[midPoint] Bulk Password change

Jan Kaspar Caspi at seznam.cz
Sat Jan 6 19:59:41 CET 2018 

Hello,
I would like to ask for help with creating filter for bulk password change 
for users.




goal is to generate new password in all systems for batch of user based on 
attribute (employeeType) value.




I found that script but filters doesnt work for me.




What is correct filter? to filter all user with: employeeType == 'Internal'





<s:executeScript xmlns:s="http://midpoint.evolveum.com/xml/ns/public/model/
scripting-3"(http://midpoint.evolveum.com/xml/ns/public/model/scripting-3)

                 xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/
common-3"(http://midpoint.evolveum.com/xml/ns/public/common/common-3)

                 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
(http://www.w3.org/2001/XMLSchema-instance)

                 xmlns:api="http://midpoint.evolveum.com/xml/ns/public/
common/api-types-3"
(http://midpoint.evolveum.com/xml/ns/public/common/api-types-3)>

    <s:pipeline>

        <s:search>

            <s:type>ObjectType</s:type>

            <s:searchFilter>

                <q:inOid xmlns:q="http://prism.evolveum.com/xml/ns/public/
query-3"(http://prism.evolveum.com/xml/ns/public/query-3)>

                    <q:value>b87eb285-b4ae-43c0-9e4c-7ba651de81fa</q:value> 
 <!-- barkeeper -->

                    <q:value>469fd663-4492-4c24-8ce3-3907df7ac7ec</q:value> 
 <!-- bob -->

                    <q:value>f9be8006-fd58-43f9-99ff-311935d9d3d3</q:value> 
 <!-- carla -->

                    <q:value>b2a3f4ad-ad7b-4691-83d9-34d5ebb50a04</q:value> 
 <!-- cheese -->

                    <q:value>60dd9e6b-7403-4075-bcfa-d4566a552d41</q:value> 
 <!-- chef -->

                </q:inOid>

            </s:searchFilter>

        </s:search>

        <s:action>

            <s:type>generate-value</s:type>

            <s:parameter>

                <s:name>items</s:name>

                <c:value xsi:type="api:PolicyItemsDefinitionType">

                    <api:policyItemDefinition>

                        <api:target>

                            <api:path>credentials/password/value</api:path>

                        </api:target>

                        <api:execute>true</api:execute>

                    </api:policyItemDefinition>

                </c:value>

            </s:parameter>

        </s:action>       

        <s:filterContent>

            <s:keep>name</s:keep>

            <s:keep>credentials/password/value</s:keep>

        </s:filterContent>

    </s:pipeline>

    <s:options>

        <s:continueOnAnyError>true</s:continueOnAnyError>

    </s:options>

</s:executeScript>





Thanks Jan
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20180106/519fcd53/attachment.htm>

More information about the midPoint mailing list