[midPoint] Get attribute value from shadow after creating in Exchange
Pavol Mederly
mederly at evolveum.com
Wed Jul 8 17:02:15 CEST 2015
Thank you.
After reading your logs and doing some experiments locally I am
convinced this is a midPoint problem. Created a JIRA issue for
that:https://jira.evolveum.com/browse/MID-2436
<https://jira.evolveum.com/browse/MID-2436>.
We'll fix it, hopefully in 3.2.
Regards,
Pavol
> Attach logs and resource configuration. Connector and midpoint node
> works on one server but connector server print timestamp in UTC, but
> Midpoint in Moscow time +3.
>
> *From:*midPoint [mailto:midpoint-bounces at lists.evolveum.com] *On
> Behalf Of *Pavol Mederly
> *Sent:* Wednesday, July 8, 2015 2:30 PM
> *To:* midpoint at lists.evolveum.com
> *Subject:* Re: [midPoint] Get attribute value from shadow after
> creating in Exchange
>
> Have you checked the idea of multiple domain controllers?
>
> If you want, we can have a look at your problem. But I need the following:
> - full model=TRACE & provisioning=TRACE log (of midPoint)
> - ConnectorServer.log from the Windows server
> - your current configuration (i.e. the Resource object)
>
> The logs should cover the whole "user add" operation.
>
> Regards,
> Pavol
>
> As I wrote yesterday I have the inbound mapping, but it doesn’t
> work. And I can’t understand why.
>
> In logs I can see
>
> 2015-07-08 09:20:51,466 TRACE: Skipping inbound for
> {http://midpoint.evolveum.com/xml/ns/public/resource/instance-3}PrimarySmtpAddress
> in Discr(account (default) on
> 8790e490-326a-46e9-ba35-9e0c1dcbb41d): Account a priori delta
> exists, but doesn't have change for processed property.
>
> But this log is printed BEFORE connector starts to work. And I
> have no logs after connector stop to work
>
> *From:*midPoint [mailto:midpoint-bounces at lists.evolveum.com] *On
> Behalf Of *Pavol Mederly
> *Sent:* Wednesday, July 8, 2015 12:00 PM
> *To:* midpoint at lists.evolveum.com <mailto:midpoint at lists.evolveum.com>
> *Subject:* Re: [midPoint] Get attribute value from shadow after
> creating in Exchange
>
> I don't quite understand your question.
>
> Result of connector's work (for CREATE) operation is the UID. It
> is passed to Connector Framework and it then passes it to midPoint.
>
> If you want to see the newly created object, you have to fetch it
> explicitly. MidPoint does that as part of inbound processing -
> well, at least I think so. Logs would say.
>
> And I don't understand what you mean by "after that mailbox
> doesn't pass to user".
>
> Pavol
>
> Ok.
>
> So how I can get the result of connector’s work after it ends?
>
> It seems I’ve change some preferences and after that mailbox
> doesn’t pass to user
>
> *From:*midPoint [mailto:midpoint-bounces at lists.evolveum.com]
> *On Behalf Of *Pavol Mederly
> *Sent:* Wednesday, July 8, 2015 11:40 AM
> *To:* midpoint at lists.evolveum.com
> <mailto:midpoint at lists.evolveum.com>
> *Subject:* Re: [midPoint] Get attribute value from shadow
> after creating in Exchange
>
> It returns UID of newly created object.
>
> As I could understand connector doesn’t return any data
> after operation Add. Is it right or I’m wrong?
>
> *From:*midPoint
> [mailto:midpoint-bounces at lists.evolveum.com] *On Behalf Of
> *Pavol Mederly
> *Sent:* Tuesday, July 7, 2015 5:11 PM
> *To:* midpoint at lists.evolveum.com
> <mailto:midpoint at lists.evolveum.com>
> *Subject:* Re: [midPoint] Get attribute value from shadow
> after creating in Exchange
>
> Well... this is quite strange. Because the mailbox
> creation is a synchronous operation, at least as far as I
> know.
>
> One of the reasons could be that if you have more AD
> domain controllers, and Exchange host writes the
> information about the mailbox into one of them, but
> AD/Exchange connector reads it from another one.
>
> Perhaps you could check if this is not the case.
>
> The solution you've proposed, i.e. introducing a delay in
> connector processing, is possible.
> You could use custom scripts (see my yesterday's mail to
> Anton on this list) to create an after-create PowerShell
> script for AccountObjectClass that would sleep for a few
> seconds.
> This would, however, terribly slow down the creation of
> accounts on your Exchange resource.
> I would suggest finding the reason of the weird behavior
> of delayed mailbox creation.
>
> Best regards,
> Pavol
>
> It seems that in moment where connector is finish to
> work there is no mailbox. But reconciliation the
> account in couple of seconds return the email. Is it
> possible to create any delay in connector’s process?
>
> *From:*midPoint
> [mailto:midpoint-bounces at lists.evolveum.com] *On
> Behalf Of *Ващенков Алексей
> *Sent:* Tuesday, July 7, 2015 3:18 PM
> *To:* midPoint General Discussion
> *Subject:* Re: [midPoint] Get attribute value from
> shadow after creating in Exchange
>
> Here my attribute mapping
>
> <attribute>
> <c:ref>ri:PrimarySmtpAddress</c:ref>
> <displayName>Адрес вExchange</displayName>
> <exclusiveStrong>false</exclusiveStrong>
> <tolerant>false</tolerant>
> <inbound>
> <name>mail in Exchange</name>
> <authoritative>true</authoritative>
> <exclusive>false</exclusive>
> <strength>normal</strength>
> <target>
> <c:path>$focus/emailAddress</c:path>
> </target>
> </inbound>
> </attribute>
>
> *From:*midPoint
> [mailto:midpoint-bounces at lists.evolveum.com] *On
> Behalf Of *Pavol Mederly
> *Sent:* Tuesday, July 7, 2015 3:11 PM
> *To:* midpoint at lists.evolveum.com
> <mailto:midpoint at lists.evolveum.com>
> *Subject:* Re: [midPoint] Get attribute value from
> shadow after creating in Exchange
>
> Алексей,
>
> this is done via inbound expression attached to the
> corresponding attribute - in this case,
> *PrimarySmtpAddress* (in case of Exchange connector)
> or *mail* (in case of AD connector).
>
> If you're sure your configuration is correct, just
> post here your log with model=TRACE level.
>
> Best regards,
> Pavol
>
> Hi.
>
> I have a simple stupid question. Now we have
> process, when user created in HR-application.
> After this user in process of Live Synchronization
> is imported to Midpoint. And after that account in
> AD and Exchange are created for this user. And I
> need to set email, which was created in Exchange,
> to user in midpoint. How can I do this? Yesterday
> it works, but not today.
>
>
>
>
>
>
>
> _______________________________________________
>
> midPoint mailing list
>
> midPoint at lists.evolveum.com <mailto:midPoint at lists.evolveum.com>
>
> http://lists.evolveum.com/mailman/listinfo/midpoint
>
>
>
>
>
>
>
> _______________________________________________
>
> midPoint mailing list
>
> midPoint at lists.evolveum.com <mailto:midPoint at lists.evolveum.com>
>
> http://lists.evolveum.com/mailman/listinfo/midpoint
>
>
>
>
>
>
> _______________________________________________
>
> midPoint mailing list
>
> midPoint at lists.evolveum.com <mailto:midPoint at lists.evolveum.com>
>
> http://lists.evolveum.com/mailman/listinfo/midpoint
>
>
>
>
>
> _______________________________________________
>
> midPoint mailing list
>
> midPoint at lists.evolveum.com <mailto:midPoint at lists.evolveum.com>
>
> http://lists.evolveum.com/mailman/listinfo/midpoint
>
>
>
>
> _______________________________________________
>
> midPoint mailing list
>
> midPoint at lists.evolveum.com <mailto:midPoint at lists.evolveum.com>
>
> http://lists.evolveum.com/mailman/listinfo/midpoint
>
>
>
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> http://lists.evolveum.com/mailman/listinfo/midpoint
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20150708/52c6eadb/attachment.htm>
More information about the midPoint
mailing list