[midPoint] Assignment time constraints problem
Ващенков Алексей
a.vashchenkov at solarsecurity.ru
Fri Jul 17 16:12:54 CEST 2015
Here the exception connector server log
ExchangeConnector Error: 1 : Exception while executing Update operation: Org.IdentityConnectors.Framework.Common.Exceptions.ConnectorException: Remote exception: Cannot process argument transformation on parameter 'PrimarySmtpAddress'. Cannot convert null to type "Microsof
.Exchange.Data.SmtpAddress".
---> System.Management.Automation.RemoteException: Cannot process argument transformation on parameter 'PrimarySmtpAddress'. Cannot convert null to type "Microsoft.Exchange.Data.SmtpAddress".
--- End of inner exception stack trace ---
at Org.IdentityConnectors.ActiveDirectory.PowerShellSupport.DefaultThrowIcfExceptionImplementation(Exception e, ErrorRecord error, String message) in d:\midpoint\tgit\openicf\connectors\dotnet\ActiveDirectoryConnector\PowerShellSupport.cs:line 481
at Org.IdentityConnectors.ActiveDirectory.PowerShellSupport.CheckErrors(IList`1 errors, ThrowIcfExceptionDelegate throwIcfExceptionDelegate) in d:\midpoint\tgit\openicf\connectors\dotnet\ActiveDirectoryConnector\PowerShellSupport.cs:line 449
at Org.IdentityConnectors.ActiveDirectory.PowerShellSupport.InvokePipelineInternal(Runspace runspace, Collection`1 commands) in d:\midpoint\tgit\openicf\connectors\dotnet\ActiveDirectoryConnector\PowerShellSupport.cs:line 263
at Org.IdentityConnectors.ActiveDirectory.PowerShellSupport.InvokePipeline(Collection`1 commands) in d:\midpoint\tgit\openicf\connectors\dotnet\ActiveDirectoryConnector\PowerShellSupport.cs:line 191
at Org.IdentityConnectors.Exchange.AccountHandler.Update(UpdateOpContext context) in d:\midpoint\tgit\openicf\connectors\dotnet\ExchangeConnector\Handlers\AccountHandler.cs:line 212
at Org.IdentityConnectors.Exchange.ExchangeConnector.Update(UpdateType updateType, ObjectClass oclass, Uid uid, ICollection`1 attributes, OperationOptions options) in d:\midpoint\tgit\openicf\connectors\dotnet\ExchangeConnector\ExchangeConnector.cs:line 256
DateTime=2015-07-17T14:00:04.7644625Z
ConnectorServer.exe Error: 0 : Exception :
Type: Org.IdentityConnectors.Framework.Common.Exceptions.ConnectorException
Message: Remote exception: Cannot process argument transformation on parameter 'PrimarySmtpAddress'. Cannot convert null to type "Microsoft.Exchange.Data.SmtpAddress".
Source: FrameworkInternal
Stacktrace: at Org.IdentityConnectors.ActiveDirectory.PowerShellSupport.DefaultThrowIcfExceptionImplementation(Exception e, ErrorRecord error, String message) in d:\midpoint\tgit\openicf\connectors\dotnet\ActiveDirectoryConnector\PowerShellSupport.cs:line 481
at Org.IdentityConnectors.ActiveDirectory.PowerShellSupport.CheckErrors(IList`1 errors, ThrowIcfExceptionDelegate throwIcfExceptionDelegate) in d:\midpoint\tgit\openicf\connectors\dotnet\ActiveDirectoryConnector\PowerShellSupport.cs:line 449
at Org.IdentityConnectors.ActiveDirectory.PowerShellSupport.InvokePipelineInternal(Runspace runspace, Collection`1 commands) in d:\midpoint\tgit\openicf\connectors\dotnet\ActiveDirectoryConnector\PowerShellSupport.cs:line 263
at Org.IdentityConnectors.ActiveDirectory.PowerShellSupport.InvokePipeline(Collection`1 commands) in d:\midpoint\tgit\openicf\connectors\dotnet\ActiveDirectoryConnector\PowerShellSupport.cs:line 191
at Org.IdentityConnectors.Exchange.AccountHandler.Update(UpdateOpContext context) in d:\midpoint\tgit\openicf\connectors\dotnet\ExchangeConnector\Handlers\AccountHandler.cs:line 212
at Org.IdentityConnectors.Exchange.ExchangeConnector.Update(UpdateType updateType, ObjectClass oclass, Uid uid, ICollection`1 attributes, OperationOptions options) in d:\midpoint\tgit\openicf\connectors\dotnet\ExchangeConnector\ExchangeConnector.cs:line 266
at Org.IdentityConnectors.Exchange.ExchangeConnector.Update(ObjectClass oclass, Uid uid, ICollection`1 attributes, OperationOptions options) in d:\midpoint\tgit\openicf\connectors\dotnet\ExchangeConnector\ExchangeConnector.cs:line 213
at Org.IdentityConnectors.Framework.Impl.Api.Local.Operations.UpdateImpl.Update(ObjectClass objclass, Uid uid, ICollection`1 replaceAttributes, OperationOptions options) in c:\Users\Pavol\Documents\GitHub\ConnId\dotnet\FrameworkInternal\ApiLocalOperations.cs:line 1717
at Org.IdentityConnectors.Framework.Impl.Api.Local.Operations.ConnectorAPIOperationRunnerProxy.Invoke(Object proxy, MethodInfo method, Object[] args) in c:\Users\Pavol\Documents\GitHub\ConnId\dotnet\FrameworkInternal\ApiLocalOperations.cs:line 247
at ___proxy1.Update(ObjectClass , Uid , ICollection`1 , OperationOptions )
at Org.IdentityConnectors.Framework.Impl.Api.DelegatingTimeoutProxy.Invoke(Object proxy, MethodInfo method, Object[] args) in c:\Users\Pavol\Documents\GitHub\ConnId\dotnet\FrameworkInternal\Api.cs:line 1344
at ___proxy1.Update(ObjectClass , Uid , ICollection`1 , OperationOptions )
at Org.IdentityConnectors.Framework.Impl.Server.ConnectionProcessor.ProcessOperationRequest(OperationRequest request) in c:\Users\Pavol\Documents\GitHub\ConnId\dotnet\FrameworkInternal\Server.cs:line 626
Inner Exception :
Type: System.Management.Automation.RemoteException
Message: Cannot process argument transformation on parameter 'PrimarySmtpAddress'. Cannot convert null to type "Microsoft.Exchange.Data.SmtpAddress".
Source:
Stacktrace:
DateTime=2015-07-17T14:00:04.7704629Z
From: midPoint [mailto:midpoint-bounces at lists.evolveum.com] On Behalf Of Ващенков Алексей
Sent: Friday, July 17, 2015 5:09 PM
To: midPoint General Discussion
Subject: Re: [midPoint] Assignment time constraints problem
Is really looks like a quest.
To make a partial migration from our 3.1.1 to yours 3.2 ☺ But I did it.
And now I have an Exception which was described by Oleg.
com.evolveum.midpoint.provisioning.api.GenericConnectorException: Generic error in connector connector ConnectorInstanceIcfImpl(connector:cba5c52b-1ca0-4239-9526-2bccf6d99e24(ICF Org.IdentityConnectors.Exchange.ExchangeConnector v1.4.1.20283 @localhost ICF connector (port 8759))): org.identityconnectors.framework.common.exceptions.ConnectorException(Remote exception: Cannot process argument transformation on parameter 'PrimarySmtpAddress'. Cannot convert null to type "Microsoft.Exchange.Data.SmtpAddress".
)->org.identityconnectors.framework.impl.api.remote.RemoteWrappedException(Remote exception: Cannot process argument transformation on parameter 'PrimarySmtpAddress'. Cannot convert null to type "Microsoft.Exchange.Data.SmtpAddress".
From: midPoint [mailto:midpoint-bounces at lists.evolveum.com] On Behalf Of Pavol Mederly
Sent: Friday, July 17, 2015 1:08 PM
To: midpoint at lists.evolveum.com<mailto:midpoint at lists.evolveum.com>
Subject: Re: [midPoint] Assignment time constraints problem
Hmmmmm. Strange.
When comparing https://github.com/Evolveum/ConnId/blob/master/java/pom.xml and https://github.com/Tirasa/ConnId/blob/master/java/pom.xml I see that both contain
<version>1.4.2.0-SNAPSHOT</version>
Pavol
In https://github.com/Tirasa/ConnId.git I couldn’t find 1.4.2 but in https://github.com/Evolveum/ConnId it is.
From: midPoint [mailto:midpoint-bounces at lists.evolveum.com] On Behalf Of Pavol Mederly
Sent: Friday, July 17, 2015 12:40 PM
To: midpoint at lists.evolveum.com<mailto:midpoint at lists.evolveum.com>
Subject: Re: [midPoint] Assignment time constraints problem
On 17. 7. 2015 11:38, Pavol Mederly wrote:
Alexej,
please checkout this one: https://github.com/Tirasa/ConnId.git
... and build locally. It should work.
Or, even better: https://github.com/Evolveum/ConnId
(I'm writing faster than thinking, sorry.)
General they should be equivalent, but please use Evolveum's now.
Pavol
Regards,
Pavol
On 17. 7. 2015 11:36, Ващенков Алексей wrote:
Pavol.
Where Can I get ConnId: Connector Framework 1.4.2-SNAPSHOT?
I can find this version at githab
From: midPoint [mailto:midpoint-bounces at lists.evolveum.com] On Behalf Of Pavol Mederly
Sent: Friday, July 17, 2015 12:06 PM
To: midpoint at lists.evolveum.com<mailto:midpoint at lists.evolveum.com>
Subject: Re: [midPoint] Assignment time constraints problem
Hello Oleg,
If there's no outbound mapping, connector should not try to write null PrimarySmtpAddress, am I right?
Yes, I think so.
Please try with the midPoint master branch and let us know if the problem persists.
If persists, please send us the relevant portion of the ConnectorServer.log file, to start with.
Best regards,
Pavol
Hi. We have problems assigning temporary AD membership to users.
We use Exchange connector, and when permanent (no validFrom or validTo) assignment is assigned, everything is all right (we really see that AD user is a member of corresponding AD group).
But, assignments with validFrom in future make no effects - at the time when validFrom comes we see that user is not a member of corresponding AD group.
"Validity scanner" task is runnable every 15 seconds. Seems that it does some calculations, because we see progress "0/1", when "1/1".
In time of these calculations, logs are flood with errors:
...
2015-07-16 14:12:52,153 [UCF] [midPointScheduler_Worker-8] ERROR (com.evolveum.midpoint.provisioning.ucf.impl.IcfUtil): ICF Exception org.identityconnectors.framework.impl.api.remote.RemoteWrappedException in connector:77c1ca49-0c76-40d4-a633-ef3f4b2be30f(ICF Org.IdentityConnectors.Exchange.ExchangeConnector v1.4.1.20283 @localhost ICF connector (port 8759)): resource:8790e490-326a-46e9-ba35-9e0c1dcbb41d(Exchange)<resource:8790e490-326a-46e9-ba35-9e0c1dcbb41d%28Exchange%29> while updating object identified by ICF UID '<GUID=f536a14e0ff0cc43be613eb07e5d53be>': Remote exception: Cannot process argument transformation on parameter 'PrimarySmtpAddress'. Cannot convert null to type "Microsoft.Exchange.Data.SmtpAddress".
org.identityconnectors.framework.impl.api.remote.RemoteWrappedException: Remote exception: Cannot process argument transformation on parameter 'PrimarySmtpAddress'. Cannot convert null to type "Microsoft.Exchange.Data.SmtpAddress".
at org.identityconnectors.framework.impl.serializer.CommonObjectHandlers$17.deserialize(CommonObjectHandlers.java:293) ~[CommonObjectHandlers$17.class:na]
at org.identityconnectors.framework.impl.serializer.binary.BinaryObjectDecoder$InternalDecoder.readObject(BinaryObjectDecoder.java:154) ~[BinaryObjectDecoder$InternalDecoder.class:na]
at org.identityconnectors.framework.impl.serializer.binary.BinaryObjectDecoder.readObject(BinaryObjectDecoder.java:293) ~[BinaryObjectDecoder.class:na]
at org.identityconnectors.framework.impl.serializer.binary.BinaryObjectDecoder.readObjectField(BinaryObjectDecoder.java:413) ~[BinaryObjectDecoder.class:na]
at org.identityconnectors.framework.impl.serializer.MessageHandlers$5.deserialize(MessageHandlers.java:139) ~[MessageHandlers$5.class:na]
at org.identityconnectors.framework.impl.serializer.binary.BinaryObjectDecoder$InternalDecoder.readObject(BinaryObjectDecoder.java:154) ~[BinaryObjectDecoder$InternalDecoder.class:na]
at org.identityconnectors.framework.impl.serializer.binary.BinaryObjectDecoder.readObject(BinaryObjectDecoder.java:293) ~[BinaryObjectDecoder.class:na]
at org.identityconnectors.framework.impl.api.remote.RemoteFrameworkConnection.readObject(RemoteFrameworkConnection.java:155) ~[RemoteFrameworkConnection.class:na]
at org.identityconnectors.framework.impl.api.remote.RemoteOperationInvocationHandler.invoke(RemoteOperationInvocationHandler.java:95) ~[RemoteOperationInvocationHandler.class:na]
at com.sun.proxy.$Proxy188.update(Unknown Source) ~[na:na]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[na:1.7.0_79]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) ~[na:1.7.0_79]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[na:1.7.0_79]
at java.lang.reflect.Method.invoke(Method.java:606) ~[na:1.7.0_79]
at org.identityconnectors.framework.impl.api.DelegatingTimeoutProxy.invoke(DelegatingTimeoutProxy.java:99) ~[DelegatingTimeoutProxy.class:na]
at com.sun.proxy.$Proxy188.update(Unknown Source) ~[na:na]
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) ~[na:1.7.0_79]
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57) ~[na:1.7.0_79]
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43) ~[na:1.7.0_79]
at java.lang.reflect.Method.invoke(Method.java:606) ~[na:1.7.0_79]
at org.identityconnectors.framework.impl.api.LoggingProxy.invoke(LoggingProxy.java:83) ~[LoggingProxy.class:na]
at com.sun.proxy.$Proxy188.update(Unknown Source) ~[na:na]
at org.identityconnectors.framework.impl.api.AbstractConnectorFacade.update(AbstractConnectorFacade.java:187) ~[AbstractConnectorFacade.class:na]
at com.evolveum.midpoint.provisioning.ucf.impl.ConnectorInstanceIcfImpl.modifyObject_aroundBody14(ConnectorInstanceIcfImpl.java:1518) [ConnectorInstanceIcfImpl.class:na]
at com.evolveum.midpoint.provisioning.ucf.impl.ConnectorInstanceIcfImpl$AjcClosure15.run(ConnectorInstanceIcfImpl.java:1) [ConnectorInstanceIcfImpl$AjcClosure15.class:na]
at org.aspectj.runtime.reflect.JoinPointImpl.proceed(JoinPointImpl.java:149) [JoinPointImpl.class:na]
at com.evolveum.midpoint.util.aspect.MidpointAspect.wrapSubsystem(MidpointAspect.java:178) [MidpointAspect.class:na]
at com.evolveum.midpoint.util.aspect.MidpointAspect.ajc$inlineAccessMethod$com_evolveum_midpoint_util_aspect_MidpointAspect$com_evolveum_midpoint_util_aspect_MidpointAspect$wrapSubsystem(MidpointAspect.java:1) [MidpointAspect.class:na]
at com.evolveum.midpoint.util.aspect.MidpointAspect.processUcfNdc(MidpointAspect.java:78) [MidpointAspect.class:na]
at com.evolveum.midpoint.provisioning.ucf.impl.ConnectorInstanceIcfImpl.modifyObject(ConnectorInstanceIcfImpl.java:1291) [ConnectorInstanceIcfImpl.class:na]
at com.evolveum.midpoint.provisioning.ucf.impl.ConnectorInstanceIcfImpl.modifyObject(ConnectorInstanceIcfImpl.java:1) [ConnectorInstanceIcfImpl.class:na]
at com.evolveum.midpoint.provisioning.impl.ResourceObjectConverter.executeModify(ResourceObjectConverter.java:579) [ResourceObjectConverter.class:na]
at com.evolveum.midpoint.provisioning.impl.ResourceObjectConverter.modifyResourceObject(ResourceObjectConverter.java:471) [ResourceObjectConverter.class:na]
at com.evolveum.midpoint.provisioning.impl.ShadowCache.modifyShadow(ShadowCache.java:438) [ShadowCache.class:na]
at com.evolveum.midpoint.provisioning.impl.ProvisioningServiceImpl.modifyObject_aroundBody10(ProvisioningServiceImpl.java:878) [ProvisioningServiceImpl.class:na]
at com.evolveum.midpoint.provisioning.impl.ProvisioningServiceImpl$AjcClosure11.run(ProvisioningServiceImpl.java:1) [ProvisioningServiceImpl$AjcClosure11.class:na]
at org.aspectj.runtime.reflect.JoinPointImpl.proceed(JoinPointImpl.java:149) [JoinPointImpl.class:na]
at com.evolveum.midpoint.util.aspect.MidpointAspect.wrapSubsystem(MidpointAspect.java:178) [MidpointAspect.class:na]
at com.evolveum.midpoint.util.aspect.MidpointAspect.ajc$inlineAccessMethod$com_evolveum_midpoint_util_aspect_MidpointAspect$com_evolveum_midpoint_util_aspect_MidpointAspect$wrapSubsystem(MidpointAspect.java:1) [MidpointAspect.class:na]
at com.evolveum.midpoint.util.aspect.MidpointAspect.processProvisioningNdc(MidpointAspect.java:68) [MidpointAspect.class:na]
at com.evolveum.midpoint.provisioning.impl.ProvisioningServiceImpl.modifyObject(ProvisioningServiceImpl.java:839) [ProvisioningServiceImpl.class:na]
at com.evolveum.midpoint.model.impl.lens.ChangeExecutor.modifyProvisioningObject(ChangeExecutor.java:1166) [ChangeExecutor.class:na]
at com.evolveum.midpoint.model.impl.lens.ChangeExecutor.executeModification(ChangeExecutor.java:1032) [ChangeExecutor.class:na]
at com.evolveum.midpoint.model.impl.lens.ChangeExecutor.executeDelta(ChangeExecutor.java:630) [ChangeExecutor.class:na]
at com.evolveum.midpoint.model.impl.lens.ChangeExecutor.executeChanges(ChangeExecutor.java:282) [ChangeExecutor.class:na]
at com.evolveum.midpoint.model.impl.lens.Clockwork.processSecondary(Clockwork.java:439) [Clockwork.class:na]
at com.evolveum.midpoint.model.impl.lens.Clockwork.click(Clockwork.java:269) [Clockwork.class:na]
at com.evolveum.midpoint.model.impl.lens.Clockwork.run(Clockwork.java:191) [Clockwork.class:na]
at com.evolveum.midpoint.model.impl.sync.FocusValidityScannerTaskHandler.recomputeUser(FocusValidityScannerTaskHandler.java:169) [FocusValidityScannerTaskHandler.class:na]
at com.evolveum.midpoint.model.impl.sync.FocusValidityScannerTaskHandler.access$2(FocusValidityScannerTaskHandler.java:162) [FocusValidityScannerTaskHandler.class:na]
at com.evolveum.midpoint.model.impl.sync.FocusValidityScannerTaskHandler$1.handleObject(FocusValidityScannerTaskHandler.java:154) [FocusValidityScannerTaskHandler$1.class:na]
at com.evolveum.midpoint.model.impl.util.AbstractSearchIterativeResultHandler.processRequest(AbstractSearchIterativeResultHandler.java:274) [AbstractSearchIterativeResultHandler.class:na]
at com.evolveum.midpoint.model.impl.util.AbstractSearchIterativeResultHandler.handle(AbstractSearchIterativeResultHandler.java:146) [AbstractSearchIterativeResultHandler.class:na]
at com.evolveum.midpoint.repo.cache.RepositoryCache$1.handle(RepositoryCache.java:201) [RepositoryCache$1.class:na]
at com.evolveum.midpoint.repo.sql.SqlRepositoryServiceImpl.searchObjectsIterativeAttempt(SqlRepositoryServiceImpl.java:1813) [SqlRepositoryServiceImpl.class:na]
at com.evolveum.midpoint.repo.sql.SqlRepositoryServiceImpl.searchObjectsIterative_aroundBody26(SqlRepositoryServiceImpl.java:1784) [SqlRepositoryServiceImpl.class:na]
at com.evolveum.midpoint.repo.sql.SqlRepositoryServiceImpl$AjcClosure27.run(SqlRepositoryServiceImpl.java:1) [SqlRepositoryServiceImpl$AjcClosure27.class:na]
at org.aspectj.runtime.reflect.JoinPointImpl.proceed(JoinPointImpl.java:149) [JoinPointImpl.class:na]
at com.evolveum.midpoint.util.aspect.MidpointAspect.wrapSubsystem(MidpointAspect.java:178) [MidpointAspect.class:na]
at com.evolveum.midpoint.util.aspect.MidpointAspect.ajc$inlineAccessMethod$com_evolveum_midpoint_util_aspect_MidpointAspect$com_evolveum_midpoint_util_aspect_MidpointAspect$wrapSubsystem(MidpointAspect.java:1) [MidpointAspect.class:na]
at com.evolveum.midpoint.util.aspect.MidpointAspect.processRepositoryNdc(MidpointAspect.java:58) [MidpointAspect.class:na]
at com.evolveum.midpoint.repo.sql.SqlRepositoryServiceImpl.searchObjectsIterative(SqlRepositoryServiceImpl.java:1745) [SqlRepositoryServiceImpl.class:na]
at com.evolveum.midpoint.repo.cache.RepositoryCache.searchObjectsIterative_aroundBody6(RepositoryCache.java:204) [RepositoryCache.class:na]
at com.evolveum.midpoint.repo.cache.RepositoryCache$AjcClosure7.run(RepositoryCache.java:1) [RepositoryCache$AjcClosure7.class:na]
at org.aspectj.runtime.reflect.JoinPointImpl.proceed(JoinPointImpl.java:149) [JoinPointImpl.class:na]
at com.evolveum.midpoint.util.aspect.MidpointAspect.wrapSubsystem(MidpointAspect.java:178) [MidpointAspect.class:na]
at com.evolveum.midpoint.util.aspect.MidpointAspect.ajc$inlineAccessMethod$com_evolveum_midpoint_util_aspect_MidpointAspect$com_evolveum_midpoint_util_aspect_MidpointAspect$wrapSubsystem(MidpointAspect.java:1) [MidpointAspect.class:na]
at com.evolveum.midpoint.util.aspect.MidpointAspect.processRepositoryNdc(MidpointAspect.java:58) [MidpointAspect.class:na]
at com.evolveum.midpoint.repo.cache.RepositoryCache.searchObjectsIterative(RepositoryCache.java:192) [RepositoryCache.class:na]
at com.evolveum.midpoint.model.impl.ModelObjectResolver.searchIterative(ModelObjectResolver.java:224) [ModelObjectResolver.class:na]
at com.evolveum.midpoint.model.impl.util.AbstractSearchIterativeTaskHandler.run(AbstractSearchIterativeTaskHandler.java:162) [AbstractSearchIterativeTaskHandler.class:na]
at com.evolveum.midpoint.task.quartzimpl.execution.JobExecutor.executeHandler(JobExecutor.java:479) [JobExecutor.class:na]
at com.evolveum.midpoint.task.quartzimpl.execution.JobExecutor.executeRecurrentTask(JobExecutor.java:359) [JobExecutor.class:na]
at com.evolveum.midpoint.task.quartzimpl.execution.JobExecutor.execute(JobExecutor.java:162) [JobExecutor.class:na]
at org.quartz.core.JobRunShell.run(JobRunShell.java:213) [JobRunShell.class:na]
at org.quartz.simpl.SimpleThreadPool$WorkerThread.run(SimpleThreadPool.java:557) [SimpleThreadPool$WorkerThread.class:na]
...
Here is our user mapping:
<attribute>
<c:ref>ri:PrimarySmtpAddress</c:ref>
<displayName>Адрес в Exchange</displayName>
<exclusiveStrong>false</exclusiveStrong>
<tolerant>false</tolerant>
<inbound>
<name>Адрес в Exchange</name>
<authoritative>true</authoritative>
<exclusive>false</exclusive>
<strength>normal</strength>
<target>
<c:path>$focus/emailAddress</c:path>
</target>
</inbound>
</attribute>
If there's no outbound mapping, connector should not try to write null PrimarySmtpAddress, am I right?
Our association configuration:
<association>
<c:ref>group</c:ref>
<displayName>AD Group Membership</displayName>
<exclusiveStrong>false</exclusiveStrong>
<tolerant>false</tolerant>
<kind>entitlement</kind>
<intent>default</intent>
<direction>objectToSubject</direction>
<associationAttribute>ri:member</associationAttribute>
<valueAttribute>icfs:name</valueAttribute>
<explicitReferentialIntegrity>false</explicitReferentialIntegrity>
</association>
Our metarole used for AD membership:
<role xmlns="http://midpoint.evolveum.com/xml/ns/public/common/common-3"<http://midpoint.evolveum.com/xml/ns/public/common/common-3>
xmlns:icfs="http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/resource-schema-3"<http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/resource-schema-3>
xmlns:t="http://prism.evolveum.com/xml/ns/public/types-3"<http://prism.evolveum.com/xml/ns/public/types-3>
xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3"<http://midpoint.evolveum.com/xml/ns/public/common/common-3>
xmlns:q="http://prism.evolveum.com/xml/ns/public/query-3"<http://prism.evolveum.com/xml/ns/public/query-3>
xmlns:ri="http://midpoint.evolveum.com/xml/ns/public/resource/instance-3"<http://midpoint.evolveum.com/xml/ns/public/resource/instance-3>
oid="e1b56b20-9d09-472a-9ede-8fa19b0c112b"
version="45">
<name>Metarole for account</name>
<metadata>
<createTimestamp>2015-05-06T17:38:28.517+03:00</createTimestamp>
<creatorRef oid="00000000-0000-0000-0000-000000000002" type="c:UserType"><!-- administrator --></creatorRef>
<createChannel>http://midpoint.evolveum.com/xml/ns/public/model/channels-3#objectImport</createChannel>
</metadata>
<inducement>
<construction>
<resourceRef oid="8790e490-326a-46e9-ba35-9e0c1dcbb41d" type="c:ResourceType"><!-- Exchange --></resourceRef>
<kind>account</kind>
<intent>default</intent>
<association>
<c:ref>group</c:ref>
<outbound>
<expression>
<associationFromLink>
<projectionDiscriminator>
<kind>entitlement</kind>
<intent>default</intent>
</projectionDiscriminator>
</associationFromLink>
</expression>
</outbound>
</association>
</construction>
<order>2</order>
</inducement>
</role>
Regards, Oleg Getmansky
P.S.: Same errors occur when the time of validTo comes and user should be expelled from the corresponding AD group
_______________________________________________
midPoint mailing list
midPoint at lists.evolveum.com<mailto:midPoint at lists.evolveum.com>
http://lists.evolveum.com/mailman/listinfo/midpoint
_______________________________________________
midPoint mailing list
midPoint at lists.evolveum.com<mailto:midPoint at lists.evolveum.com>
http://lists.evolveum.com/mailman/listinfo/midpoint
_______________________________________________
midPoint mailing list
midPoint at lists.evolveum.com<mailto:midPoint at lists.evolveum.com>
http://lists.evolveum.com/mailman/listinfo/midpoint
_______________________________________________
midPoint mailing list
midPoint at lists.evolveum.com<mailto:midPoint at lists.evolveum.com>
http://lists.evolveum.com/mailman/listinfo/midpoint
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20150717/37084120/attachment.htm>
More information about the midPoint
mailing list