[midPoint] Mapping of Service attributes

Jiri Brom bromjiri at gmail.com
Wed Nov 16 15:11:05 CET 2016 

Hi,

Just for testing I tried to map $focus/identifier as Source in the existing
LDAP connector in online demo. In schema handling called "LDAP project
groups" it was working. The main difference from my schema handling is that
it has __GROUP__ objectClass. Is it possible that attributes from Org, Role
or Service can be mapped only to __GROUP__  object class?

My schema handling is following:

<schemaHandling>
      <objectType>
         <kind>account</kind>
         <default>true</default>
         <objectClass>ri:AccountObjectClass</objectClass>
         <attribute>
            <c:ref>icfs:name</c:ref>
            <tolerant>true</tolerant>
            <exclusiveStrong>false</exclusiveStrong>
            <outbound>
               <authoritative>true</authoritative>
               <exclusive>false</exclusive>
               <strength>normal</strength>
               <source>
                  <c:path>$focus/name</c:path>
               </source>
            </outbound>
         </attribute>
         <attribute>
            <c:ref>ri:identifier</c:ref>
            <tolerant>true</tolerant>
            <exclusiveStrong>false</exclusiveStrong>
            <outbound>
               <authoritative>true</authoritative>
               <exclusive>false</exclusive>
               <strength>normal</strength>
               <source>
                  <c:path>$focus/identifier</c:path>
               </source>
            </outbound>
         </attribute>
      </objectType>
   </schemaHandling>


Thank you for your answers,

Jiri


Jiří Brom

e-mail: bromjiri at gmail.com
CZ: +420723860707
AT: +436607144324

On Wed, Nov 16, 2016 at 1:33 PM, Ivan Noris <ivan.noris at evolveum.com> wrote:

> Hi,
>
> the __ACCOUNT__ is the default, yes.
>
> I don't know which connector are you using, but in general there is no
> problem for midPoint to create accounts for organizations or roles; it's
> just not very common. Normally you sould use <objectClass> in the schema
> handling to tell the connector which kind of the object it should create.
>
> Could you share the resource of at least part of it - schema handling?
>
> Ivan
>
> On 11/16/2016 01:07 PM, Jiri Brom wrote:
>
> Hi,
>
> In my case when I try to map for instance "$focus/tenant", which is an
> attribute of OrgType (https://wiki.evolveum.com/display/midPoint/OrgType)
> it also doesn't work. Still the same error "No definition for 'tenant' in
> user". I think I do some stupid mistake in setup which allows me to
> provision User attributes only. Do you use some special configuration when
> working with OrgType or RoleType? E.g. Kind, Intent, etc..
>
> Or is it possible that the problem is in the ObjectClass defined in my
> connector schema? As I understand the Connector Development Guide, then
> __ACOUNT__ is the default one (I am using that one). Do I have to use some
> other ObjectClass when mapping Role, Org or other attributes?
>
> Thank you for your answers,
>
> Jiri
>
> Jiří Brom
>
> e-mail: bromjiri at gmail.com
> CZ: +420723860707
> AT: +436607144324
>
> On Wed, Nov 16, 2016 at 12:57 PM, Pavol Mederly <mederly at evolveum.com>
> wrote:
>
>> The wizard could really have a problem in this respect. We haven't
>> updated it after Services were introduced, as far as I know.
>>
>> Pavol Mederly
>> Software developerevolveum.com
>>
>> On 16.11.2016 12:42, Ivan Noris wrote:
>>
>> Hi Jiri,
>>
>> I have not used Service, but for provisioning objects for Roles /
>> Organizations I'm using $focus and it should be the same for Service.
>>
>> Maybe the resource wizard has an issue with Service? Just thinking. But
>> using XML editor/upload you should be able to access the attributes as
>> $focus/identifier etc.
>>
>> Let us know please anyway.
>>
>> Regards,
>>
>> Ivan
>>
>> On 11/16/2016 12:29 PM, Jiri Brom wrote:
>>
>> Hi all,
>>
>> I have a problem with mapping of Service attributes to a connector in
>> Schema handling.
>> I've successfully implemented a midPoint connector which maps User
>> attributes to my resource. Now I want to do the same but with Service
>> attributes.
>>
>> In case of User attributes I can simply define Outbound mapping (e.g.
>> "name", "givenName", "familyName") but I can't figure out how to access
>> Service attributes (e.g. "identifier", "url") in the same way.
>>
>> I know I should probably use "$focus/" variable but the resource wizard
>> keeps notifying me "No definition for 'identifier' in user".
>> Is there a way to simply access the Service attributes?
>>
>> Thank you very much,
>>
>> Jiri
>>
>>
>> e-mail: bromjiri at gmail.com
>> CZ: +420723860707
>>
>>
>>
>> _______________________________________________
>> midPoint mailing listmidPoint at lists.evolveum.comhttp://lists.evolveum.com/mailman/listinfo/midpoint
>>
>> --
>> Ivan Noris
>> Senior Identity Engineerevolveum.com
>>
>> _______________________________________________
>> midPoint mailing listmidPoint at lists.evolveum.comhttp://lists.evolveum.com/mailman/listinfo/midpoint
>>
>> _______________________________________________ midPoint mailing list
>> midPoint at lists.evolveum.com http://lists.evolveum.com/mail
>> man/listinfo/midpoint
>
> _______________________________________________
> midPoint mailing listmidPoint at lists.evolveum.comhttp://lists.evolveum.com/mailman/listinfo/midpoint
>
> --
> Ivan Noris
> Senior Identity Engineerevolveum.com
>
>
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> http://lists.evolveum.com/mailman/listinfo/midpoint
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20161116/acbe3791/attachment.htm>

More information about the midPoint mailing list