<html>
<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<p>Hello Matt,</p>
<p>I have almost no experiences with auxiliaryObjectClass use, but
it seems to me that you should include ri:shadowAccount in the
list of classes that are imported to resource schema, i.e. in this
element:<br>
</p>
<p> <generationConstraints><br>
<generateObjectClass>ri:person</generateObjectClass><br>
<generateObjectClass>ri:posixAccount</generateObjectClass><br>
<generateObjectClass>ri:inetLocalMailRecipient</generateObjectClass><br>
<generateObjectClass>ri:groupOfUniqueNames</generateObjectClass><br>
</generationConstraints></p>
<p>(Actually, this element can be skipped altogether, resulting in
all object classes being processed into resource schema. However,
this would lead to a bloated schema for some resources, including
common LDAP servers.)<br>
</p>
<p>By the way, I've recently fixed <a
href="https://jira.evolveum.com/browse/MID-3359">MID-3359</a> so
the resource wizard now supports auxiliary object classes (at
least for attribute definition).</p>
<p>Best regards,<br>
</p>
<pre class="moz-signature" cols="72">Pavol Mederly
Software developer
evolveum.com
</pre>
<div class="moz-cite-prefix">On 19.08.2016 21:41, Mencel, Matt
wrote:<br>
</div>
<blockquote
cite="mid:CABpVbH+cm40WC66FZuFwH3mA8uGNfHhwuCZOqNCodSRsAiUOXw@mail.gmail.com"
type="cite">
<div dir="ltr">So attempting to do a sync results in an error.
<div><br>
</div>
<div>2016-08-19 14:36:13,720 [] [midPointScheduler_Worker-7]
ERROR (com.evolveum.midpoint.provisioning.impl.ShadowCache):
Schema error: Auxiliary object class {<a
moz-do-not-send="true"
href="http://midpoint.evolveum.com/xml/ns/public/resource/instance-3%7DshadowAccount">http://midpoint.evolveum.com/xml/ns/public/resource/instance-3}shadowAccount</a>
specified in shadow:null(null) does not exist</div>
<div><br>
</div>
<div>I'll put the stacktrace in the gist.</div>
<div><br>
</div>
<div><a moz-do-not-send="true"
href="https://gist.github.com/MattMencel/2a3208371a1b0ce422e0b4923df413f7">https://gist.github.com/MattMencel/2a3208371a1b0ce422e0b4923df413f7</a></div>
<div><br>
</div>
<div>Matt</div>
<div><br>
<div class="gmail_extra"><br>
<div class="gmail_quote">On Fri, Aug 19, 2016 at 10:47 AM,
Radovan Semancik <span dir="ltr"><<a
moz-do-not-send="true"
href="mailto:radovan.semancik@evolveum.com"
target="_blank">radovan.semancik@evolveum.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0px 0px 0px
0.8ex;border-left:1px solid
rgb(204,204,204);padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000">
<div>Hi,<br>
<br>
Yes, that should work.<br>
Just check that you have correct lowercase/uppercase
form for the attribute names. LDAP is (mostly) case
insensitive, but midPoint is case sensitive. Look at
the <schema> part of the resource definition.
That is generated from the resource. Look for your
auxiliary object class definition there. And use the
same capitalization as you see in the <schema>
section.<span class=""><br>
<br>
<pre cols="72">--
Radovan Semancik
Software Architect
<a moz-do-not-send="true" href="http://evolveum.com" target="_blank">evolveum.com</a>
</pre>
<br>
<br>
<br>
</span>
<div>
<div class="h5"> On 08/19/2016 05:23 PM, Mencel,
Matt wrote:<br>
</div>
</div>
</div>
<div>
<div class="h5">
<blockquote type="cite">
<div dir="ltr">Thanks Radovan,
<div><br>
</div>
<div>That helps. Do I declare the auxiliary's
attributes in the same place as the default
objectClass then? I'm getting this error in
the UI...</div>
<div><br>
</div>
<blockquote class="gmail_quote"
style="margin:0px 0px 0px
0.8ex;border-left:1px solid
rgb(204,204,204);padding-left:1ex">There is
no attribute named '{<a
moz-do-not-send="true"
href="http://midpoint.evolveum.com/xml/ns/public/resource/instance-3%7DwiuId"
target="_blank">http://midpoint.evolveum.<wbr>com/xml/ns/public/resource/<wbr>instance-3}wiuId</a>'
in object class '{<a moz-do-not-send="true"
href="http://midpoint.evolveum.com/xml/ns/public/resource/instance-3%7Dperson"
target="_blank">http://midpoint.evolveum.<wbr>com/xml/ns/public/resource/<wbr>instance-3}person</a>'
(defined in schema handling for 'User
Account (kind: ACCOUNT, intent: person)').</blockquote>
<div><br>
</div>
<div> <a moz-do-not-send="true"
href="https://gist.github.com/MattMencel/2a3208371a1b0ce422e0b4923df413f7"
target="_blank">https://gist.github.com/<wbr>MattMencel/<wbr>2a3208371a1b0ce422e0b4923df413<wbr>f7</a></div>
</div>
<div class="gmail_extra"><br>
<div class="gmail_quote">On Fri, Aug 19, 2016
at 9:54 AM, Radovan Semancik <span
dir="ltr"><<a moz-do-not-send="true"
href="mailto:radovan.semancik@evolveum.com"
target="_blank">radovan.semancik@evolveum.com</a><wbr>></span>
wrote:<br>
<blockquote class="gmail_quote"
style="margin:0px 0px 0px
0.8ex;border-left:1px solid
rgb(204,204,204);padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000">
<div>Hi,<span><br>
<br>
On 08/19/2016 04:26 PM, Mencel, Matt
wrote:<br>
</span></div>
<span>
<blockquote type="cite">
<div dir="ltr">I have multiple LDAP
objectclasses that contain all the
attributes that make up a person's
identity. I've associated
multiple OCs with the same
kind/intent in midpoint and am
getting a warning in the UI.
<div>
<table>
<tbody>
<tr>
</tr>
<tr>
<td
style="padding:3px;line-height:1.42857;vertical-align:top;border-top:1px
solid rgb(244,244,244)">
<blockquote
class="gmail_quote"
style="margin:0px 0px
0px
0.8ex;border-left:1px
solid
rgb(204,204,204);padding-left:1ex"><span>There
are multiple schema
handling definitions
for kind/intent:
ACCOUNT/person.</span></blockquote>
</td>
</tr>
<tr>
<td
style="padding:3px;line-height:1.42857;vertical-align:top;border-top:1px
solid rgb(244,244,244)"
width="1px">Should I be
doing this another way?<br>
</td>
</tr>
</tbody>
</table>
</div>
</div>
</blockquote>
<br>
</span> Yes. Just one of the
objectclasses is structural (primary).
Other object classes are auxiliary.
MidPoint fully supports auxiliary object
classes, but you need to use a slightly
different approach. Use something like
this:<br>
<br>
<pre style="color:rgb(0,0,0);font-style:normal;font-weight:normal;letter-spacing:normal;line-height:normal;text-align:start;text-indent:0px;text-transform:none;word-spacing:0px;word-wrap:break-word;white-space:pre-wrap"> <schemaHandling>
<objectType>
<kind>account</kind>
<displayName>Normal Account</displayName>
<default>true</default>
<objectClass>ri:inetOrgPerson<<wbr>/objectClass>
<auxiliaryObjectClass>ri:posix<wbr>Account</auxiliaryObjectClass>
<auxiliaryObjectClass>ri:foo</<wbr>auxiliaryObjectClass>
<auxiliaryObjectClass>ri:bar</<wbr>auxiliaryObjectClass>
...
</pre><span><font color="#888888">
<pre cols="72">--
Radovan Semancik
Software Architect
<a moz-do-not-send="true" href="http://evolveum.com" target="_blank">evolveum.com</a>
</pre>
</font></span></div>
______________________________<wbr>_________________
midPoint mailing list
<a moz-do-not-send="true" href="mailto:midPoint@lists.evolveum.com" target="_blank">midPoint@lists.evolveum.com</a>
<a moz-do-not-send="true" href="http://lists.evolveum.com/mailman/listinfo/midpoint" rel="noreferrer" target="_blank">http://lists.evolveum.com/mail<wbr>man/listinfo/midpoint</a>
</blockquote></div>
</div>
<fieldset></fieldset>
<pre>______________________________<wbr>_________________
midPoint mailing list
<a moz-do-not-send="true" href="mailto:midPoint@lists.evolveum.com" target="_blank">midPoint@lists.evolveum.com</a>
<a moz-do-not-send="true" href="http://lists.evolveum.com/mailman/listinfo/midpoint" target="_blank">http://lists.evolveum.com/<wbr>mailman/listinfo/midpoint</a>
</pre>
</blockquote>
</div></div></div>
______________________________<wbr>_________________
midPoint mailing list
<a moz-do-not-send="true" href="mailto:midPoint@lists.evolveum.com">midPoint@lists.evolveum.com</a>
<a moz-do-not-send="true" href="http://lists.evolveum.com/mailman/listinfo/midpoint" rel="noreferrer" target="_blank">http://lists.evolveum.com/<wbr>mailman/listinfo/midpoint</a>
</blockquote></div>
</div></div></div>
<fieldset class="mimeAttachmentHeader"></fieldset>
<pre wrap="">_______________________________________________
midPoint mailing list
<a class="moz-txt-link-abbreviated" href="mailto:midPoint@lists.evolveum.com">midPoint@lists.evolveum.com</a>
<a class="moz-txt-link-freetext" href="http://lists.evolveum.com/mailman/listinfo/midpoint">http://lists.evolveum.com/mailman/listinfo/midpoint</a>
</pre>
</blockquote>
</body></html>