apiVersion: v1
kind: ConfigMap
metadata:
name: mp-demo-poi-ldap-res
namespace: mp-demo
data:
151-resource-openldap.xml: |
LDAP
LDAP resource using a ConnId LDAP connector. It contains configuration
for use with OpenLDAP servers.
c:connectorType
com.evolveum.polygon.connector.ldap.LdapConnector
389
mp-demo-ldap.mp-demo.svc.cluster.local
dc=example,dc=com
cn=idm,ou=Administrators,dc=example,dc=com
secret
auto
SSHA
uid,cn,ou,dc
2.5.13.3
memberOf
createTimestamp
always
openldap
false
false
false
account
Normal Account
true
ri:inetOrgPerson
[ri:dn]
Distinguished Name
0
true
true
true
[ri:entryUUID]
Entry UUID
true
false
true
[ri:cn]
Common Name
0
true
true
true
[ri:sn]
Surname
0
familyName
[ri:givenName]
Given Name
givenName
[ri:uid]
Login Name
weak
name
[ri:description]
weak
Created by midPoint
[ri:mail]
Mail
false
strong
[ri:l]
Location
[ri:employeeNumber]
Employee Number
false
strong
[ri:ldapGroup]
LDAP Group Membership
entitlement
ldapGroup
objectToSubject
ri:member
ri:dn
5
http://prism.evolveum.com/xml/ns/public/matching-rule-3#stringIgnoreCase
attributes/ri:dn
cn=idm,ou=Administrators,dc=example,dc=com
weak
weak
entitlement
ldapGroup
LDAP Group
ri:groupOfNames
ri:organizationalUnit
attributes/dn
ou=groups,dc=example,dc=com
[ri:dn]
[ri:member]
minimal
weak
cn=fake,dc=example,dc=com
[ri:cn]
weak
ri:cn
ri:inetOrgPerson
account
default
UserType
true
name
$account/attributes/uid
linked
true
deleted
true
http://midpoint.evolveum.com/xml/ns/public/model/action-3#unlink
unlinked
true
http://midpoint.evolveum.com/xml/ns/public/model/action-3#link
ri:groupOfNames
entitlement
ldapGroup
OrgType
true
name
$account/attributes/cn
linked
true
deleted
true
http://midpoint.evolveum.com/xml/ns/public/model/action-3#unlink
unlinked
true
http://midpoint.evolveum.com/xml/ns/public/model/action-3#link
ri:posixGroup
entitlement
posixGroup
OrgType
true
name
$projection/attributes/cn
linked
true
deleted
true
http://midpoint.evolveum.com/xml/ns/public/model/action-3#unlink
unlinked
true
http://midpoint.evolveum.com/xml/ns/public/model/action-3#link
311-role-ldap.xml: |
ldap
LDAP account
account
default
403-test-user.xml: |-
test.user.ldap
Test user
Test
User
5ecr3t