[midPoint] Mapping of Service attributes

Jiri Brom bromjiri at gmail.com
Fri Nov 18 00:55:53 CET 2016 

Hi,

you were right with the wizard issue. When working in wizard schema handler
won't even let you to save "$focus/identifier" but in XML editor it works
fine.

Thank you very much for your help :)

J.

Jiří Brom

e-mail: bromjiri at gmail.com
CZ: +420723860707
AT: +436607144324

On Wed, Nov 16, 2016 at 5:36 PM, Pavol Mederly <mederly at evolveum.com> wrote:

> Resource wizard tries to determine focus type based on <synchronization>
> section; so the problem could be there.
>
> Best regards,
>
> Pavol Mederly
> Software developerevolveum.com
>
> On 16.11.2016 15:47, Ivan Noris wrote:
>
> Hi,
>
> schema handling looks ok for me - mapping whatever focus to account. Btw.
> which connector are you using?
>
> But - how are you provisioning this? Which role are you assigning to your
> Service?
>
> I need to see the inducement part of the role...
>
> Ivan
>
> On 11/16/2016 03:11 PM, Jiri Brom wrote:
>
> Hi,
>
> Just for testing I tried to map $focus/identifier as Source in the
> existing LDAP connector in online demo. In schema handling called "LDAP
> project groups" it was working. The main difference from my schema handling
> is that it has __GROUP__ objectClass. Is it possible that attributes from
> Org, Role or Service can be mapped only to __GROUP__  object class?
>
> My schema handling is following:
>
> <schemaHandling>
>       <objectType>
>          <kind>account</kind>
>          <default>true</default>
>          <objectClass>ri:AccountObjectClass</objectClass>
>          <attribute>
>             <c:ref>icfs:name</c:ref>
>             <tolerant>true</tolerant>
>             <exclusiveStrong>false</exclusiveStrong>
>             <outbound>
>                <authoritative>true</authoritative>
>                <exclusive>false</exclusive>
>                <strength>normal</strength>
>                <source>
>                   <c:path>$focus/name</c:path>
>                </source>
>             </outbound>
>          </attribute>
>          <attribute>
>             <c:ref>ri:identifier</c:ref>
>             <tolerant>true</tolerant>
>             <exclusiveStrong>false</exclusiveStrong>
>             <outbound>
>                <authoritative>true</authoritative>
>                <exclusive>false</exclusive>
>                <strength>normal</strength>
>                <source>
>                   <c:path>$focus/identifier</c:path>
>                </source>
>             </outbound>
>          </attribute>
>       </objectType>
>    </schemaHandling>
>
>
> Thank you for your answers,
>
> Jiri
>
>
> Jiří Brom
>
> e-mail: bromjiri at gmail.com
> CZ: +420723860707
> AT: +436607144324
>
> On Wed, Nov 16, 2016 at 1:33 PM, Ivan Noris <ivan.noris at evolveum.com>
> wrote:
>
>> Hi,
>>
>> the __ACCOUNT__ is the default, yes.
>>
>> I don't know which connector are you using, but in general there is no
>> problem for midPoint to create accounts for organizations or roles; it's
>> just not very common. Normally you sould use <objectClass> in the schema
>> handling to tell the connector which kind of the object it should create.
>>
>> Could you share the resource of at least part of it - schema handling?
>>
>> Ivan
>>
>> On 11/16/2016 01:07 PM, Jiri Brom wrote:
>>
>> Hi,
>>
>> In my case when I try to map for instance "$focus/tenant", which is an
>> attribute of OrgType (https://wiki.evolveum.com/display/midPoint/OrgType)
>> it also doesn't work. Still the same error "No definition for 'tenant' in
>> user". I think I do some stupid mistake in setup which allows me to
>> provision User attributes only. Do you use some special configuration when
>> working with OrgType or RoleType? E.g. Kind, Intent, etc..
>>
>> Or is it possible that the problem is in the ObjectClass defined in my
>> connector schema? As I understand the Connector Development Guide, then
>> __ACOUNT__ is the default one (I am using that one). Do I have to use some
>> other ObjectClass when mapping Role, Org or other attributes?
>>
>> Thank you for your answers,
>>
>> Jiri
>>
>> Jiří Brom
>>
>> e-mail: bromjiri at gmail.com
>> CZ: +420723860707
>> AT: +436607144324
>>
>> On Wed, Nov 16, 2016 at 12:57 PM, Pavol Mederly <mederly at evolveum.com>
>> wrote:
>>
>>> The wizard could really have a problem in this respect. We haven't
>>> updated it after Services were introduced, as far as I know.
>>>
>>> Pavol Mederly
>>> Software developerevolveum.com
>>>
>>> On 16.11.2016 12:42, Ivan Noris wrote:
>>>
>>> Hi Jiri,
>>>
>>> I have not used Service, but for provisioning objects for Roles /
>>> Organizations I'm using $focus and it should be the same for Service.
>>>
>>> Maybe the resource wizard has an issue with Service? Just thinking. But
>>> using XML editor/upload you should be able to access the attributes as
>>> $focus/identifier etc.
>>>
>>> Let us know please anyway.
>>>
>>> Regards,
>>>
>>> Ivan
>>>
>>> On 11/16/2016 12:29 PM, Jiri Brom wrote:
>>>
>>> Hi all,
>>>
>>> I have a problem with mapping of Service attributes to a connector in
>>> Schema handling.
>>> I've successfully implemented a midPoint connector which maps User
>>> attributes to my resource. Now I want to do the same but with Service
>>> attributes.
>>>
>>> In case of User attributes I can simply define Outbound mapping (e.g.
>>> "name", "givenName", "familyName") but I can't figure out how to access
>>> Service attributes (e.g. "identifier", "url") in the same way.
>>>
>>> I know I should probably use "$focus/" variable but the resource wizard
>>> keeps notifying me "No definition for 'identifier' in user".
>>> Is there a way to simply access the Service attributes?
>>>
>>> Thank you very much,
>>>
>>> Jiri
>>>
>>>
>>> e-mail: bromjiri at gmail.com
>>> CZ: +420723860707
>>>
>>>
>>>
>>> _______________________________________________
>>> midPoint mailing listmidPoint at lists.evolveum.comhttp://lists.evolveum.com/mailman/listinfo/midpoint
>>>
>>> --
>>> Ivan Noris
>>> Senior Identity Engineerevolveum.com
>>>
>>> _______________________________________________
>>> midPoint mailing listmidPoint at lists.evolveum.comhttp://lists.evolveum.com/mailman/listinfo/midpoint
>>>
>>> _______________________________________________ midPoint mailing list
>>> midPoint at lists.evolveum.com http://lists.evolveum.com/mail
>>> man/listinfo/midpoint
>>
>> _______________________________________________
>> midPoint mailing listmidPoint at lists.evolveum.comhttp://lists.evolveum.com/mailman/listinfo/midpoint
>>
>> --
>> Ivan Noris
>> Senior Identity Engineerevolveum.com
>>
>> _______________________________________________ midPoint mailing list
>> midPoint at lists.evolveum.com http://lists.evolveum.com/mail
>> man/listinfo/midpoint
>
> _______________________________________________
> midPoint mailing listmidPoint at lists.evolveum.comhttp://lists.evolveum.com/mailman/listinfo/midpoint
>
> --
> Ivan Noris
> Senior Identity Engineerevolveum.com
>
> _______________________________________________
> midPoint mailing listmidPoint at lists.evolveum.comhttp://lists.evolveum.com/mailman/listinfo/midpoint
>
>
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> http://lists.evolveum.com/mailman/listinfo/midpoint
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20161118/b49b22f9/attachment.htm>

More information about the midPoint mailing list