[midPoint] User renaming in 2 resources

[Aivo Kuhlberg]

Hi,

I have midPoint connected to HR system (inbound only). Some of the HR user's info, eg firstname  and lastname, is synced directly to midPoint when it changes in HR with strong inbound strength. But the problem is here that user's name may be changed first in midPoint and later in HR. When that happens then user name may change back to old value after HR sync and later change back to new value when the user name is changed in HR system. I want to avoid that situation. Once the user name is changed it should not switch back to old value because there are other attributes which depend on that.
My current idea how to avoid that situation is to store the midPoint user's old name values in user's extension attributes when user's name changes, eg "extension/oldgivenname" and "extension/oldsn". In this case I could control for example the HR firstname attribute inbound mapping with simple condition (for simplicity I assume here that oldgivenname is single-valued attribute):
 <condition>
    <script><code>oldgivenname==null || firstname != oldgivenname</code></script>
 </condition>

Question for me here is how to store the midPoint user's givenName or sn attribute value in respective extension/oldgivenname or extension/oldsn attribute before it is changed. Does anybody have any ideas how to implement that functionality or any better ideas how to avoid user name changing issue described above?
Thanks,
Aivo Kuhlberg

________________________________
Käesolev e-kiri võib sisaldada asutusesiseseks kasutamiseks tunnistatud teavet.
This e-mail may contain information which is classified for official use.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20161123/7ede9157/attachment.htm>