Uploaded image for project: 'MidPoint'
  1. MidPoint
  2. MID-4933

shadow account not pulling all attributes

    XMLWordPrintable

    Details

    • Subscription:
      Active subscription

      Description

      There appears to be behaviour differences with either com.evolveum.polygon.connector.ldap.LdapConnector versions 1.6 and 2.0 M4 or midPoint versions 3.8 and 3.9.

      Problem
      When a shadow account is created in midPoint not all attribute values are being pulled into midPoint. This is causing reconciliation and discovery issues with users.

      Tested Situations

      1. User exists in midPoint, account exists on ODSEE. Assign role in midPoint to user that assigns ODSEE resources. Error occurs with ObjectAlreadyExists error. Shadow is created but has very little information in it. (see attached logs)
      2. User exists in midPoint, user is assigned role with ODSEE and account exists in ODSEE and is LINKED. Delete the shadow account from midPoint. Make minor update to midPoint user (ie. last name change). Error occurs and shadow is created but has very little information (see screenshot attached).

      Environment where functionality works as expected

      • midPoint v3.8 support
      • LdapConnector v1.6

      Environment where error is produced

      • midPoint v3.9 support
      • LdapConnector v2.0 M4

      ODSEE version is 11.1.1.7.

      When using either version of com.evolveum.polygon.connector.ldap.ad.AdLdapConnector with our Active Directory environment it works as expected.

        Attachments

          Activity

            People

            Assignee:
            katkav Katka Bolemant
            Reporter:
            adavenp4 Adam Davenport
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: