any views or opinions expressed in this e-mail are those
of the author and do not represent those of the Baptist School
of Health Professions. If you have received this e-mail in
error, or are not the named recipient(s), you are hereby
notified that any review, dissemination, distribution or copying
of this communication is prohibited by the sender and to do so
might constitute a violation of the Electronic Communications
Privacy Act, 18 U.S.C. section 2510-2521. Please immediately
notify the sender and delete this e-mail and any attachments
from your computer. </font><br>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
midPoint mailing list
<a class="moz-txt-link-abbreviated" href="mailto:midPoint@lists.evolveum.com">midPoint@lists.evolveum.com</a>
<a class="moz-txt-link-freetext" href="http://lists.evolveum.com/mailman/listinfo/midpoint">http://lists.evolveum.com/mailman/listinfo/midpoint</a>
</pre>
</blockquote>
<br>
<pre class="moz-signature" cols="72">--
Ing. Ivan Noris
Senior Identity Management Engineer & IDM Architect
evolveum.com evolveum.com/blog/
___________________________________________________
"Semper Id(e)M Vix."
</pre>
</body>
</html>