<html xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:x="urn:schemas-microsoft-com:office:excel" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta name="Title" content="">
<meta name="Keywords" content="">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Calibri",sans-serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:#0563C1;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:#954F72;
text-decoration:underline;}
span.EmailStyle17
{mso-style-type:personal-compose;
font-family:"Calibri",sans-serif;
color:windowtext;}
span.msoIns
{mso-style-type:export-only;
mso-style-name:"";
text-decoration:underline;
color:teal;}
.MsoChpDefault
{mso-style-type:export-only;
font-family:"Calibri",sans-serif;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style>
</head>
<body bgcolor="white" lang="EN-US" link="#0563C1" vlink="#954F72">
<div class="WordSection1">
<p class="MsoNormal"><span style="font-size:11.0pt">Community,<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt">I am trying to connect to an openldap server with midpoint and do a simple import and match shadows to the users in midpoint.
<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt">Has anyone seen this error before, or know of a fix for this error?<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt">When I run the import task, I am getting an error on the LDAP side:<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt">Do_modify: get_ctrls failed<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt">On midpoing I am getting the following error:<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt">Couldn't modify object: generic error in the connector: Generic error in the connector. Can't process shadow shadow: uid=abrown,ou=People,dc=example,dc=edu (OID:38a0542d-2113-410a-bb0b-a03345ceb969).<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt"><?xml version="1.0" encoding="UTF-8"?><br>
<br>
<objects xmlns="http://midpoint.evolveum.com/xml/ns/public/common/common-3"<br>
xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3"<br>
xmlns:q="http://prism.evolveum.com/xml/ns/public/query-3"<br>
xmlns:t="http://prism.evolveum.com/xml/ns/public/types-3"<br>
xmlns:ri="http://midpoint.evolveum.com/xml/ns/public/resource/instance-3"<br>
xmlns:icfc="http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/connector-schema-3"<br>
xmlns:icfs="http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/resource-schema-3"<br>
xmlns:mext="http://midpoint.evolveum.com/xml/ns/public/model/extension-3"<br>
xmlns:icfcldap="http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/bundle/com.evolveum.polygon.connector-ldap/com.evolveum.polygon.connector.ldap.LdapConnector"<br>
xmlns:mr="http://prism.evolveum.com/xml/ns/public/matching-rule-3"><br>
<br>
<resource oid="6573361b-20c9-4d79-8f00-f1445b5902a2"><br>
<br>
<name>LDAP</name><br>
<br>
<connectorRef type="ConnectorType"><br>
<filter><br>
<q:equal><br>
<q:path>c:connectorType</q:path><br>
<q:value>com.evolveum.polygon.connector.ldap.LdapConnector</q:value><br>
</q:equal><br>
</filter><br>
</connectorRef><br>
<br>
<connectorConfiguration><br>
<icfc:configurationProperties><br>
<icfcldap:port>389</icfcldap:port><br>
<icfcldap:host>myldaphost</icfcldap:host><br>
<icfcldap:baseContext>ou=People,dc=example,dc=edu</icfcldap:baseContext><br>
<icfcldap:bindDn>myldpabindDN</icfcldap:bindDn><br>
<icfcldap:bindPassword><t:clearValue>myldpapassword</t:clearValue></icfcldap:bindPassword><br>
<icfcldap:usePermissiveModify>always</icfcldap:usePermissiveModify><br>
<icfcldap:pagingStrategy>auto</icfcldap:pagingStrategy><br>
<icfcldap:passwordHashAlgorithm>SSHA</icfcldap:passwordHashAlgorithm><br>
<icfcldap:vlvSortAttribute>uid</icfcldap:vlvSortAttribute><br>
<icfcldap:vlvSortOrderingRule>2.5.13.3</icfcldap:vlvSortOrderingRule><br>
<icfcldap:operationalAttributes>memberOf</icfcldap:operationalAttributes><br>
<icfcldap:operationalAttributes>createTimestamp</icfcldap:operationalAttributes><br>
</icfc:configurationProperties><br>
<br>
<icfc:resultsHandlerConfiguration><br>
<icfc:enableNormalizingResultsHandler>false</icfc:enableNormalizingResultsHandler><br>
<icfc:enableFilteredResultsHandler>false</icfc:enableFilteredResultsHandler><br>
<icfc:enableAttributesToGetSearchResultsHandler>false</icfc:enableAttributesToGetSearchResultsHandler><br>
</icfc:resultsHandlerConfiguration><br>
</connectorConfiguration><br>
<br>
<schema><br>
<generationConstraints><br>
<generateObjectClass>ri:inetOrgPerson</generateObjectClass><br>
<generateObjectClass>ri:groupOfUniqueNames</generateObjectClass><br>
<generateObjectClass>ri:groupOfNames</generateObjectClass><br>
<generateObjectClass>ri:organizationalUnit</generateObjectClass><br>
<generateObjectClass>ri:eduPerson</generateObjectClass><br>
</generationConstraints><br>
</schema><br>
<br>
<schemaHandling><br>
<objectType><br>
<intent>default</intent><br>
<displayName>Default Account</displayName><br>
<default>true</default><br>
<objectClass>ri:inetOrgPerson</objectClass><br>
<br>
<attribute><br>
<ref>ri:uid</ref><br>
<inbound><br>
<target><br>
<path>$user/name</path><br>
</target><br>
</inbound><br>
</attribute><br>
<br>
<attribute><br>
<ref>ri:entryUUID</ref><br>
<displayName>Entry UUID</displayName><br>
<limitations><br>
<access><br>
<read>true</read><br>
<add>false</add><br>
<modify>true</modify><br>
</access><br>
</limitations><br>
<matchingRule>mr:stringIgnoreCase</matchingRule><br>
</attribute><br>
</objectType><br>
<br>
</schemaHandling><br>
<br>
<synchronization><br>
<objectSynchronization><br>
<enabled>true</enabled><br>
<br>
<correlation><br>
<q:description><br>
Correlation expression is a search query.<br>
Following search queury will look for users that have "name"<br>
equal to the "uid" attribute of the account. Simply speaking,<br>
it will look for match in usernames in the IDM and the resource.<br>
The correlation rule always looks for users, so it will not match<br>
any other object type.<br>
</q:description><br>
<q:equal><br>
<q:path>name</q:path><br>
<c:expression><br>
<c:path>$c:account/c:attributes/ri:uid</c:path><br>
</c:expression><br>
</q:equal><br>
</correlation><br>
<br>
<reaction><br>
<situation>linked</situation><br>
<synchronize>true</synchronize><br>
</reaction><br>
<br>
<reaction><br>
<situation>deleted</situation><br>
<synchronize>true</synchronize><br>
<action><br>
<handlerUri>http://midpoint.evolveum.com/xml/ns/public/model/action-3#unlink</handlerUri><br>
</action><br>
</reaction><br>
<br>
<reaction><br>
<situation>unlinked</situation><br>
<synchronize>true</synchronize><br>
<action><br>
<handlerUri>http://midpoint.evolveum.com/xml/ns/public/model/action-3#link</handlerUri><br>
</action><br>
</reaction><br>
</objectSynchronization><br>
</synchronization><br>
<br>
</resource><br>
<br>
<task><br>
<name>Import LDAP Accounts</name><br>
<extension ><br>
<mext:kind>account</mext:kind><br>
<mext:objectclass>ri:inetOrgPerson</mext:objectclass><br>
</extension><br>
<ownerRef oid="00000000-0000-0000-0000-000000000002" type="c:UserType"><!-- administrator --></ownerRef><br>
<executionStatus>runnable</executionStatus><br>
<category>ImportingAccounts</category><br>
<handlerUri>http://midpoint.evolveum.com/xml/ns/public/model/synchronization/task/import/handler-3</handlerUri><br>
<objectRef oid="6573361b-20c9-4d79-8f00-f1445b5902a2" type="c:ResourceType"><!--LDAP--></objectRef><br>
<recurrence>single</recurrence><br>
<binding>loose</binding><br>
<threadStopAction>restart</threadStopAction><br>
</task><br>
<br>
</objects><o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt">Chris Moore | EIS / Middleware | chris.moore5@wisc.edu<o:p></o:p></span></p>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
</body>
</html>