[midPoint] 3.1 SNAPSHOT, Username Generation
Ivan Noris
ivan.noris at evolveum.com
Wed Dec 10 22:23:50 CET 2014
Jason,
that is really strange, but I'm hoping that it's not happening after you
upgrade. I don't have the very very latest midPoint though.
Regards,
Ivan
On 12/10/2014 09:17 PM, Jason Everling wrote:
> While I am downloading, there has to be something in mine that is
> doing this, I noticed on yours also that the
>
> <parentOrgRef oid="00000000-8888-6666-0000-100000000030"
> type="OrgType"><!-- Posam --></parentOrgRef>
>
> is added to the user object but it is still not added on mine when I
> use the CSV resource but does when using the GUI,
>
> Strange...
>
> JASON
>
> On Wed, Dec 10, 2014 at 1:40 PM, Jason Everling <jeverling at bshp.edu
> <mailto:jeverling at bshp.edu>> wrote:
>
> I am using,
>
> git-v3.0.1devel-693-g11c758b
>
> I will update to the latest since I am behind what yours is at and
> let you know
>
> JASON
>
> On Wed, Dec 10, 2014 at 1:35 PM, Ivan Noris
> <ivan.noris at evolveum.com <mailto:ivan.noris at evolveum.com>> wrote:
>
> I have re-added the Org assignment as I was testing last week.
> It's still working.
>
> This is what I added at the end of the template:
>
> <mapping>
> <authoritative>true</authoritative>
> <source>
> <c:path
> xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
> <http://midpoint.evolveum.com/xml/ns/public/common/common-3>>organization</c:path>
> </source>
> <expression>
> <assignmentTargetSearch>
> <targetType
> xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
> <http://midpoint.evolveum.com/xml/ns/public/common/common-3>>c:OrgType</targetType>
> <filter
> xmlns:q="http://prism.evolveum.com/xml/ns/public/query-3"
> <http://prism.evolveum.com/xml/ns/public/query-3>>
> <q:equal>
> <q:path>name</q:path>
> <expression>
> <c:path
> xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
> <http://midpoint.evolveum.com/xml/ns/public/common/common-3>>$organization</c:path>
> </expression>
> </q:equal>
> </filter>
> </assignmentTargetSearch>
> </expression>
> <target>
> <c:path
> xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
> <http://midpoint.evolveum.com/xml/ns/public/common/common-3>>assignment</c:path>
> </target>
> </mapping>
>
> User:
> <user
> xmlns="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
> <http://midpoint.evolveum.com/xml/ns/public/common/common-3>
> oid="9be4e4c9-66fc-4fbe-83c8-286ebfb9ac6e"
> version="1">
> <name>anpapecok5</name>
> <parentOrgRef oid="00000000-8888-6666-0000-100000000030"
> type="OrgType"><!-- Posam --></parentOrgRef>
> <metadata>
>
> <createTimestamp>2014-12-10T20:30:38.743+01:00</createTimestamp>
> <creatorRef oid="00000000-0000-0000-0000-000000000002"
> type="UserType"><!-- administrator --></creatorRef>
>
> <createChannel>http://midpoint.evolveum.com/xml/ns/public/provisioning/channels-3#liveSync</createChannel>
> </metadata>
> <linkRef oid="abb8d8cc-507b-4210-aac7-3777c37b4b5b"
> type="ShadowType"><!-- papecok5 --></linkRef>
> <assignment id="1">
> <targetRef
> xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
> <http://midpoint.evolveum.com/xml/ns/public/common/common-3>
> oid="00000000-8888-6666-0000-100000000030"
> type="c:OrgType"><!-- MyOrg --></targetRef>
> </assignment>
> <activation>
> <effectiveStatus>disabled</effectiveStatus>
>
> <disableTimestamp>2014-12-10T20:30:38.086+01:00</disableTimestamp>
> </activation>
> <iteration>4</iteration>
> <iterationToken>5</iterationToken>
> <givenName>Andrej</givenName>
> <familyName>Papecok</familyName>
> <emailAddress>anpapecok5 at bshp.edu
> <mailto:anpapecok5 at bshp.edu></emailAddress>
> <employeeNumber>papecok5</employeeNumber>
> <costCenter>xxx</costCenter>
> <organization>MyOrg</organization>
> . . .
> </user>
>
> So unless there is any trick hidden in the other mappings,
> maybe the issue was resolved since your snapshot... Can you
> post the exact midPoint version?
>
> I.
>
>
>
> On 12/10/2014 08:25 PM, Jason Everling wrote:
>> No not really, looks to be the same,
>>
>> I attached the template,
>>
>> The only thing else besides creating the username and email
>> address is that it assigns the correct Org based on the
>> costCenter attribute which is mapped to program in my CSV and
>> also assigns a role,
>>
>>
>>
>> On Wed, Dec 10, 2014 at 1:18 PM, Ivan Noris
>> <ivan.noris at evolveum.com <mailto:ivan.noris at evolveum.com>> wrote:
>>
>> Hi Jason,
>>
>> this is interesting: it seems to work:
>>
>> Right now I have resource with object template reference
>> in unmatched action:
>> . . .
>> <reaction>
>> <situation>unmatched</situation>
>> <objectTemplateRef
>> oid="10000000-0000-0000-1111-000000000203"/>
>> <action
>> ref="http://midpoint.evolveum.com/xml/ns/public/model/action-3#addUser"
>> <http://midpoint.evolveum.com/xml/ns/public/model/action-3#addUser>/>
>> </reaction>
>> . . .
>>
>> The template:
>> <objectTemplate
>> xmlns="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
>> <http://midpoint.evolveum.com/xml/ns/public/common/common-3>
>> oid="10000000-0000-0000-1111-000000000203"
>> version="2">
>> <name>Default User Template (VIX)</name>
>> <iteration>
>> <maxIterations>999</maxIterations>
>> <tokenExpression>
>> <script>
>> <code>
>> if (iteration == 0) {
>> return "";
>> } else {
>> return "" + (iteration+1)
>> }
>> </code>
>> </script>
>> </tokenExpression>
>> </iteration>
>> <mapping>
>> <name>Generate Username</name>
>> <source>
>> <name>tmpGivenName</name>
>> <c:path
>> xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
>> <http://midpoint.evolveum.com/xml/ns/public/common/common-3>>givenName</c:path>
>> </source>
>> <source>
>> <name>tmpFamilyName</name>
>> <c:path
>> xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
>> <http://midpoint.evolveum.com/xml/ns/public/common/common-3>>familyName</c:path>
>> </source>
>> <expression>
>> <script>
>> <code>
>> tmpGivenNameInitial =
>> basic.stringify(tmpGivenName)?.size() > 0 ?
>> (basic.stringify(tmpGivenName)).substring(0,2) : ''
>> if (iteration == 0) {
>>
>> basic.norm(basic.stringify(tmpGivenNameInitial +
>> tmpFamilyName))
>> }
>> else {
>>
>> basic.norm(basic.stringify(tmpGivenNameInitial +
>> tmpFamilyName)) + iterationToken
>> }
>> </code>
>> </script>
>> </expression>
>> <target>
>> <c:path
>> xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
>> <http://midpoint.evolveum.com/xml/ns/public/common/common-3>>name</c:path>
>> </target>
>> </mapping>
>> <mapping>
>> <source>
>> <c:path
>> xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
>> <http://midpoint.evolveum.com/xml/ns/public/common/common-3>>$user/name</c:path>
>> </source>
>> <source>
>> <c:path
>> xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
>> <http://midpoint.evolveum.com/xml/ns/public/common/common-3>>$user/emailAddress</c:path>
>> </source>
>> <expression>
>> <script>
>>
>> <language>http://midpoint.evolveum.com/xml/ns/public/expression/language#Groovy</language>
>> <code>name+'@bshp.edu
>> <mailto:name%2B%27 at bshp.edu>'</code>
>> </script>
>> </expression>
>> <target>
>> <c:path
>> xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
>> <http://midpoint.evolveum.com/xml/ns/public/common/common-3>>emailAddress</c:path>
>> </target>
>> </mapping>
>> </objectTemplate>
>>
>> The CSV entry:
>> employeeID,firstname,lastname,otherMailbox,program,organization
>> "papecok4","Andrej","Papecok","papecok4","xxx","MyOrg"
>>
>> MidPoint User after sync:
>> <user
>> xmlns="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
>> <http://midpoint.evolveum.com/xml/ns/public/common/common-3>
>> oid="93b18a69-f030-4164-9cef-ef955233b2bc"
>> version="1">
>> <name>anpapecok4</name>
>> . . .
>> <iteration>3</iteration>
>> <iterationToken>4</iterationToken>
>> <givenName>Andrej</givenName>
>> <familyName>Papecok</familyName>
>> * <emailAddress>anpapecok4 at bshp.edu
>> <mailto:anpapecok4 at bshp.edu></emailAddress>*
>> <employeeNumber>papecok4</employeeNumber>
>> . . .
>> </user>
>>
>> This is midPoint git-v3.0.1devel-704-g0937a70
>>
>> Can you see any difference with your config...?
>>
>> Regards,
>> Ivan
>>
>>
>> On 12/10/2014 05:13 PM, Jason Everling wrote:
>>> So I disabled or removed that template from the resource
>>> reactions, I set it as the default template is sysconfig.
>>>
>>> It still does it, <emailAddress>null at domain.com
>>> <mailto:null at domain.com></emailAddress> seems to be
>>> affected,
>>>
>>> Wierd though, I turned on debugging,
>>>
>>> It shows the attribute being created correctly, you can
>>> see from the log but in the gui and in the user xml it
>>> is null at domain.com <mailto:null at domain.com>
>>>
>>> ObjectDelta<UserType>(UserType:ab907de7-4302-47ef-8003-36959fc842ef,ADD):
>>> user: (ab907de7-4302-47ef-8003-36959fc842ef, v0, UserType)
>>> extension:
>>> otherMailbox: [ hhernandez at local.org
>>> <mailto:hhernandez at local.org> ]
>>> eduPersonAffiliation: [ student ]
>>> givenName: Herman
>>> familyName: Hernandes
>>> costCenter: PN
>>> employeeNumber: HE5019982
>>> credentials:
>>> password:
>>> value:
>>> ProtectedStringType(encrypted=EncryptedDataType(encryptionMethod=EncryptionMethodType(algorithm=http://www.w3.org/2001/04/xmlenc#aes128-cbc),
>>> keyInfo=KeyInfoType(keyName=HiCJvCmeUCWoiEl3d+uXyd2VeYs=),
>>> cipherData=CipherDataType(cipherValue=[32 bytes])))
>>> activation:
>>> administrativeStatus: ENABLED
>>> effectiveStatus: ENABLED
>>> enableTimestamp: 2014-12-10T10:07:21.502-06:00
>>> emailAddress: hehernandes at domain.com
>>> <mailto:hehernandes at domain.com>
>>> name: hehernandes
>>> employeeType: [ A2S ]
>>> locale: US
>>> organization: [ OU=DPN,OU=SHP
>>> Students,DC=TEST,DC=LOCAL ]
>>> locality: San Antonio
>>> fullName: Herman Hernandes
>>> iteration: 0
>>>
>>> On Wed, Dec 10, 2014 at 9:46 AM, Ivan Noris
>>> <ivan.noris at evolveum.com
>>> <mailto:ivan.noris at evolveum.com>> wrote:
>>>
>>> Jason,
>>>
>>> I believe I have seen this couple of weeks ago when
>>> debugging the iterator problem... seems that I've
>>> forgotten about this.
>>>
>>> But as far I can remember, it has worked when the
>>> mapping was in global system template instead of the
>>> resource-referenced.
>>>
>>> If you can temporarily disable using of the template
>>> in resource and set the same template in System
>>> Configuration for UserType objects, can you please
>>> test the behaviour?
>>>
>>> Anyway it seems to be a bug, so after you could
>>> confirm the behaviour, I'd create a new issue.
>>>
>>> Thanks,
>>> I.
>>>
>>>
>>> On 12/10/2014 04:32 PM, Jason Everling wrote:
>>>> Since I upgraded to 3.1 and I am not sure if this
>>>> is related to the other CSV Resource issue.
>>>>
>>>> Here is the mapping for the template, it worked
>>>> fine in 3.0.1 so I do not know if anything changed,
>>>> the email address is built using name +
>>>> '@domain.com <http://domain.com>' but when the user
>>>> is created I get null at domain.com
>>>> <mailto:null at domain.com>, like it is not picking up
>>>> the username from the first mapping
>>>>
>>>> <mapping>
>>>> <name>Generate Username for CSV</name>
>>>> <source>
>>>> <name>tmpGivenName</name>
>>>> <path>givenName</path>
>>>> </source>
>>>> <source>
>>>> <name>tmpFamilyName</name>
>>>> <path>familyName</path>
>>>> </source>
>>>> <!-- Will generate username in the
>>>> filastname format with iterator,
>>>> filastname
>>>> filastname2
>>>> -->
>>>> <expression>
>>>> <script>
>>>> <code>
>>>> tmpGivenNameInitial =
>>>> basic.stringify(tmpGivenName)?.size() > 0 ?
>>>>
>>>> (basic.stringify(tmpGivenName)).substring(0,2) : ''
>>>> if (iteration == 0) {
>>>>
>>>> basic.norm(basic.stringify(tmpGivenNameInitial +
>>>> tmpFamilyName))
>>>> }
>>>> else {
>>>>
>>>> basic.norm(basic.stringify(tmpGivenNameInitial +
>>>> tmpFamilyName)) + iterationToken
>>>> }
>>>> </code>
>>>> </script>
>>>> </expression>
>>>> <target>
>>>> <path>name</path>
>>>> </target>
>>>> </mapping>
>>>>
>>>> <iteration>
>>>> <maxIterations>25</maxIterations>
>>>> <tokenExpression>
>>>> <script>
>>>> <code>
>>>> if (iteration == 0) {
>>>> return "";
>>>> } else {
>>>> return "" + (iteration+1)
>>>> }
>>>> </code>
>>>> </script>
>>>> </tokenExpression>
>>>> </iteration>
>>>>
>>>> <mapping>
>>>> <source>
>>>> <path>$user/name</path>
>>>> </source>
>>>> <expression>
>>>> <script>
>>>>
>>>> <language>http://midpoint.evolveum.com/xml/ns/public/expression/language#Groovy</language>
>>>> <code>name + '@domain.com
>>>> <http://domain.com>'</code>
>>>> </script>
>>>> </expression>
>>>> <target>
>>>> <path>emailAddress</path>
>>>> </target>
>>>> </mapping>
>>>>
>>>>
>>>>
>>>>
>>>> CONFIDENTIALITY NOTICE:
>>>> This e-mail together with any attachments is
>>>> proprietary and confidential; intended for only the
>>>> recipient(s) named above and may contain
>>>> information that is privileged. You should not
>>>> retain, copy or use this e-mail or any attachments
>>>> for any purpose, or disclose all or any part of the
>>>> contents to any person. Any views or opinions
>>>> expressed in this e-mail are those of the author
>>>> and do not represent those of the Baptist School of
>>>> Health Professions. If you have received this
>>>> e-mail in error, or are not the named recipient(s),
>>>> you are hereby notified that any review,
>>>> dissemination, distribution or copying of this
>>>> communication is prohibited by the sender and to do
>>>> so might constitute a violation of the Electronic
>>>> Communications Privacy Act, 18 U.S.C. section
>>>> 2510-2521. Please immediately notify the sender and
>>>> delete this e-mail and any attachments from your
>>>> computer.
>>>>
>>>>
>>>> _______________________________________________
>>>> midPoint mailing list
>>>> midPoint at lists.evolveum.com <mailto:midPoint at lists.evolveum.com>
>>>> http://lists.evolveum.com/mailman/listinfo/midpoint
>>>
>>> --
>>> Ing. Ivan Noris
>>> Senior Identity Management Engineer
>>> evolveum.com <http://evolveum.com> evolveum.com/blog/ <http://evolveum.com/blog/>
>>> _____________________________________________
>>> "Semper Id(e)M Vix."
>>>
>>>
>>> _______________________________________________
>>> midPoint mailing list
>>> midPoint at lists.evolveum.com
>>> <mailto:midPoint at lists.evolveum.com>
>>> http://lists.evolveum.com/mailman/listinfo/midpoint
>>>
>>>
>>>
>>>
>>>
>>> CONFIDENTIALITY NOTICE:
>>> This e-mail together with any attachments is proprietary
>>> and confidential; intended for only the recipient(s)
>>> named above and may contain information that is
>>> privileged. You should not retain, copy or use this
>>> e-mail or any attachments for any purpose, or disclose
>>> all or any part of the contents to any person. Any views
>>> or opinions expressed in this e-mail are those of the
>>> author and do not represent those of the Baptist School
>>> of Health Professions. If you have received this e-mail
>>> in error, or are not the named recipient(s), you are
>>> hereby notified that any review, dissemination,
>>> distribution or copying of this communication is
>>> prohibited by the sender and to do so might constitute a
>>> violation of the Electronic Communications Privacy Act,
>>> 18 U.S.C. section 2510-2521. Please immediately notify
>>> the sender and delete this e-mail and any attachments
>>> from your computer.
>>>
>>>
>>> _______________________________________________
>>> midPoint mailing list
>>> midPoint at lists.evolveum.com <mailto:midPoint at lists.evolveum.com>
>>> http://lists.evolveum.com/mailman/listinfo/midpoint
>>
>> --
>> Ing. Ivan Noris
>> Senior Identity Management Engineer
>> evolveum.com <http://evolveum.com> evolveum.com/blog/ <http://evolveum.com/blog/>
>> _____________________________________________
>> "Semper Id(e)M Vix."
>>
>>
>> _______________________________________________
>> midPoint mailing list
>> midPoint at lists.evolveum.com
>> <mailto:midPoint at lists.evolveum.com>
>> http://lists.evolveum.com/mailman/listinfo/midpoint
>>
>>
>>
>>
>>
>> CONFIDENTIALITY NOTICE:
>> This e-mail together with any attachments is proprietary and
>> confidential; intended for only the recipient(s) named above
>> and may contain information that is privileged. You should
>> not retain, copy or use this e-mail or any attachments for
>> any purpose, or disclose all or any part of the contents to
>> any person. Any views or opinions expressed in this e-mail
>> are those of the author and do not represent those of the
>> Baptist School of Health Professions. If you have received
>> this e-mail in error, or are not the named recipient(s), you
>> are hereby notified that any review, dissemination,
>> distribution or copying of this communication is prohibited
>> by the sender and to do so might constitute a violation of
>> the Electronic Communications Privacy Act, 18 U.S.C. section
>> 2510-2521. Please immediately notify the sender and delete
>> this e-mail and any attachments from your computer.
>>
>>
>> _______________________________________________
>> midPoint mailing list
>> midPoint at lists.evolveum.com <mailto:midPoint at lists.evolveum.com>
>> http://lists.evolveum.com/mailman/listinfo/midpoint
>
> --
> Ing. Ivan Noris
> Senior Identity Management Engineer
> evolveum.com <http://evolveum.com> evolveum.com/blog/ <http://evolveum.com/blog/>
> _____________________________________________
> "Semper Id(e)M Vix."
>
>
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com <mailto:midPoint at lists.evolveum.com>
> http://lists.evolveum.com/mailman/listinfo/midpoint
>
>
>
>
>
>
> CONFIDENTIALITY NOTICE:
> This e-mail together with any attachments is proprietary and
> confidential; intended for only the recipient(s) named above and may
> contain information that is privileged. You should not retain, copy or
> use this e-mail or any attachments for any purpose, or disclose all or
> any part of the contents to any person. Any views or opinions
> expressed in this e-mail are those of the author and do not represent
> those of the Baptist School of Health Professions. If you have
> received this e-mail in error, or are not the named recipient(s), you
> are hereby notified that any review, dissemination, distribution or
> copying of this communication is prohibited by the sender and to do so
> might constitute a violation of the Electronic Communications Privacy
> Act, 18 U.S.C. section 2510-2521. Please immediately notify the sender
> and delete this e-mail and any attachments from your computer.
>
>
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> http://lists.evolveum.com/mailman/listinfo/midpoint
--
Ing. Ivan Noris
Senior Identity Management Engineer
evolveum.com evolveum.com/blog/
_____________________________________________
"Semper Id(e)M Vix."
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20141210/db377df2/attachment.htm>
More information about the midPoint
mailing list