[midPoint] Ennabling accounts in AD while importing from external resource
Алексей Ващенков
a.vashchenkov at solarsecurity.ru
Fri May 22 14:12:29 CEST 2015
Hi.
I have a troouble to configure first time user creation while importin from HR resource. We have in pur resource attribute which indicates if employee is hired or fired. And here the mapping of this attribute.
<mapping>
<authoritative>false</authoritative>
<exclusive>true</exclusive>
<source>
<name>hrStatus</name>
<c:path xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3">$user/extension/hrStatus</c:path>
</source>
<expression>
<script>
<code>
import com.evolveum.midpoint.xml.ns._public.common.common_3.ActivationStatusType;
return hrStatus.toString().equals('REJ')?ActivationStatusType.DISABLED:ActivationStatusType.ENABLED;
</code>
</script>
</expression>
<target>
<c:path xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3">$user/activation/administrativeStatus</c:path>
</target>
</mapping>
It works fine. AdministrativeStatus in midpoint sets as needed.
While creating user from HR resource we need to create account in AD. Accounts created but Administrative stutus of it is disabled. If I disable and then enable account in Midpoint the account in AD is anabled.
What should I do to set right AdministrativeStatus in AD when account is creating?
More information about the midPoint
mailing list