incubator-syncope-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Fabio Martelli <>
Subject Re: [connid-users] Re: Syncope | Error while provisioning user to LDAP
Date Tue, 13 Mar 2012 10:02:41 GMT

Il giorno 13/mar/2012, alle ore 06.43, Antony Pulicken ha scritto:

> Attaching the screenshots again as there was some issue last time....
> On Tue, Mar 13, 2012 at 11:08 AM, Antony Pulicken <> wrote:
> Hi,
> I'm getting the following error while provisioning a user from syncope to LDAP. 
> org.identityconnectors.framework.common.exceptions.ConnectorException: javax.naming.OperationNotSupportedException:
[LDAP: error code 53 - Entry uid=user201,ou=people,dc=opensso,dc=java,dc=net cannot be added
because it includes attribute entryUUID which is defined as NO-USER-MODIFICATION in the server
schema]; remaining name 'uid=user201,ou=people,dc=opensso,dc=java,dc=net'
>     at org.identityconnectors.ldap.schema.LdapSchemaMapping.create(
>     at org.identityconnectors.ldap.modify.LdapCreate$1.access( ~[na:na]
>     at org.identityconnectors.ldap.schema.GuardedPasswordAttribute$Simple$1.access(
> I think the attribute 'entryUUID' is getting included because we are setting one of the
field/mapping as the account Id (and it's mandatory to do that in Syncope).  
> It worked only when I added a check for 'entryUUID' and excluded the same from the attributes
while creating the sub context in the LDAP connector code (LdapSchemaMapping.create()). Please
let me know whether there is any better way to make it work? 
> I have also attached the screen shot of my LDAP Resource mapping un syncope.

Hi Antony,
you don't have to map uid. Uid attribute mapping will be generated implicitly  be defining
the AccountId.

Let me know if the problem persists.


> Regards,
> Antony.
> <Screen Shot 2012-03-13 at 11.12.23 AM.png><Screen Shot 2012-03-13 at 11.12.43

View raw message