<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>
<body>
<div dir="auto" style="direction: ltr; margin: 0; padding: 0; font-family: sans-serif; font-size: 11pt; color: black; ">
You need to add all the object classes for the attributes your users have, whichever object class those 2 attributes belong to add them as auxiliary object class in resource<span id="ms-outlook-android-cursor"></span></div>
<hr style="display:inline-block;width:98%" tabindex="-1">
<div id="divRplyFwdMsg" dir="ltr"><font face="Calibri, sans-serif" style="font-size:11pt" color="#000000"><b>From:</b> midPoint <midpoint-bounces@lists.evolveum.com> on behalf of Gus Lou via midPoint <midpoint@lists.evolveum.com><br>
<b>Sent:</b> Sunday, January 3, 2021 2:00:41 PM<br>
<b>To:</b> midPoint General Discussion <midpoint@lists.evolveum.com><br>
<b>Cc:</b> Gus Lou <gugalou38@gmail.com><br>
<b>Subject:</b> Re: [midPoint] AD Account Import Task Error</font>
<div> </div>
</div>
<div>
<div dir="ltr">
<div dir="ltr">
<div dir="ltr">
<div dir="ltr">
<div dir="ltr">
<div dir="ltr">
<div dir="ltr">
<div>Hi Guys<br>
</div>
<div><br>
</div>
<div>Unfortunately the strategy of filtering by the path I mentioned earlier did not work. </div>
<div>The active directory environment has several accounts that have attributes such as:</div>
<div><br>
</div>
<div>msDS-KeyCredentialLink and msExchUserBL than Midpoint</div>
<div><br>
</div>
<div>When I run the account import task I get the error extracted from the log<br>
</div>
<div><br>
</div>
<div>Couldn't convert resource object from ConnID to midPoint: uid=Attribute: {Name=__UID__, Value=[f10eed2a-1a67-4484-97c9-b9c28646fb12]}, name=Attribute: {Name=__NAME__, Value=[CN=Exchange Online-ApplicationAccount,OU=UserDisable,DC=xyz,DC=net]}, class=ObjectClass:
user: Unknown attribute msExchUserBL in definition of object class {<a href="http://midpoint.evolveum.com/xml/ns/public/resource/instance-3%7Duser" target="_blank">http://midpoint.evolveum.com/xml/ns/public/resource/instance-3}user</a>. Original ConnId name:
msExchUserBL in resource object identified by Attribute: {Name=__NAME__, Value=[CN=Exchange Online-ApplicationAccount,OU=UserDisable,DC=xyz,DC=net]}<br>
</div>
<div><br>
</div>
<div><span style="color:rgb(51,51,51); font-family:"Source Sans Pro",sans-serif; font-size:14px; background-color:rgb(245,245,245)">Error dealing with schema: Couldn't convert resource object from ConnID to midPoint: uid=Attribute: {Name=__UID__, Value=[20c2b611-1716-3c77-</span><span style="color:rgb(51,51,51); font-family:"Source Sans Pro",sans-serif; font-size:14px; background-color:rgb(245,245,245)">98c8-a8ba87e5c571]},
name=Attribute: {Name=__NAME__, Value=[CN=joe doe,OU=users,DC=xyz,DC=net]}, class=ObjectClass: user: Unknown attribute msDS-KeyCredentialLink in definition of object class {</span><a href="http://midpoint.evolveum.com/xml/ns/public/resource/instance-3%7Duser" target="_blank" style="font-family:"Source Sans Pro",sans-serif; font-size:14px">http://midpoint.evolveum.com/xml/ns/public/resource/instance-3}user</a><span style="color:rgb(51,51,51); font-family:"Source Sans Pro",sans-serif; font-size:14px; background-color:rgb(245,245,245)">.
Original ConnId name: msDS-KeyCredentialLink in resource object identified by Attribute: {Name=__NAME__, Value=[CN=joe doe,OU=users,DC=xyz,DC=net]}</span><br>
</div>
<div><span style="color:rgb(51,51,51); font-family:"Source Sans Pro",sans-serif; font-size:14px; background-color:rgb(245,245,245)"><br>
</span></div>
<div><span style="background-color:rgb(245,245,245)"><font color="#333333" face="Source Sans Pro, sans-serif"><span style="font-size:14px">If anyone has any tips I would appreciate it.</span></font><br>
</span></div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<br>
<div class="x_gmail_quote">
<div dir="ltr" class="x_gmail_attr">Em sáb., 2 de jan. de 2021 às 22:39, Gus Lou <<a href="mailto:gugalou38@gmail.com">gugalou38@gmail.com</a>> escreveu:<br>
</div>
<blockquote class="x_gmail_quote" style="margin:0px 0px 0px 0.8ex; border-left:1px solid rgb(204,204,204); padding-left:1ex">
<div dir="ltr">
<div dir="ltr">
<div>It seems that using a filter on the resource may be a solution.</div>
<div><br>
</div>
<div><condition></div>
<div> <script xmlns:xsi="<a href="http://www.w3.org/2001/XMLSchema-instance" target="_blank">http://www.w3.org/2001/XMLSchema-instance</a>" xsi:type="c:ScriptExpressionEvaluatorType"></div>
<div> <code></div>
<div> obj = basic.getAttributeValue(shadow, '<a href="http://midpoint.evolveum.com/xml/ns/public/resource/instance-3" target="_blank">http://midpoint.evolveum.com/xml/ns/public/resource/instance-3</a>','dn');</div>
<div> return (obj.contains('OU=employees,DC=xyz,DC=net'));</div>
<div> </code></div>
<div> </script></div>
<div></condition></div>
</div>
</div>
<br>
<div class="x_gmail_quote">
<div dir="ltr" class="x_gmail_attr">Em sáb., 2 de jan. de 2021 às 21:21, Gus Lou <<a href="mailto:gugalou38@gmail.com" target="_blank">gugalou38@gmail.com</a>> escreveu:<br>
</div>
<blockquote class="x_gmail_quote" style="margin:0px 0px 0px 0.8ex; border-left:1px solid rgb(204,204,204); padding-left:1ex">
<div dir="ltr">
<div dir="ltr">
<div dir="ltr">
<div dir="ltr">Hello Guys Happy New Year
<div><br>
</div>
<div><font color="#000000" face="Roboto, RobotoDraft, Helvetica, Arial, sans-serif"><span style="font-size:18px; white-space:pre-wrap">I created a task to import existing accounts in Active Directory. After the task to import some accounts it stop and presents
an error regarding an account that could not be imported. It is a default exchange account that for some reason is not being recognized by the midpoint. Is there a way to exclude this account from import so that it doesn't stop the task?</span></font><br>
</div>
<div><font color="#000000" face="Roboto, RobotoDraft, Helvetica, Arial, sans-serif"><span style="font-size:18px; white-space:pre-wrap"><br>
</span></font></div>
<div><font color="#000000" face="Roboto, RobotoDraft, Helvetica, Arial, sans-serif"><span style="font-size:18px; white-space:pre-wrap">Task error:</span></font></div>
<div>Couldn't convert resource object from ConnID to midPoint: uid=Attribute: {Name=__UID__, Value=[f10eed2a-1a67-4484-97c9-b9c28646fb12]}, name=Attribute: {Name=__NAME__, Value=[CN=Exchange Online-ApplicationAccount,OU=UserDisable,DC=xyz,DC=net]}, class=ObjectClass:
user: Unknown attribute msExchUserBL in definition of object class {<a href="http://midpoint.evolveum.com/xml/ns/public/resource/instance-3%7Duser" target="_blank">http://midpoint.evolveum.com/xml/ns/public/resource/instance-3}user</a>. Original ConnId name:
msExchUserBL in resource object identified by Attribute: {Name=__NAME__, Value=[CN=Exchange Online-ApplicationAccount,OU=UserDisable,DC=xyz,DC=net]}<font color="#000000" face="Roboto, RobotoDraft, Helvetica, Arial, sans-serif"><span style="font-size:18px; white-space:pre-wrap"><br>
</span></font></div>
<div><br>
</div>
<div><br>
</div>
<div>Regards</div>
<div><br>
</div>
<div>Gus</div>
</div>
</div>
</div>
</div>
</blockquote>
</div>
</blockquote>
</div>
</div>
</body>
</html>