[midPoint] 3.1 SNAPSHOT, Username Generation
Jason Everling
jeverling at bshp.edu
Wed Dec 10 21:17:24 CET 2014
While I am downloading, there has to be something in mine that is doing
this, I noticed on yours also that the
<parentOrgRef oid="00000000-8888-6666-0000-100000000030"
type="OrgType"><!-- Posam --></parentOrgRef>
is added to the user object but it is still not added on mine when I use
the CSV resource but does when using the GUI,
Strange...
JASON
On Wed, Dec 10, 2014 at 1:40 PM, Jason Everling <jeverling at bshp.edu> wrote:
> I am using,
>
> git-v3.0.1devel-693-g11c758b
>
> I will update to the latest since I am behind what yours is at and let you
> know
>
> JASON
>
> On Wed, Dec 10, 2014 at 1:35 PM, Ivan Noris <ivan.noris at evolveum.com>
> wrote:
>
>> I have re-added the Org assignment as I was testing last week. It's
>> still working.
>>
>> This is what I added at the end of the template:
>>
>> <mapping>
>> <authoritative>true</authoritative>
>> <source>
>> <c:path xmlns:c=
>> "http://midpoint.evolveum.com/xml/ns/public/common/common-3"
>> <http://midpoint.evolveum.com/xml/ns/public/common/common-3>
>> >organization</c:path>
>> </source>
>> <expression>
>> <assignmentTargetSearch>
>> <targetType xmlns:c=
>> "http://midpoint.evolveum.com/xml/ns/public/common/common-3"
>> <http://midpoint.evolveum.com/xml/ns/public/common/common-3>
>> >c:OrgType</targetType>
>> <filter xmlns:q=
>> "http://prism.evolveum.com/xml/ns/public/query-3"
>> <http://prism.evolveum.com/xml/ns/public/query-3>>
>> <q:equal>
>> <q:path>name</q:path>
>> <expression>
>> <c:path xmlns:c=
>> "http://midpoint.evolveum.com/xml/ns/public/common/common-3"
>> <http://midpoint.evolveum.com/xml/ns/public/common/common-3>
>> >$organization</c:path>
>> </expression>
>> </q:equal>
>> </filter>
>> </assignmentTargetSearch>
>> </expression>
>> <target>
>> <c:path xmlns:c=
>> "http://midpoint.evolveum.com/xml/ns/public/common/common-3"
>> <http://midpoint.evolveum.com/xml/ns/public/common/common-3>
>> >assignment</c:path>
>> </target>
>> </mapping>
>>
>> User:
>> <user xmlns="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
>> <http://midpoint.evolveum.com/xml/ns/public/common/common-3>
>> oid="9be4e4c9-66fc-4fbe-83c8-286ebfb9ac6e"
>> version="1">
>> <name>anpapecok5</name>
>> <parentOrgRef oid="00000000-8888-6666-0000-100000000030"
>> type="OrgType"><!-- Posam --></parentOrgRef>
>> <metadata>
>> <createTimestamp>2014-12-10T20:30:38.743+01:00</createTimestamp>
>> <creatorRef oid="00000000-0000-0000-0000-000000000002"
>> type="UserType"><!-- administrator --></creatorRef>
>> <createChannel>
>> http://midpoint.evolveum.com/xml/ns/public/provisioning/channels-3#liveSync
>> </createChannel>
>> </metadata>
>> <linkRef oid="abb8d8cc-507b-4210-aac7-3777c37b4b5b"
>> type="ShadowType"><!-- papecok5 --></linkRef>
>> <assignment id="1">
>> <targetRef xmlns:c=
>> "http://midpoint.evolveum.com/xml/ns/public/common/common-3"
>> <http://midpoint.evolveum.com/xml/ns/public/common/common-3>
>> oid="00000000-8888-6666-0000-100000000030"
>> type="c:OrgType"><!-- MyOrg --></targetRef>
>> </assignment>
>> <activation>
>> <effectiveStatus>disabled</effectiveStatus>
>> <disableTimestamp>2014-12-10T20:30:38.086+01:00</disableTimestamp>
>> </activation>
>> <iteration>4</iteration>
>> <iterationToken>5</iterationToken>
>> <givenName>Andrej</givenName>
>> <familyName>Papecok</familyName>
>> <emailAddress>anpapecok5 at bshp.edu</emailAddress>
>> <employeeNumber>papecok5</employeeNumber>
>> <costCenter>xxx</costCenter>
>> <organization>MyOrg</organization>
>> . . .
>> </user>
>>
>> So unless there is any trick hidden in the other mappings, maybe the
>> issue was resolved since your snapshot... Can you post the exact midPoint
>> version?
>>
>> I.
>>
>>
>>
>> On 12/10/2014 08:25 PM, Jason Everling wrote:
>>
>> No not really, looks to be the same,
>>
>> I attached the template,
>>
>> The only thing else besides creating the username and email address is
>> that it assigns the correct Org based on the costCenter attribute which is
>> mapped to program in my CSV and also assigns a role,
>>
>>
>>
>> On Wed, Dec 10, 2014 at 1:18 PM, Ivan Noris <ivan.noris at evolveum.com>
>> wrote:
>>
>>> Hi Jason,
>>>
>>> this is interesting: it seems to work:
>>>
>>> Right now I have resource with object template reference in unmatched
>>> action:
>>> . . .
>>> <reaction>
>>> <situation>unmatched</situation>
>>> <objectTemplateRef
>>> oid="10000000-0000-0000-1111-000000000203"/>
>>> <action ref=
>>> "http://midpoint.evolveum.com/xml/ns/public/model/action-3#addUser"
>>> <http://midpoint.evolveum.com/xml/ns/public/model/action-3#addUser>/>
>>> </reaction>
>>> . . .
>>>
>>> The template:
>>> <objectTemplate xmlns=
>>> "http://midpoint.evolveum.com/xml/ns/public/common/common-3"
>>> <http://midpoint.evolveum.com/xml/ns/public/common/common-3>
>>> oid="10000000-0000-0000-1111-000000000203"
>>> version="2">
>>> <name>Default User Template (VIX)</name>
>>> <iteration>
>>> <maxIterations>999</maxIterations>
>>> <tokenExpression>
>>> <script>
>>> <code>
>>> if (iteration == 0) {
>>> return "";
>>> } else {
>>> return "" + (iteration+1)
>>> }
>>> </code>
>>> </script>
>>> </tokenExpression>
>>> </iteration>
>>> <mapping>
>>> <name>Generate Username</name>
>>> <source>
>>> <name>tmpGivenName</name>
>>> <c:path xmlns:c=
>>> "http://midpoint.evolveum.com/xml/ns/public/common/common-3"
>>> <http://midpoint.evolveum.com/xml/ns/public/common/common-3>
>>> >givenName</c:path>
>>> </source>
>>> <source>
>>> <name>tmpFamilyName</name>
>>> <c:path xmlns:c=
>>> "http://midpoint.evolveum.com/xml/ns/public/common/common-3"
>>> <http://midpoint.evolveum.com/xml/ns/public/common/common-3>
>>> >familyName</c:path>
>>> </source>
>>> <expression>
>>> <script>
>>> <code>
>>> tmpGivenNameInitial =
>>> basic.stringify(tmpGivenName)?.size() > 0 ?
>>> (basic.stringify(tmpGivenName)).substring(0,2) : ''
>>> if (iteration == 0) {
>>> basic.norm(basic.stringify(tmpGivenNameInitial +
>>> tmpFamilyName))
>>> }
>>> else {
>>> basic.norm(basic.stringify(tmpGivenNameInitial +
>>> tmpFamilyName)) + iterationToken
>>> }
>>> </code>
>>> </script>
>>> </expression>
>>> <target>
>>> <c:path xmlns:c=
>>> "http://midpoint.evolveum.com/xml/ns/public/common/common-3"
>>> <http://midpoint.evolveum.com/xml/ns/public/common/common-3>
>>> >name</c:path>
>>> </target>
>>> </mapping>
>>> <mapping>
>>> <source>
>>> <c:path xmlns:c=
>>> "http://midpoint.evolveum.com/xml/ns/public/common/common-3"
>>> <http://midpoint.evolveum.com/xml/ns/public/common/common-3>
>>> >$user/name</c:path>
>>> </source>
>>> <source>
>>> <c:path xmlns:c=
>>> "http://midpoint.evolveum.com/xml/ns/public/common/common-3"
>>> <http://midpoint.evolveum.com/xml/ns/public/common/common-3>
>>> >$user/emailAddress</c:path>
>>> </source>
>>> <expression>
>>> <script>
>>> <language>
>>> http://midpoint.evolveum.com/xml/ns/public/expression/language#Groovy
>>> </language>
>>> <code>name+'@bshp.edu'</code>
>>> </script>
>>> </expression>
>>> <target>
>>> <c:path xmlns:c=
>>> "http://midpoint.evolveum.com/xml/ns/public/common/common-3"
>>> <http://midpoint.evolveum.com/xml/ns/public/common/common-3>
>>> >emailAddress</c:path>
>>> </target>
>>> </mapping>
>>> </objectTemplate>
>>>
>>> The CSV entry:
>>> employeeID,firstname,lastname,otherMailbox,program,organization
>>> "papecok4","Andrej","Papecok","papecok4","xxx","MyOrg"
>>>
>>> MidPoint User after sync:
>>> <user xmlns="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
>>> <http://midpoint.evolveum.com/xml/ns/public/common/common-3>
>>> oid="93b18a69-f030-4164-9cef-ef955233b2bc"
>>> version="1">
>>> <name>anpapecok4</name>
>>> . . .
>>> <iteration>3</iteration>
>>> <iterationToken>4</iterationToken>
>>> <givenName>Andrej</givenName>
>>> <familyName>Papecok</familyName>
>>> * <emailAddress>anpapecok4 at bshp.edu
>>> <anpapecok4 at bshp.edu></emailAddress>*
>>> <employeeNumber>papecok4</employeeNumber>
>>> . . .
>>> </user>
>>>
>>> This is midPoint git-v3.0.1devel-704-g0937a70
>>>
>>> Can you see any difference with your config...?
>>>
>>> Regards,
>>> Ivan
>>>
>>>
>>> On 12/10/2014 05:13 PM, Jason Everling wrote:
>>>
>>> So I disabled or removed that template from the resource reactions, I
>>> set it as the default template is sysconfig.
>>>
>>> It still does it, <emailAddress>null at domain.com</emailAddress>
>>> seems to be affected,
>>>
>>> Wierd though, I turned on debugging,
>>>
>>> It shows the attribute being created correctly, you can see from the
>>> log but in the gui and in the user xml it is null at domain.com
>>>
>>>
>>> ObjectDelta<UserType>(UserType:ab907de7-4302-47ef-8003-36959fc842ef,ADD):
>>> user: (ab907de7-4302-47ef-8003-36959fc842ef, v0, UserType)
>>> extension:
>>> otherMailbox: [ hhernandez at local.org ]
>>> eduPersonAffiliation: [ student ]
>>> givenName: Herman
>>> familyName: Hernandes
>>> costCenter: PN
>>> employeeNumber: HE5019982
>>> credentials:
>>> password:
>>> value:
>>> ProtectedStringType(encrypted=EncryptedDataType(encryptionMethod=EncryptionMethodType(algorithm=
>>> http://www.w3.org/2001/04/xmlenc#aes128-cbc),
>>> keyInfo=KeyInfoType(keyName=HiCJvCmeUCWoiEl3d+uXyd2VeYs=),
>>> cipherData=CipherDataType(cipherValue=[32 bytes])))
>>> activation:
>>> administrativeStatus: ENABLED
>>> effectiveStatus: ENABLED
>>> enableTimestamp: 2014-12-10T10:07:21.502-06:00
>>> emailAddress: hehernandes at domain.com
>>> name: hehernandes
>>> employeeType: [ A2S ]
>>> locale: US
>>> organization: [ OU=DPN,OU=SHP Students,DC=TEST,DC=LOCAL ]
>>> locality: San Antonio
>>> fullName: Herman Hernandes
>>> iteration: 0
>>>
>>> On Wed, Dec 10, 2014 at 9:46 AM, Ivan Noris <ivan.noris at evolveum.com>
>>> wrote:
>>>
>>>> Jason,
>>>>
>>>> I believe I have seen this couple of weeks ago when debugging the
>>>> iterator problem... seems that I've forgotten about this.
>>>>
>>>> But as far I can remember, it has worked when the mapping was in global
>>>> system template instead of the resource-referenced.
>>>>
>>>> If you can temporarily disable using of the template in resource and
>>>> set the same template in System Configuration for UserType objects, can you
>>>> please test the behaviour?
>>>>
>>>> Anyway it seems to be a bug, so after you could confirm the behaviour,
>>>> I'd create a new issue.
>>>>
>>>> Thanks,
>>>> I.
>>>>
>>>>
>>>> On 12/10/2014 04:32 PM, Jason Everling wrote:
>>>>
>>>> Since I upgraded to 3.1 and I am not sure if this is related to the
>>>> other CSV Resource issue.
>>>>
>>>> Here is the mapping for the template, it worked fine in 3.0.1 so I do
>>>> not know if anything changed, the email address is built using name + '@
>>>> domain.com' but when the user is created I get null at domain.com, like
>>>> it is not picking up the username from the first mapping
>>>>
>>>> <mapping>
>>>> <name>Generate Username for CSV</name>
>>>> <source>
>>>> <name>tmpGivenName</name>
>>>> <path>givenName</path>
>>>> </source>
>>>> <source>
>>>> <name>tmpFamilyName</name>
>>>> <path>familyName</path>
>>>> </source>
>>>> <!-- Will generate username in the filastname format with
>>>> iterator,
>>>> filastname
>>>> filastname2
>>>> -->
>>>> <expression>
>>>> <script>
>>>> <code>
>>>> tmpGivenNameInitial =
>>>> basic.stringify(tmpGivenName)?.size() > 0 ?
>>>> (basic.stringify(tmpGivenName)).substring(0,2) : ''
>>>> if (iteration == 0) {
>>>> basic.norm(basic.stringify(tmpGivenNameInitial +
>>>> tmpFamilyName))
>>>> }
>>>> else {
>>>> basic.norm(basic.stringify(tmpGivenNameInitial +
>>>> tmpFamilyName)) + iterationToken
>>>> }
>>>> </code>
>>>> </script>
>>>> </expression>
>>>> <target>
>>>> <path>name</path>
>>>> </target>
>>>> </mapping>
>>>>
>>>> <iteration>
>>>> <maxIterations>25</maxIterations>
>>>> <tokenExpression>
>>>> <script>
>>>> <code>
>>>> if (iteration == 0) {
>>>> return "";
>>>> } else {
>>>> return "" + (iteration+1)
>>>> }
>>>> </code>
>>>> </script>
>>>> </tokenExpression>
>>>> </iteration>
>>>>
>>>> <mapping>
>>>> <source>
>>>> <path>$user/name</path>
>>>> </source>
>>>> <expression>
>>>> <script>
>>>> <language>
>>>> http://midpoint.evolveum.com/xml/ns/public/expression/language#Groovy
>>>> </language>
>>>> <code>name + '@domain.com'</code>
>>>> </script>
>>>> </expression>
>>>> <target>
>>>> <path>emailAddress</path>
>>>> </target>
>>>> </mapping>
>>>>
>>>>
>>>>
>>>>
>>>> CONFIDENTIALITY NOTICE:
>>>> This e-mail together with any attachments is proprietary and
>>>> confidential; intended for only the recipient(s) named above and may
>>>> contain information that is privileged. You should not retain, copy or use
>>>> this e-mail or any attachments for any purpose, or disclose all or any part
>>>> of the contents to any person. Any views or opinions expressed in this
>>>> e-mail are those of the author and do not represent those of the Baptist
>>>> School of Health Professions. If you have received this e-mail in error, or
>>>> are not the named recipient(s), you are hereby notified that any review,
>>>> dissemination, distribution or copying of this communication is prohibited
>>>> by the sender and to do so might constitute a violation of the Electronic
>>>> Communications Privacy Act, 18 U.S.C. section 2510-2521. Please immediately
>>>> notify the sender and delete this e-mail and any attachments from your
>>>> computer.
>>>>
>>>>
>>>> _______________________________________________
>>>> midPoint mailing listmidPoint at lists.evolveum.comhttp://lists.evolveum.com/mailman/listinfo/midpoint
>>>>
>>>>
>>>> --
>>>> Ing. Ivan Noris
>>>> Senior Identity Management Engineer
>>>> evolveum.com evolveum.com/blog/
>>>> _____________________________________________
>>>> "Semper Id(e)M Vix."
>>>>
>>>>
>>>> _______________________________________________
>>>> midPoint mailing list
>>>> midPoint at lists.evolveum.com
>>>> http://lists.evolveum.com/mailman/listinfo/midpoint
>>>>
>>>>
>>>
>>>
>>>
>>> CONFIDENTIALITY NOTICE:
>>> This e-mail together with any attachments is proprietary and
>>> confidential; intended for only the recipient(s) named above and may
>>> contain information that is privileged. You should not retain, copy or use
>>> this e-mail or any attachments for any purpose, or disclose all or any part
>>> of the contents to any person. Any views or opinions expressed in this
>>> e-mail are those of the author and do not represent those of the Baptist
>>> School of Health Professions. If you have received this e-mail in error, or
>>> are not the named recipient(s), you are hereby notified that any review,
>>> dissemination, distribution or copying of this communication is prohibited
>>> by the sender and to do so might constitute a violation of the Electronic
>>> Communications Privacy Act, 18 U.S.C. section 2510-2521. Please immediately
>>> notify the sender and delete this e-mail and any attachments from your
>>> computer.
>>>
>>>
>>> _______________________________________________
>>> midPoint mailing listmidPoint at lists.evolveum.comhttp://lists.evolveum.com/mailman/listinfo/midpoint
>>>
>>>
>>> --
>>> Ing. Ivan Noris
>>> Senior Identity Management Engineer
>>> evolveum.com evolveum.com/blog/
>>> _____________________________________________
>>> "Semper Id(e)M Vix."
>>>
>>>
>>> _______________________________________________
>>> midPoint mailing list
>>> midPoint at lists.evolveum.com
>>> http://lists.evolveum.com/mailman/listinfo/midpoint
>>>
>>>
>>
>>
>>
>> CONFIDENTIALITY NOTICE:
>> This e-mail together with any attachments is proprietary and
>> confidential; intended for only the recipient(s) named above and may
>> contain information that is privileged. You should not retain, copy or use
>> this e-mail or any attachments for any purpose, or disclose all or any part
>> of the contents to any person. Any views or opinions expressed in this
>> e-mail are those of the author and do not represent those of the Baptist
>> School of Health Professions. If you have received this e-mail in error, or
>> are not the named recipient(s), you are hereby notified that any review,
>> dissemination, distribution or copying of this communication is prohibited
>> by the sender and to do so might constitute a violation of the Electronic
>> Communications Privacy Act, 18 U.S.C. section 2510-2521. Please immediately
>> notify the sender and delete this e-mail and any attachments from your
>> computer.
>>
>>
>> _______________________________________________
>> midPoint mailing listmidPoint at lists.evolveum.comhttp://lists.evolveum.com/mailman/listinfo/midpoint
>>
>>
>> --
>> Ing. Ivan Noris
>> Senior Identity Management Engineer
>> evolveum.com evolveum.com/blog/
>> _____________________________________________
>> "Semper Id(e)M Vix."
>>
>>
>> _______________________________________________
>> midPoint mailing list
>> midPoint at lists.evolveum.com
>> http://lists.evolveum.com/mailman/listinfo/midpoint
>>
>>
>
--
CONFIDENTIALITY NOTICE:
This e-mail together with any attachments is proprietary and confidential;
intended for only the recipient(s) named above and may contain information
that is privileged. You should not retain, copy or use this e-mail or any
attachments for any purpose, or disclose all or any part of the contents to
any person. Any views or opinions expressed in this e-mail are those of the
author and do not represent those of the Baptist School of Health
Professions. If you have received this e-mail in error, or are not the
named recipient(s), you are hereby notified that any review, dissemination,
distribution or copying of this communication is prohibited by the sender
and to do so might constitute a violation of the Electronic Communications
Privacy Act, 18 U.S.C. section 2510-2521. Please immediately notify the
sender and delete this e-mail and any attachments from your computer.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20141210/b7af98c6/attachment.htm>
More information about the midPoint
mailing list