[midPoint] Target Synchronization/Reconcilation

Anand Kothekar anand.kothekar at confluxsys.com
Tue Feb 17 11:22:19 CET 2015 

Hi,


I want to raise a reconciliation task which will start synchronization. For
that I have modified one of my resource (Open Ldap User) with,

<synchronization>
      <objectSynchronization>
         <enabled>true</enabled>
         <correlation xmlns:q="
http://prism.evolveum.com/xml/ns/public/query-3">
            <q:description>synchronization example.</q:description>
            <q:equal>
               <q:path>name</q:path>
               <expression>
                  <c:path xmlns:c="
http://midpoint.evolveum.com/xml/ns/public/common/common-3"
                          xmlns:ri="
http://midpoint.evolveum.com/xml/ns/public/resource/instance-3">declare
namespace ri='http://midpoint.evolveum.com/xml/ns/public/resource/instance-3';
$account/attributes/ri:uid</c:path>
               </expression>
            </q:equal>
         </correlation>
         <reaction>
            <situation>linked</situation>
            <synchronize>true</synchronize>
         </reaction>
         <reaction>
            <situation>deleted</situation>
            <synchronize>true</synchronize>
            <action>
               <handlerUri>
http://midpoint.evolveum.com/xml/ns/public/model/action-3#unlink
</handlerUri>
            </action>
         </reaction>
         <reaction>
            <situation>unlinked</situation>
            <synchronize>true</synchronize>
            <action>
               <handlerUri>
http://midpoint.evolveum.com/xml/ns/public/model/action-3#link</handlerUri>
            </action>
         </reaction>
      </objectSynchronization>
   </synchronization>


then I selected resource--> open Ldap User -->" import accounts"  which
raised a task but failed.

Failed to import: com.evolveum.midpoint.util.exception.SchemaException: No
name in new object null as produced by template null in iteration 0, we
cannot process an object without a name: Failed to import:
com.evolveum.midpoint.util.exception.SchemaException: No name in new object
null as produced by template null in iteration 0, we cannot process an
object without a name


can you please tell me that where I mistaken or am I following wrong
approach.

Thanks,
Anand

On Tue, Feb 17, 2015 at 2:42 PM, Ivan Noris <ivan.noris at evolveum.com> wrote:

>  Hi Anand,
>
> correlation/confirmation expression tell midPoint, how to check if the
> account in the resource has an owner in midPoint.
>
> Based on result, synchronization situation is determined (UNMATCHED,
> UNLINKED, LINKED etc.) and corresponding action (link, delete, ...) can be
> executed.
>
> These settings are per resource e.g. LDAP resource) and per object type.
> In minimum configuration, for default account (kind=account,
> intent=default). Different configuration can be specified for different
> account types or other objects (e.g. groups).
>
> The configuration WHEN the synchronization should be performed differs. It
> can be:
> - opportunistic sync: no tasks; midPoint can detect inconsistencies while
> provisioning (i.e. trying to create an account in LDAP, but the account is
> already there)
> - livesync: livesync task running; midPoint can detect inconsistencies in
> real time (if the resource supports it; i.e. OpenDJ or Oracle DSEE have
> changelog plugin which can be used). Livesync task detects CHANGES in the
> resource accounts.
> - reconciliation: reconciliation task running; midPoint can detect
> inconsistencies in scheduled times. Reconciliation task processes ALL
> resource objects, not only changes.
>
> All or our resource samples with "-sync" in the filename should be
> configured for livesync synchronization and they should also include the
> task.
>
> Regards,
> I.
>
>
> On 02/17/2015 07:50 AM, Anand Kothekar wrote:
>
> Hi,
>
>  I was working on Synchronization where I have a requirement to keep data
> in resource and midpoint repository synchronized.
>
>  like If any account exists on ldap then it should be linked with the
> user matching with the uid of user in midpoint.
>
>  I have gone through the concept of correlation and confirmation
> expression but I am not clear with the proper approach to follow.
>
>  please le me know how to achieve this and also mention any sample
> example for it.
>
>
>
>  Thanks,
> Anand
>
>
> _______________________________________________
> midPoint mailing listmidPoint at lists.evolveum.comhttp://lists.evolveum.com/mailman/listinfo/midpoint
>
>
> --
>   Ing. Ivan Noris
>   Senior Identity Management Engineer & IDM Architect
>   evolveum.com                     evolveum.com/blog/
>   ___________________________________________________
>   "Semper Id(e)M Vix."
>
>
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> http://lists.evolveum.com/mailman/listinfo/midpoint
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20150217/a234aa75/attachment.htm>

More information about the midPoint mailing list