[midPoint] Get attribute value from shadow after creating in Exchange
Pavol Mederly
mederly at evolveum.com
Fri Jul 10 10:31:20 CEST 2015
Alexej,
it's fixed. Please build v3.2devel-867-g7396a69. It works (at least in
my environment + in tests).
But you have to put the following attribute into your Exchange resource
configuration:
<schemaHandling>
<objectType> (the object type for user account)
<volatility>*unpredictable*</volatility>
...
Regards,
Pavol
> Thank you.
>
> After reading your logs and doing some experiments locally I am
> convinced this is a midPoint problem. Created a JIRA issue for
> that:https://jira.evolveum.com/browse/MID-2436
> <https://jira.evolveum.com/browse/MID-2436>.
>
> We'll fix it, hopefully in 3.2.
>
> Regards,
> Pavol
>
>> Attach logs and resource configuration. Connector and midpoint node
>> works on one server but connector server print timestamp in UTC, but
>> Midpoint in Moscow time +3.
>>
>> *From:*midPoint [mailto:midpoint-bounces at lists.evolveum.com] *On
>> Behalf Of *Pavol Mederly
>> *Sent:* Wednesday, July 8, 2015 2:30 PM
>> *To:* midpoint at lists.evolveum.com
>> *Subject:* Re: [midPoint] Get attribute value from shadow after
>> creating in Exchange
>>
>> Have you checked the idea of multiple domain controllers?
>>
>> If you want, we can have a look at your problem. But I need the
>> following:
>> - full model=TRACE & provisioning=TRACE log (of midPoint)
>> - ConnectorServer.log from the Windows server
>> - your current configuration (i.e. the Resource object)
>>
>> The logs should cover the whole "user add" operation.
>>
>> Regards,
>> Pavol
>>
>> As I wrote yesterday I have the inbound mapping, but it doesn’t
>> work. And I can’t understand why.
>>
>> In logs I can see
>>
>> 2015-07-08 09:20:51,466 TRACE: Skipping inbound for
>> {http://midpoint.evolveum.com/xml/ns/public/resource/instance-3}PrimarySmtpAddress
>> in Discr(account (default) on
>> 8790e490-326a-46e9-ba35-9e0c1dcbb41d): Account a priori delta
>> exists, but doesn't have change for processed property.
>>
>> But this log is printed BEFORE connector starts to work. And I
>> have no logs after connector stop to work
>>
>> *From:*midPoint [mailto:midpoint-bounces at lists.evolveum.com] *On
>> Behalf Of *Pavol Mederly
>> *Sent:* Wednesday, July 8, 2015 12:00 PM
>> *To:* midpoint at lists.evolveum.com
>> <mailto:midpoint at lists.evolveum.com>
>> *Subject:* Re: [midPoint] Get attribute value from shadow after
>> creating in Exchange
>>
>> I don't quite understand your question.
>>
>> Result of connector's work (for CREATE) operation is the UID. It
>> is passed to Connector Framework and it then passes it to midPoint.
>>
>> If you want to see the newly created object, you have to fetch it
>> explicitly. MidPoint does that as part of inbound processing -
>> well, at least I think so. Logs would say.
>>
>> And I don't understand what you mean by "after that mailbox
>> doesn't pass to user".
>>
>> Pavol
>>
>> Ok.
>>
>> So how I can get the result of connector’s work after it ends?
>>
>> It seems I’ve change some preferences and after that mailbox
>> doesn’t pass to user
>>
>> *From:*midPoint [mailto:midpoint-bounces at lists.evolveum.com]
>> *On Behalf Of *Pavol Mederly
>> *Sent:* Wednesday, July 8, 2015 11:40 AM
>> *To:* midpoint at lists.evolveum.com
>> <mailto:midpoint at lists.evolveum.com>
>> *Subject:* Re: [midPoint] Get attribute value from shadow
>> after creating in Exchange
>>
>> It returns UID of newly created object.
>>
>> As I could understand connector doesn’t return any data
>> after operation Add. Is it right or I’m wrong?
>>
>> *From:*midPoint
>> [mailto:midpoint-bounces at lists.evolveum.com] *On Behalf
>> Of *Pavol Mederly
>> *Sent:* Tuesday, July 7, 2015 5:11 PM
>> *To:* midpoint at lists.evolveum.com
>> <mailto:midpoint at lists.evolveum.com>
>> *Subject:* Re: [midPoint] Get attribute value from shadow
>> after creating in Exchange
>>
>> Well... this is quite strange. Because the mailbox
>> creation is a synchronous operation, at least as far as I
>> know.
>>
>> One of the reasons could be that if you have more AD
>> domain controllers, and Exchange host writes the
>> information about the mailbox into one of them, but
>> AD/Exchange connector reads it from another one.
>>
>> Perhaps you could check if this is not the case.
>>
>> The solution you've proposed, i.e. introducing a delay in
>> connector processing, is possible.
>> You could use custom scripts (see my yesterday's mail to
>> Anton on this list) to create an after-create PowerShell
>> script for AccountObjectClass that would sleep for a few
>> seconds.
>> This would, however, terribly slow down the creation of
>> accounts on your Exchange resource.
>> I would suggest finding the reason of the weird behavior
>> of delayed mailbox creation.
>>
>> Best regards,
>> Pavol
>>
>> It seems that in moment where connector is finish to
>> work there is no mailbox. But reconciliation the
>> account in couple of seconds return the email. Is it
>> possible to create any delay in connector’s process?
>>
>> *From:*midPoint
>> [mailto:midpoint-bounces at lists.evolveum.com] *On
>> Behalf Of *Ващенков Алексей
>> *Sent:* Tuesday, July 7, 2015 3:18 PM
>> *To:* midPoint General Discussion
>> *Subject:* Re: [midPoint] Get attribute value from
>> shadow after creating in Exchange
>>
>> Here my attribute mapping
>>
>> <attribute>
>> <c:ref>ri:PrimarySmtpAddress</c:ref>
>> <displayName>Адрес вExchange</displayName>
>> <exclusiveStrong>false</exclusiveStrong>
>> <tolerant>false</tolerant>
>> <inbound>
>> <name>mail in Exchange</name>
>> <authoritative>true</authoritative>
>> <exclusive>false</exclusive>
>> <strength>normal</strength>
>> <target>
>> <c:path>$focus/emailAddress</c:path>
>> </target>
>> </inbound>
>> </attribute>
>>
>> *From:*midPoint
>> [mailto:midpoint-bounces at lists.evolveum.com] *On
>> Behalf Of *Pavol Mederly
>> *Sent:* Tuesday, July 7, 2015 3:11 PM
>> *To:* midpoint at lists.evolveum.com
>> <mailto:midpoint at lists.evolveum.com>
>> *Subject:* Re: [midPoint] Get attribute value from
>> shadow after creating in Exchange
>>
>> Алексей,
>>
>> this is done via inbound expression attached to the
>> corresponding attribute - in this case,
>> *PrimarySmtpAddress* (in case of Exchange connector)
>> or *mail* (in case of AD connector).
>>
>> If you're sure your configuration is correct, just
>> post here your log with model=TRACE level.
>>
>> Best regards,
>> Pavol
>>
>> Hi.
>>
>> I have a simple stupid question. Now we have
>> process, when user created in HR-application.
>> After this user in process of Live
>> Synchronization is imported to Midpoint. And
>> after that account in AD and Exchange are created
>> for this user. And I need to set email, which was
>> created in Exchange, to user in midpoint. How
>> can I do this? Yesterday it works, but not today.
>>
>>
>>
>>
>>
>>
>>
>> _______________________________________________
>>
>> midPoint mailing list
>>
>> midPoint at lists.evolveum.com <mailto:midPoint at lists.evolveum.com>
>>
>> http://lists.evolveum.com/mailman/listinfo/midpoint
>>
>>
>>
>>
>>
>>
>>
>> _______________________________________________
>>
>> midPoint mailing list
>>
>> midPoint at lists.evolveum.com <mailto:midPoint at lists.evolveum.com>
>>
>> http://lists.evolveum.com/mailman/listinfo/midpoint
>>
>>
>>
>>
>>
>>
>> _______________________________________________
>>
>> midPoint mailing list
>>
>> midPoint at lists.evolveum.com <mailto:midPoint at lists.evolveum.com>
>>
>> http://lists.evolveum.com/mailman/listinfo/midpoint
>>
>>
>>
>>
>>
>> _______________________________________________
>>
>> midPoint mailing list
>>
>> midPoint at lists.evolveum.com <mailto:midPoint at lists.evolveum.com>
>>
>> http://lists.evolveum.com/mailman/listinfo/midpoint
>>
>>
>>
>>
>> _______________________________________________
>>
>> midPoint mailing list
>>
>> midPoint at lists.evolveum.com <mailto:midPoint at lists.evolveum.com>
>>
>> http://lists.evolveum.com/mailman/listinfo/midpoint
>>
>>
>>
>> _______________________________________________
>> midPoint mailing list
>> midPoint at lists.evolveum.com
>> http://lists.evolveum.com/mailman/listinfo/midpoint
>
>
>
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> http://lists.evolveum.com/mailman/listinfo/midpoint
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20150710/6142f61b/attachment.htm>
More information about the midPoint
mailing list