[midPoint] Help looping on Active Directory groups
Fabio Contessi
f.contessi at nsr.it
Thu Sep 3 15:10:49 CEST 2015
Hi,
I have an Active Directory resource and I need to reconcile users. In populating a virtual user attribute I need to check if the corresponding AD account has a particular group assigned. This is a snippet of the resource xml:
<attribute>
<c:ref>ri:title</c:ref>
<displayName>Gruppi</displayName>
<inbound>
<source>
<name>gruppi</name>
<path>$shadow/attributes/groups</path>
</source>
<expression>
<script>
<code>
def isdirettore = false
def n = gruppi.size()
for (def i = 0; i < n; i++) {
def gruppo = gruppi.get(i)
if (it =~ /^CN=.*_DIV.._DIR.*$/) {
isdirettore = true
}
}
isdirettore
</code>
</script>
</expression>
<target>
<path>$user/extension/mise:organizzazione</path>
</target>
</inbound>
</attribute>
I need to loop on assigned AD groups and I need to check the string format of each group using a regular expression. The problem is that in the variable named “gruppi” I have only a string and not an array or List. Do you have any ideas?
Thanks and regards.
Fabio
--
Fabio Contessi <f.contessi at nsr.it>
nova systems roma / nsr
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20150903/cc8bfd4d/attachment.htm>
More information about the midPoint
mailing list