<html>
<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div class="moz-cite-prefix">Hi,<br>
<br>
Maybe just a couple of clarifications:<br>
<br>
Firstly, password is usually considered to be write-only by the
ConnId connectors. This is the default setting that we have
inherited from the Sun Microsystems. As we are quite keen about
compatibility this setting was not changed in ConnId. Connectors
can override this default setting. But only a very few connectors
actually do that.<br>
<br>
Secondly, the DatabaseTable connector is also inherited from Sun
Microsystems. The connector is old and it is well ripe for
rewrite. I would be happy to rewrite it personally. But we were
not able to secure any funding for this rewrite yet. As far as I
know we have never really tried to read passwords with this
connector, so I'm not sure it is capable of reading passwords at
all. But you can check by setting TRACE log level for
org.identityconnectors.framework. That will turn on tracing of all
connector operations and they you can see if the connector is
sending password to midPoint or not.<br>
<br>
<pre class="moz-signature" cols="72">--
Radovan Semancik
Software Architect
evolveum.com</pre>
<br>
<br>
<br>
On 10/07/2016 08:26 AM, Ivan Noris wrote:<br>
</div>
<blockquote
cite="mid:e549c0bf-374f-da3b-a425-500777713e9b@evolveum.com"
type="cite">
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
<p>Hi Martin,</p>
<p>I have not tried this with DB Table, but for OpenLDAP resource
I'm using the following:</p>
<p>1)</p>
<p>...<br>
</p>
<p> <credentials><!-- here in my example is no
weak, I'm syncing passwords everytime! --><br>
<password><br>
<b>
<fetchStrategy>explicit</fetchStrategy></b><b><br>
</b> <inbound/><br>
</password><br>
</credentials><br>
...</p>
<p>2)</p>
<p>...<br>
</p>
<p> <capabilities><br>
<configured
xmlns:cap=<a moz-do-not-send="true"
class="moz-txt-link-rfc2396E"
href="http://midpoint.evolveum.com/xml/ns/public/resource/capabilities-3">"http://midpoint.evolveum.com/xml/ns/public/resource/capabilities-3"</a>><br>
<br>
<cap:credentials><br>
<b> <cap:password></b><b><br>
</b><b>
<cap:returnedByDefault>false</cap:returnedByDefault></b><b><br>
</b><b> </cap:password></b><b><br>
</b> </cap:credentials><br>
</configured><br>
...</p>
<p>Could you please try if it helps?</p>
<p>Regards,</p>
<p>Ivan<br>
</p>
<div class="moz-cite-prefix">On 10/06/2016 10:55 PM, Martin
Marchese wrote:<br>
</div>
<blockquote
cite="mid:CAG3rmdq=DVUoe+evpUmJ3M5f8ULG3PKX-8zan2oLRFzaqT_xWw@mail.gmail.com"
type="cite">
<div dir="ltr">Hi All,
<div><br>
</div>
<div>We are using a Database table connector (using PostgreSQL
9.5) to create users into midpoint, and we are facing a
problem while we try to set their password.</div>
<div><br>
</div>
<div>Connector version is 1.4.2.0 and MidPoint version is
3.4.1</div>
<div><br>
</div>
<div>We have configured a password policy that complies with
all passwords within the database.</div>
<div><br>
</div>
<div>Password column is configured correctly in the connector
configuration. I was looking into the samples and I see that
every samples uses the <generate> option as it
follows:</div>
<div><br>
</div>
<div>
<div><span class="gmail-Apple-tab-span" style="white-space:pre"> </span><credentials></div>
<div><span class="gmail-Apple-tab-span" style="white-space:pre"> </span><password></div>
<div><span class="gmail-Apple-tab-span" style="white-space:pre"> </span><outbound/></div>
<div><span class="gmail-Apple-tab-span" style="white-space:pre"> </span><inbound></div>
<div><span class="gmail-Apple-tab-span" style="white-space:pre"> </span><strength>weak</strength></div>
<div><span class="gmail-Apple-tab-span" style="white-space:pre"> </span><expression></div>
<div><span class="gmail-Apple-tab-span" style="white-space:pre"> </span><generate/></div>
<div><span class="gmail-Apple-tab-span" style="white-space:pre"> </span></expression></div>
<div><span class="gmail-Apple-tab-span" style="white-space:pre"> </span></inbound></div>
<div><span class="gmail-Apple-tab-span" style="white-space:pre"> </span></password></div>
<div><span class="gmail-Apple-tab-span" style="white-space:pre"> </span></credentials></div>
<div><br>
</div>
<div><br>
</div>
<div>My first thought was that replacing the expression as
it follows it will work:</div>
<div><br>
</div>
<div>
<div><span class="gmail-Apple-tab-span" style="white-space:pre"> </span><credentials></div>
<div><span class="gmail-Apple-tab-span" style="white-space:pre"> </span><password></div>
<div><span class="gmail-Apple-tab-span" style="white-space:pre"> </span><outbound/></div>
<div><span class="gmail-Apple-tab-span" style="white-space:pre"> </span><inbound></div>
<div><span class="gmail-Apple-tab-span" style="white-space:pre"> </span><strength>weak</strength></div>
<div><span class="gmail-Apple-tab-span" style="white-space:pre"> </span><expression></div>
<div><span class="gmail-Apple-tab-span" style="white-space:pre"> </span><asIs/></div>
<div><span class="gmail-Apple-tab-span" style="white-space:pre"> </span></expression></div>
<div><span class="gmail-Apple-tab-span" style="white-space:pre"> </span></inbound></div>
<div><span class="gmail-Apple-tab-span" style="white-space:pre"> </span></password></div>
<div><span class="gmail-Apple-tab-span" style="white-space:pre"> </span></credentials></div>
</div>
<div><br>
</div>
<div>However, when I run an import or livesync task i
receive the following error:</div>
<div><br>
</div>
<div>Provided password does not satisfy password policies.
Required minimal size (4) of password is not met (password
length: 0)<br>
</div>
<div><br>
</div>
<div>As if the password was not coming from the database.
Also, when I look into the resource object thru the UI,
the password attribute is empty.</div>
<div><br>
</div>
<div>I took a look at this bug just in case: <a
moz-do-not-send="true"
href="https://jira.evolveum.com/browse/MID-2405">https://jira.evolveum.com/browse/MID-2405</a>,
but it was a different behavior since for me, it fails
with every password I try.</div>
<div><br>
</div>
<div>Any ideas on what I'm missing here?</div>
<div><br>
</div>
<div>Thanks in advance.</div>
<div><br>
</div>
<div>
<div class="gmail_signature">
<div dir="ltr">
<div>
<div dir="ltr">
<div>
<div dir="ltr">
<div>
<div dir="ltr">
<div>
<div dir="ltr"><b><span></span><span></span>Ing.
Martín Marchese</b><br>
<img moz-do-not-send="true"
src="http://www.identicum.com/img/favicon.ico">Identicum
S.A.<br>
Jorge Newbery 3226<br>
Tel: +54 (11) 4552-3050<br>
<a moz-do-not-send="true"
href="mailto:mmarchese@identicum.com"
target="_blank">mmarchese@identicum.com</a><br>
<a moz-do-not-send="true"
href="http://www.identicum.com"
target="_blank">www.identicum.com</a></div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
midPoint mailing list
<a moz-do-not-send="true" class="moz-txt-link-abbreviated" href="mailto:midPoint@lists.evolveum.com">midPoint@lists.evolveum.com</a>
<a moz-do-not-send="true" class="moz-txt-link-freetext" href="http://lists.evolveum.com/mailman/listinfo/midpoint">http://lists.evolveum.com/mailman/listinfo/midpoint</a>
</pre>
</blockquote>
<br>
<pre class="moz-signature" cols="72">--
Ivan Noris
Senior Identity Engineer
evolveum.com
</pre>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
midPoint mailing list
<a class="moz-txt-link-abbreviated" href="mailto:midPoint@lists.evolveum.com">midPoint@lists.evolveum.com</a>
<a class="moz-txt-link-freetext" href="http://lists.evolveum.com/mailman/listinfo/midpoint">http://lists.evolveum.com/mailman/listinfo/midpoint</a>
</pre>
</blockquote>
<br>
<br>
<pre class="moz-signature" cols="72">
</pre>
</body>
</html>