[midPoint] Provisioning questions
Lucie Rút Bittnerová
lucie.bittnerova at ami.cz
Thu Mar 20 15:06:30 CET 2014
Hello,
I have some issues which I cannot solve.
I have configured activation of resource exactly as it is written on wiki:
<activation>
<existence>
<outbound>
<expression>
<path>$focusExists</path>
</expression>
</outbound>
</existence>
<administrativeStatus>
<outbound>
<expression>
<script>
<code>
import
com.evolveum.midpoint.xml.ns._public.common.common_2a.ActivationStatusType;
if (legal) {
input;
} else {
ActivationStatusType.DISABLED;
}
</code>
</script>
</expression>
</outbound>
</administrativeStatus>
</activation>
But the behaviour is not such as it should be. When I unassign role
which assigns this resource to the user, the account stays in the list
of accounts and is disabled, that is ok. When I change some attribute of
the user, it is synchronized to the account, which stays disabled, thats
also ok. But when I change state of the user to disabled and then back
to enabled, the account, which should stay disabled, changes its state
to enabled, which I think is wrong. Can you please help me how to change
the configuration that the account would be on unassignment not only
disabled but also unlinked?
I have also problem how to configure resource to achieve this behaviour:
When resource is assigned to the user and the user account already
exists on that resource I'd like to have linked this account to the user
without any errors but now I get only error message and no account is
linked.
Is it possible to configure Midpoint in the way that when user with some
accounts is deleted the accounts are only disabled and unlinked and not
deleted?
Thank you for any help.
Lucie
More information about the midPoint
mailing list