<div dir="ltr">Your correlation looks a little funky to me for the user type, maybe you meant to use 'cn' and not 'sn' ? for AD we use sAMAccountName<div><br></div><div><br></div><div>OpenLDAP sample is using 'uid'<br></div><div><a href="https://github.com/Evolveum/midpoint/blob/master/samples/resources/openldap/openldap-localhost-medium.xml#L425" target="_blank">https://github.com/Evolveum/<wbr>midpoint/blob/master/samples/<wbr>resources/openldap/openldap-<wbr>localhost-medium.xml#L425</a><br></div><div><br></div><div>Someone else though would be able to dig into it further,</div></div><div class="gmail_extra"><br clear="all"><div><div class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr">JASON</div></div></div>
<br><div class="gmail_quote">On Fri, Aug 19, 2016 at 2:41 PM, Mencel, Matt <span dir="ltr"><<a href="mailto:mr-mencel@wiu.edu" target="_blank">mr-mencel@wiu.edu</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">So attempting to do a sync results in an error.<div><br></div><div>2016-08-19 14:36:13,720 [] [midPointScheduler_Worker-7] ERROR (com.evolveum.midpoint.<wbr>provisioning.impl.ShadowCache)<wbr>: Schema error: Auxiliary object class {<a href="http://midpoint.evolveum.com/xml/ns/public/resource/instance-3%7DshadowAccount" target="_blank">http://midpoint.evolveum.com/<wbr>xml/ns/public/resource/<wbr>instance-3}shadowAccount</a> specified in shadow:null(null) does not exist</div><div><br></div><div>I'll put the stacktrace in the gist.</div><div><br></div><div><a href="https://gist.github.com/MattMencel/2a3208371a1b0ce422e0b4923df413f7" target="_blank">https://gist.github.com/<wbr>MattMencel/<wbr>2a3208371a1b0ce422e0b4923df413<wbr>f7</a></div><span class="HOEnZb"><font color="#888888"><div><br></div><div>Matt</div></font></span><div><br><div><div class="h5"><div class="gmail_extra"><br><div class="gmail_quote">On Fri, Aug 19, 2016 at 10:47 AM, Radovan Semancik <span dir="ltr"><<a href="mailto:radovan.semancik@evolveum.com" target="_blank">radovan.semancik@evolveum.com</a><wbr>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000">
<div>Hi,<br>
<br>
Yes, that should work.<br>
Just check that you have correct lowercase/uppercase form for the
attribute names. LDAP is (mostly) case insensitive, but midPoint
is case sensitive. Look at the <schema> part of the resource
definition. That is generated from the resource. Look for your
auxiliary object class definition there. And use the same
capitalization as you see in the <schema> section.<span><br>
<br>
<pre cols="72">--
Radovan Semancik
Software Architect
<a href="http://evolveum.com" target="_blank">evolveum.com</a>
</pre>
<br>
<br>
<br></span><div><div>
On 08/19/2016 05:23 PM, Mencel, Matt wrote:<br>
</div></div></div><div><div>
<blockquote type="cite">
<div dir="ltr">Thanks Radovan,
<div><br>
</div>
<div>That helps. Do I declare the auxiliary's attributes in the
same place as the default objectClass then? I'm getting this
error in the UI...</div>
<div><br>
</div>
<blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">There
is no attribute named '{<a href="http://midpoint.evolveum.com/xml/ns/public/resource/instance-3%7DwiuId" target="_blank">http://midpoint.evolveum.com<wbr>/xml/ns/public/resource/instan<wbr>ce-3}wiuId</a>'
in object class '{<a href="http://midpoint.evolveum.com/xml/ns/public/resource/instance-3%7Dperson" target="_blank">http://midpoint.evolveum.com<wbr>/xml/ns/public/resource/instan<wbr>ce-3}person</a>'
(defined in schema handling for 'User Account (kind: ACCOUNT,
intent: person)').</blockquote>
<div><br>
</div>
<div> <a href="https://gist.github.com/MattMencel/2a3208371a1b0ce422e0b4923df413f7" target="_blank">https://gist.github.com/MattM<wbr>encel/2a3208371a1b0ce422e0b492<wbr>3df413f7</a></div>
</div>
<div class="gmail_extra"><br>
<div class="gmail_quote">On Fri, Aug 19, 2016 at 9:54 AM,
Radovan Semancik <span dir="ltr"><<a href="mailto:radovan.semancik@evolveum.com" target="_blank">radovan.semancik@evolveum.com</a><wbr>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000">
<div>Hi,<span><br>
<br>
On 08/19/2016 04:26 PM, Mencel, Matt wrote:<br>
</span></div>
<span>
<blockquote type="cite">
<div dir="ltr">I have multiple LDAP objectclasses that
contain all the attributes that make up a person's
identity. I've associated multiple OCs with the
same kind/intent in midpoint and am getting a
warning in the UI.
<div>
<table>
<tbody>
<tr>
</tr>
<tr>
<td style="padding:3px;line-height:1.42857;vertical-align:top;border-top:1px solid rgb(244,244,244)">
<blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><span>There
are multiple schema handling
definitions for kind/intent:
ACCOUNT/person.</span></blockquote>
</td>
</tr>
<tr>
<td style="padding:3px;line-height:1.42857;vertical-align:top;border-top:1px solid rgb(244,244,244)" width="1px">Should
I be doing this another way?<br>
</td>
</tr>
</tbody>
</table>
</div>
</div>
</blockquote>
<br>
</span> Yes. Just one of the objectclasses is structural
(primary). Other object classes are auxiliary. MidPoint
fully supports auxiliary object classes, but you need to
use a slightly different approach. Use something like
this:<br>
<br>
<pre style="color:rgb(0,0,0);font-style:normal;font-weight:normal;letter-spacing:normal;line-height:normal;text-align:start;text-indent:0px;text-transform:none;word-spacing:0px;word-wrap:break-word;white-space:pre-wrap"> <schemaHandling>
<objectType>
<kind>account</kind>
<displayName>Normal Account</displayName>
<default>true</default>
<objectClass>ri:inetOrgPerson<<wbr>/objectClass>
<auxiliaryObjectClass>ri:posix<wbr>Account</auxiliaryObjectClass>
<auxiliaryObjectClass>ri:foo</<wbr>auxiliaryObjectClass>
<auxiliaryObjectClass>ri:bar</<wbr>auxiliaryObjectClass>
...
</pre><span><font color="#888888">
<pre cols="72">--
Radovan Semancik
Software Architect
<a href="http://evolveum.com" target="_blank">evolveum.com</a>
</pre>
</font></span></div>
______________________________<wbr>_________________
midPoint mailing list
<a href="mailto:midPoint@lists.evolveum.com" target="_blank">midPoint@lists.evolveum.com</a>
<a href="http://lists.evolveum.com/mailman/listinfo/midpoint" rel="noreferrer" target="_blank">http://lists.evolveum.com/mail<wbr>man/listinfo/midpoint</a>
</blockquote></div>
</div>
<fieldset></fieldset>
<pre>______________________________<wbr>_________________
midPoint mailing list
<a href="mailto:midPoint@lists.evolveum.com" target="_blank">midPoint@lists.evolveum.com</a>
<a href="http://lists.evolveum.com/mailman/listinfo/midpoint" target="_blank">http://lists.evolveum.com/mail<wbr>man/listinfo/midpoint</a>
</pre>
</blockquote>
</div></div></div><br>______________________________<wbr>_________________<br>
midPoint mailing list<br>
<a href="mailto:midPoint@lists.evolveum.com" target="_blank">midPoint@lists.evolveum.com</a><br>
<a href="http://lists.evolveum.com/mailman/listinfo/midpoint" rel="noreferrer" target="_blank">http://lists.evolveum.com/mail<wbr>man/listinfo/midpoint</a><br>
<br></blockquote></div><br></div></div></div></div></div>
<br>______________________________<wbr>_________________<br>
midPoint mailing list<br>
<a href="mailto:midPoint@lists.evolveum.com">midPoint@lists.evolveum.com</a><br>
<a href="http://lists.evolveum.com/mailman/listinfo/midpoint" rel="noreferrer" target="_blank">http://lists.evolveum.com/<wbr>mailman/listinfo/midpoint</a><br>
<br></blockquote></div><br></div>
<br>
<font size="2"><br><br>CONFIDENTIALITY NOTICE:<br>This e-mail together with any attachments is proprietary and confidential; intended for only the recipient(s) named above and may contain information that is privileged. You should not retain, copy or use this e-mail or any attachments for any purpose, or disclose all or any part of the contents to any person. Any views or opinions expressed in this e-mail are those of the author and do not represent those of the Baptist School of Health Professions. If you have received this e-mail in error, or are not the named recipient(s), you are hereby notified that any review, dissemination, distribution or copying of this communication is prohibited by the sender and to do so might constitute a violation of the Electronic Communications Privacy Act, 18 U.S.C. section 2510-2521. Please immediately notify the sender and delete this e-mail and any attachments from your computer. </font><br>