<xsd:element name="DirectoryAdminPassword" type="xsd:string">
<xsd:annotation>
<xsd:appinfo>
<a:displayName>Directory Administrator's Password</a:displayName>
<a:help>Directory Administrator's Password</a:help>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
String to ProtectedString Connector Configuration
Some connectors have string
values for configuration items that should be protected, e.g. passwords.
While this is clear problem of the connector there is a way how to work around that in midPoint.
The basic idea is to manually change the type of the configuration item in the connector schema.
Find the Connector
In Configuration > Repository objects find the appropriate connector object.
It contains a <xsd:schema>
section.
Find the problematic configuration item definition in the schema:
Note the type definition: type="xsd:string"
.
Correct the type
Edit the schema by replacing the string type with ProtectedStringType
:
<xsd:element name="DirectoryAdminPassword" type="c:ProtectedStringType">
<xsd:annotation>
<xsd:appinfo>
<a:displayName>Directory Administrator's Password</a:displayName>
<a:help>Directory Administrator's Password</a:help>
</xsd:appinfo>
</xsd:annotation>
</xsd:element>
Make sure that the appropariate namespace prefix is defined (the c
prefix in this case):
<connector xmlns="http://midpoint.evolveum.com/xml/ns/public/common/common-2a" oid="8154bc3d-2eaa-4725-8b04-581c8ba1aa01" version="3">
<name>ICF Org.IdentityConnectors.ActiveDirectory.ActiveDirectoryConnector @ICF Connector server on medusa:8759</name>
<framework>http://midpoint.evolveum.com/xml/ns/public/connector/icf-1</framework>
<connectorType>Org.IdentityConnectors.ActiveDirectory.ActiveDirectoryConnector</connectorType>
<connectorVersion>1.0.0.5570</connectorVersion>
<connectorBundle>ActiveDirectory.Connector</connectorBundle>
<namespace>http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/bundle/ActiveDirectory.Connector/Org.IdentityConnectors.ActiveDirectory.ActiveDirectoryConnector</namespace>
<connectorHostRef xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-2a" oid="91919191-76e0-59e2-86d6-44cc44cc44cc" type="c:ConnectorHostType"/>
<schema>
<definition>
<xsd:schema xmlns="http://midpoint.evolveum.com/xml/ns/public/common/common-2a"
xmlns:c="http://prism.evolveum.com/xml/ns/public/annotation-2">
...
<!-- The following line has been added -->
<xsd:import namespace="http://midpoint.evolveum.com/xml/ns/public/common/common-2a"/>
...
</xsd:schema>
</definition>
</schema>
</connector>
Fix resource definitions
Instead of using string in the resource definition use protected strings as usual:
<resource>
...
<configuration>
<icfc:configurationProperties>
...
<icfi:DirectoryAdminPassword>
<clearValue>sup3rS3cr3t</clearValue>
</icfi:DirectoryAdminPassword>
...
</icfc:configurationProperties>
...
</configuration>
...
</resource>
The value will be encrypted as usual when such resource definition in imported.