[midPoint] Importing entitlements to roles for multiple account intents

Alcides Carlos de Moraes Neto alcides.neto at gmail.com
Fri Dec 29 15:08:15 CET 2017 

Hi WS,

In your role template, have you tried adding multiple inducements with an
association for each entitlement? I don't see why that wouldn't work.

2017-12-28 13:54 GMT-02:00 Wojciech Staszewski <
wojciech.staszewski at diagnostyka.pl>:

> Hello!
>
> I'm looking for correct way how to correctly import resource entitlements
> into midPoint roles.
>
> For now I'm doing this as follows:
> 1) create schema handling for entitlement.
> 2) create synchronization.
> 3) At the "unmatched->addFocus" synchronization step I connect a role
> template. The template assigns metaroles to the imported roles for:
>   a) association from link (as the imported roles are just linkRef only),
>   b) approval schema,
>   c) and assigns correct OrgUnit in the role catalog, based on resource,
> role type and other "things".
>
> That works just perfect, but for one account intent only. The account
> intent is statically specified in "association from link" metarole in the
> first order inducement.
> If is not, the metarole works for "default" account intent.
> But I have 8 account intents in this resource, and every account must be
> associated with the entitlements regardless of the intent.
>
> I tried to make more than one "unmatched->addFocus" synchronization
> reaction with different role templates
> with hope for importing 8 roles from one entitlement for different account
> intents but midPoint warns me: "Duplicated reactions [...]".
> I cannot just add multiple "actions" to one reaction because I can apply
> only one template to one reaction.
>
> And I don't know how to do it.
> Any ideas?
> Beer is on me for the help!
>
> Happy NY!
> WS
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> http://lists.evolveum.com/mailman/listinfo/midpoint
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20171229/017315ec/attachment.htm>

More information about the midPoint mailing list