[midPoint] Org Tree Bug, Users not listed
Ivan Noris
ivan.noris at evolveum.com
Tue Dec 2 16:28:50 CET 2014
Jason,
of course you can wait for 3.1 when it comes out. Or you can try to test
the 3.1 snapshot.
The version I'm using is the latest master - compiled from sources.
You can download latest master - binary version here:
https://www.evolveum.com/download/
Direct link for latest tar.bz2 archive:
http://athena.evolveum.com/builds/master/latest/midpoint-3.1-SNAPSHOT-dist.tar.bz2
After unpacking, in config/sql/_all you can use the SQL script to create
the db repository. I *recommend* to use either new DB or use local
automatically-created H2 embedded database.
You can import most of your objects, but references to embedded
connectors have been updated (LDAP, CSV, DBTable), so your existing
resources need to be updated too. This is namely connectorType and
connector namespace in the resources.
The midPoint iterator is still work in progress (the resource iterator
has been fixed, I've retested it today).
Thank you for your feedbacks,
regards,
Ivan
On 12/02/2014 04:15 PM, Jason Everling wrote:
> Ah ok, sounds good, Thanks for checking! I will wait until 3.1 comes
> out to test any further, or how do I update to the latest 3.0.1 or is
> that just devel? I am on the standard 3.0.1 release, I also noticed
> the iterator was fixed, awesome!
>
> JASON
>
> On Tue, Dec 2, 2014 at 9:05 AM, Ivan Noris <ivan.noris at evolveum.com
> <mailto:ivan.noris at evolveum.com>> wrote:
>
> Hi Jason,
>
> (un)fortunately, it still works even with your mapping.
>
> My scenario:
>
> Object template referenced in unmatched situation:
> <objectTemplate
> xmlns="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
> <http://midpoint.evolveum.com/xml/ns/public/common/common-3>
> oid="10000000-0000-0000-0000-000000000203"
> version="7">
> <name>User Template 3</name>
> <description>
> This object is used when creating a new account from
> SonisWeb, only Active Students are pulled from CSV.
> </description>
> <mapping>
> <authoritative>true</authoritative>
> <source>
> <c:path
> xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
> <http://midpoint.evolveum.com/xml/ns/public/common/common-3>>organization</c:path>
> </source>
> <expression>
> <assignmentTargetSearch>
> <targetType
> xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
> <http://midpoint.evolveum.com/xml/ns/public/common/common-3>>c:OrgType</targetType>
> <filter
> xmlns:q="http://prism.evolveum.com/xml/ns/public/query-3"
> <http://prism.evolveum.com/xml/ns/public/query-3>>
> <q:equal>
> <q:path>name</q:path>
> <expression>
> <c:path
> xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
> <http://midpoint.evolveum.com/xml/ns/public/common/common-3>>$organization</c:path>
> </expression>
> </q:equal>
> </filter>
> </assignmentTargetSearch>
> </expression>
> <target>
> <c:path
> xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
> <http://midpoint.evolveum.com/xml/ns/public/common/common-3>>assignment</c:path>
> </target>
> </mapping>
> </objectTemplate>
>
> CSV has been extended by a new column "organization", added value
> of a name for my existing organization (not root).
>
> Livesync for new user works, user is created in midPoint, assigned
> organization, visible in org. structure. ParentOrgRef element is
> present.
>
> So it really seems to be fixed somewhere between 3.0.1 and the
> current master.
>
> Regards,
> Ivan
>
>
> On 12/02/2014 03:25 PM, Jason Everling wrote:
>> Can you try to use my mapping, yours looks to be assigning a
>> specific organization,
>>
>> My mapping in objectTemplate is assigning based on the
>> "organization" attribute in the user profile
>>
>> <mapping>
>> <authoritative>true</authoritative>
>> <source>
>> <path>organization</path>
>> </source>
>> <expression>
>> <assignmentTargetSearch>
>> <targetType>c:OrgType</targetType>
>> <filter>
>> <q:equal>
>> <q:path>name</q:path>
>> <expression>
>> <path>$organization</path>
>> </expression>
>> </q:equal>
>> </filter>
>> </assignmentTargetSearch>
>> </expression>
>> <target>
>> <path>assignment</path>
>> </target>
>> </mapping>
>>
>> Thanks!
>>
>> On Tue, Dec 2, 2014 at 1:30 AM, Ivan Noris
>> <ivan.noris at evolveum.com <mailto:ivan.noris at evolveum.com>> wrote:
>>
>> Jason,
>>
>> first - thank you for detailed report.
>> I've just tested this, but couldn't reproduce with my
>> midPoint version. This is what I've tried to check with you:
>>
>> 1. using your Sonis Web resource (CSV), slightly modified:
>> removed schema extension inbounds and object template
>> reference in "unmatched" action - but tried also with it
>> 2. create most simple object template with only 1 mapping and
>> set it as global user template:
>> <mapping>
>> <expression>
>> <assignmentTargetSearch>
>> <targetType
>> xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
>> <http://midpoint.evolveum.com/xml/ns/public/common/common-3>>c:OrgType</targetType>
>> <oid>00000000-dc00-dc00-0005-000000000001</oid>
>> </assignmentTargetSearch>
>> </expression>
>> <target>
>> <c:path
>> xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
>> <http://midpoint.evolveum.com/xml/ns/public/common/common-3>>assignment</c:path>
>> </target>
>> </mapping>
>>
>> (the oid is one my root organizations I have in midPoint)
>> 3. tried to do LiveSync for two accounts
>> 4. both accounts appear in OrgStruct, and of course have
>> parentOrgRef
>> 5. then I've switched off the global user template and
>> referenced it directly in "unmatched" situation
>> 6. created another account in CSV, livesynced
>> 7. the account also works, appears in OrgStruct
>>
>> So, unless I'm doing something different, it might as well as
>> be fixed in the devel version I'm running:
>> git-v3.0.1devel-680-g89fbcf7
>>
>> If I'm not making some obvious mistake by oversimplifying
>> your scenario, would it be possible to retest this with
>> master? I'd recommend to try it in separate DB repository (H2
>> is ok) as there is a change in DB schema after 3.0.1 as well
>> as in the connector namespaces (so you would need to change
>> connector references for DB, CSV, LDAP resources for master).
>>
>> Thank you.
>> Regards,
>> Ivan
>>
>>
>> On 12/02/2014 12:36 AM, Jason Everling wrote:
>>> Since I finished up the roles/groups testing I moved onto
>>> Orgs, I got my orgs mapped and working correctly so it is
>>> not a configuration question.
>>>
>>> When a user is manually added in the midpoint GUI and the
>>> Org gets assigned manually the users shows up in the GUI in
>>> the Org Tree,
>>>
>>> If a user is created automatically using a resource such as
>>> DBTable or CSV and the Org is assigned from a objectTemplate
>>> they do not show up in the Org tree under the Org but if I
>>> open the user, sure enough the Org is assigned.
>>>
>>> The only thing I notice differently from a manual creation
>>> to a automatic creation is that the manual creation adds the
>>> below to the user object, the users that are automatically
>>> created are missing this item, if I manually add the item to
>>> the user then they show up in the Org Tree,
>>>
>>> The below is what is missing from the auto created/assigned
>>> users objects,
>>>
>>> <parentOrgRef oid="9c3facf5-fd01-46f5-9c28-8488403826be"
>>> type="OrgType"><!-- OU=SHP Staff,DC=TEST,DC=LOCAL
>>> --></parentOrgRef>
>>>
>>> JASON
>>>
>>>
>>>
>>> CONFIDENTIALITY NOTICE:
>>> This e-mail together with any attachments is proprietary and
>>> confidential; intended for only the recipient(s) named above
>>> and may contain information that is privileged. You should
>>> not retain, copy or use this e-mail or any attachments for
>>> any purpose, or disclose all or any part of the contents to
>>> any person. Any views or opinions expressed in this e-mail
>>> are those of the author and do not represent those of the
>>> Baptist School of Health Professions. If you have received
>>> this e-mail in error, or are not the named recipient(s), you
>>> are hereby notified that any review, dissemination,
>>> distribution or copying of this communication is prohibited
>>> by the sender and to do so might constitute a violation of
>>> the Electronic Communications Privacy Act, 18 U.S.C. section
>>> 2510-2521. Please immediately notify the sender and delete
>>> this e-mail and any attachments from your computer.
>>>
>>>
>>> _______________________________________________
>>> midPoint mailing list
>>> midPoint at lists.evolveum.com <mailto:midPoint at lists.evolveum.com>
>>> http://lists.evolveum.com/mailman/listinfo/midpoint
>>
>> --
>> Ing. Ivan Noris
>> Senior Identity Management Engineer
>> evolveum.com <http://evolveum.com> evolveum.com/blog/ <http://evolveum.com/blog/>
>> _____________________________________________
>> "Semper Id(e)M Vix."
>>
>>
>> _______________________________________________
>> midPoint mailing list
>> midPoint at lists.evolveum.com <mailto:midPoint at lists.evolveum.com>
>> http://lists.evolveum.com/mailman/listinfo/midpoint
>>
>>
>>
>>
>>
>> CONFIDENTIALITY NOTICE:
>> This e-mail together with any attachments is proprietary and
>> confidential; intended for only the recipient(s) named above and
>> may contain information that is privileged. You should not
>> retain, copy or use this e-mail or any attachments for any
>> purpose, or disclose all or any part of the contents to any
>> person. Any views or opinions expressed in this e-mail are those
>> of the author and do not represent those of the Baptist School of
>> Health Professions. If you have received this e-mail in error, or
>> are not the named recipient(s), you are hereby notified that any
>> review, dissemination, distribution or copying of this
>> communication is prohibited by the sender and to do so might
>> constitute a violation of the Electronic Communications Privacy
>> Act, 18 U.S.C. section 2510-2521. Please immediately notify the
>> sender and delete this e-mail and any attachments from your
>> computer.
>>
>>
>> _______________________________________________
>> midPoint mailing list
>> midPoint at lists.evolveum.com <mailto:midPoint at lists.evolveum.com>
>> http://lists.evolveum.com/mailman/listinfo/midpoint
>
> --
> Ing. Ivan Noris
> Senior Identity Management Engineer
> evolveum.com <http://evolveum.com> evolveum.com/blog/ <http://evolveum.com/blog/>
> _____________________________________________
> "Semper Id(e)M Vix."
>
>
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com <mailto:midPoint at lists.evolveum.com>
> http://lists.evolveum.com/mailman/listinfo/midpoint
>
>
>
>
>
> CONFIDENTIALITY NOTICE:
> This e-mail together with any attachments is proprietary and
> confidential; intended for only the recipient(s) named above and may
> contain information that is privileged. You should not retain, copy or
> use this e-mail or any attachments for any purpose, or disclose all or
> any part of the contents to any person. Any views or opinions
> expressed in this e-mail are those of the author and do not represent
> those of the Baptist School of Health Professions. If you have
> received this e-mail in error, or are not the named recipient(s), you
> are hereby notified that any review, dissemination, distribution or
> copying of this communication is prohibited by the sender and to do so
> might constitute a violation of the Electronic Communications Privacy
> Act, 18 U.S.C. section 2510-2521. Please immediately notify the sender
> and delete this e-mail and any attachments from your computer.
>
>
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> http://lists.evolveum.com/mailman/listinfo/midpoint
--
Ing. Ivan Noris
Senior Identity Management Engineer
evolveum.com evolveum.com/blog/
_____________________________________________
"Semper Id(e)M Vix."
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20141202/4c1a9e1b/attachment.htm>
More information about the midPoint
mailing list