<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40"><head><meta http-equiv=Content-Type content="text/html; charset=utf-8"><meta name=Generator content="Microsoft Word 15 (filtered medium)"><style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Consolas;
panose-1:2 11 6 9 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri",sans-serif;
color:black;
mso-fareast-language:EN-US;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:#0563C1;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:#954F72;
text-decoration:underline;}
pre
{mso-style-priority:99;
mso-style-link:"HTML Preformatted Char";
margin:0cm;
margin-bottom:.0001pt;
font-size:10.0pt;
font-family:"Courier New";
color:black;}
p.msonormal0, li.msonormal0, div.msonormal0
{mso-style-name:msonormal;
mso-margin-top-alt:auto;
margin-right:0cm;
mso-margin-bottom-alt:auto;
margin-left:0cm;
font-size:12.0pt;
font-family:"Times New Roman",serif;
color:black;}
span.HTMLPreformattedChar
{mso-style-name:"HTML Preformatted Char";
mso-style-priority:99;
mso-style-link:"HTML Preformatted";
font-family:"Consolas",serif;
color:black;}
span.EmailStyle20
{mso-style-type:personal;
font-family:"Calibri",sans-serif;
color:windowtext;}
span.EmailStyle21
{mso-style-type:personal-reply;
font-family:"Calibri",sans-serif;
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:612.0pt 792.0pt;
margin:72.0pt 72.0pt 72.0pt 72.0pt;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]--></head><body bgcolor=white lang=EN-AU link="#0563C1" vlink="#954F72"><div class=WordSection1><p class=MsoNormal><a name="_MailEndCompose"><span style='color:windowtext'>Thanks Radovan,<o:p></o:p></span></a></p><p class=MsoNormal><span style='mso-bookmark:_MailEndCompose'><span style='color:windowtext'><o:p> </o:p></span></span></p><p class=MsoNormal><span style='mso-bookmark:_MailEndCompose'><span style='color:windowtext'>I’ll have a dig around and see if I can see any errors from the connector<o:p></o:p></span></span></p><p class=MsoNormal><span style='mso-bookmark:_MailEndCompose'><span style='color:windowtext'><o:p> </o:p></span></span></p><p class=MsoNormal><span style='mso-bookmark:_MailEndCompose'><span style='color:windowtext'><o:p> </o:p></span></span></p><p class=MsoNormal><span style='mso-bookmark:_MailEndCompose'><span style='color:windowtext'>Kind regards,<o:p></o:p></span></span></p><p class=MsoNormal><span style='mso-bookmark:_MailEndCompose'><span style='color:windowtext'><o:p> </o:p></span></span></p><p class=MsoNormal><span style='mso-bookmark:_MailEndCompose'><span style='color:windowtext'>Brad<o:p></o:p></span></span></p><p class=MsoNormal><span style='mso-bookmark:_MailEndCompose'><span style='color:windowtext'><o:p> </o:p></span></span></p><p class=MsoNormal><span style='mso-bookmark:_MailEndCompose'><span style='color:windowtext'><o:p> </o:p></span></span></p><p class=MsoNormal><span style='mso-bookmark:_MailEndCompose'><span style='color:windowtext'><o:p> </o:p></span></span></p><span style='mso-bookmark:_MailEndCompose'></span><div><div style='border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0cm 0cm 0cm'><p class=MsoNormal><b><span lang=EN-US style='color:windowtext;mso-fareast-language:EN-AU'>From:</span></b><span lang=EN-US style='color:windowtext;mso-fareast-language:EN-AU'> midPoint [mailto:midpoint-bounces@lists.evolveum.com] <b>On Behalf Of </b>Radovan Semancik<br><b>Sent:</b> Thursday, 27 October 2016 6:23 PM<br><b>To:</b> midpoint@lists.evolveum.com<br><b>Subject:</b> Re: [midPoint] ignoring attributes when LDAP connector reads schema<o:p></o:p></span></p></div></div><p class=MsoNormal><o:p> </o:p></p><div><p class=MsoNormal>Hi,<br><br>No, connector does not have an option to ignore specific attributes. However the errors may not be critical. If you are using AD, 389ds or a similar LDAP server that does not completely complies with RFCs then you will see the schema errors in the log. If these are the errors produced by the Apache Directory API then they are mostly safe to ignore (org.apache.directory package). The errors produced by the connector code are important (com.evolveum.polygon.ldap package).<br><br>There are two reasons for that. Firstly there are broken LDAP servers that just won't comply with the standards. This is the real reason for the errors, but realistically there is nothing we can do about this. The secondly, the error handling and reporting in the Apache Directory API is not ideal. I have made some improvements in the current version of the Apache Directory API (as did other contributors). Now there is a possibility for the connector to process the errors, but the API logs the errors anyway. The Apache Directory API needs a larger re-engineering of the error handling code. But that would break API compatibility. So we (Apache Directory API comitters) have agreed to postpone these fixes after API 1.0 release. Currently the 1.0-RC2 release is in progress, therefore we will hopefully get to fixing this issue soon ...<br><br>If you see any errors from the connector itself I would really wonder what these are. I have tested the connector with OpenLDAP (several versions), OpenDJ and 389ds. Almost the same code also applies to AD and eDirectory operations. Even though there are some schema errors all the attributes that I have tried worked fine.<br><br><br><span style='font-size:12.0pt;mso-fareast-language:EN-AU'><o:p></o:p></span></p><pre>-- <o:p></o:p></pre><pre>Radovan Semancik<o:p></o:p></pre><pre>Software Architect<o:p></o:p></pre><pre>evolveum.com<o:p></o:p></pre><p class=MsoNormal><br><br>On 10/27/2016 08:38 AM, Brad Fardig wrote:<o:p></o:p></p></div><blockquote style='margin-top:5.0pt;margin-bottom:5.0pt'><p class=MsoNormal>Hi,<o:p></o:p></p><p class=MsoNormal> <o:p></o:p></p><p class=MsoNormal>Is it possible to have the LDAP connector ignore particular attributes when it is dynamically building the schema?<o:p></o:p></p><p class=MsoNormal> <o:p></o:p></p><p class=MsoNormal>I have midPoint 3.4 with the LDAP connector version 1.4.2.19<o:p></o:p></p><p class=MsoNormal> <o:p></o:p></p><p class=MsoNormal>I am getting errors when the schema is being retrieved. If I turn quirks mode on the errors are as shown in connector-error1.log and connector-error2.log (taken from idm.log. <o:p></o:p></p><p class=MsoNormal> <o:p></o:p></p><p class=MsoNormal>With quirks mode off the error is shown in err.txt. The attribute in question here has a complex syntax that is defined in the schema but doesn’t appear to be returned by the directory as my LDAP admin tool doesn’t show the syntax either. The attribute is not used within any entries in the directory but is defined as a “may” attribute within several aux object classes.<o:p></o:p></p><p class=MsoNormal> <o:p></o:p></p><p class=MsoNormal> <o:p></o:p></p><p class=MsoNormal>Kind Regards,<o:p></o:p></p><p class=MsoNormal> <o:p></o:p></p><p class=MsoNormal>Brad<o:p></o:p></p><p class=MsoNormal> <o:p></o:p></p><p class=MsoNormal> <o:p></o:p></p><p class=MsoNormal> <o:p></o:p></p><p class=MsoNormal> <o:p></o:p></p><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Times New Roman",serif;mso-fareast-language:EN-AU'><br><br><br><o:p></o:p></span></p><pre>_______________________________________________<o:p></o:p></pre><pre>midPoint mailing list<o:p></o:p></pre><pre><a href="mailto:midPoint@lists.evolveum.com">midPoint@lists.evolveum.com</a><o:p></o:p></pre><pre><a href="http://lists.evolveum.com/mailman/listinfo/midpoint">http://lists.evolveum.com/mailman/listinfo/midpoint</a><o:p></o:p></pre></blockquote><p class=MsoNormal><span style='font-size:12.0pt;font-family:"Times New Roman",serif;mso-fareast-language:EN-AU'><br><br><br><br><i>This email, and any attachment, is confidential and also privileged. If you have received it in error, please notify me immediately and delete it from your system along with any attachments. You should not copy or use it for any purpose, nor disclose its contents to any other person. </i><o:p></o:p></span></p></div></body></html>