[midPoint] Adding org assignment via User Template

Roman Pudil - AMI Praha a.s. roman.pudil at ami.cz
Mon Aug 22 13:55:46 CEST 2016 

Hi Brad,
your solution is wrong.

You have to linked org. unit OID with group ID synced from AD (or their 
names for ex.).

Test it:
change organizationalUnit attribute of the user to the org. unit name 
(which exists in midPoint)change search filter in mapping to:
<expression>
         <assignmentTargetSearch>
         <targetType>c:OrgType</targetType>
		<filter>
			<q:equal>
				<q:path>c:name</q:path>
				<expression>
					<script>
						<code>
				return organizationalUnit;
						</code>
					</script>
				</expression>
			</q:equal>
            </assignmentTargetSearch>
         </expression>



The better solution is to reconcile AD groups to midPoint.

Regards

Roman Pudil
solution architect

gsm: [+420] 775 663 666
e-mail: roman.pudil at ami.cz


AMI Praha a.s.
Pláničkova 11
162 00 Praha 6
tel./fax: [+420] 274 783 239
web: www.ami.cz





Textem tohoto e-mailu podepisující neslibuje uzavřít ani neuzavírá za 
společnost AMI Praha a.s.
jakoukoliv smlouvu. Každá smlouva, pokud bude uzavřena, musí mít 
výhradně písemnou formu.



------ Původní zpráva ------
Od: "Brad Fardig" <brad.fardig at cogitogroup.com.au>
Komu: "Roman Pudil - AMI Praha a.s." <roman.pudil at ami.cz>; "midPoint 
General Discussion" <midpoint at lists.evolveum.com>
Odesláno: 22.8.2016 13:24:19
Předmět: RE: [midPoint] Adding org assignment via User Template

>Hi Roman,
>
>
>
>Sorry forgot to say thank you for the quick response.
>
>
>
>A check of the idm.log  shows that there is an error, which for the 
>example I provided earlier is:
>
>
>
>2016-08-22 20:44:22,704 [] [Thread-24] ERROR 
>(com.evolveum.midpoint.model.impl.lens.AssignmentEvaluator): Object of 
>type 'OrgType' with oid 'organizationalUnit' was not found. in 
>assignment target reference in delta for 
>user:62959f3e-c23d-46a5-9015-60017baf5043(test.user4 at demo.local)
>
>
>
>
>
>Regards,
>
>
>
>Brad
>
>
>
>
>
>From: midPoint [mailto:midpoint-bounces at lists.evolveum.com] On Behalf 
>Of Roman Pudil - AMI Praha a.s.
>Sent: Monday, 22 August 2016 8:58 PM
>To: midPoint General Discussion <midpoint at lists.evolveum.com>
>Subject: Re: [midPoint] Adding org assignment via User Template
>
>
>
>Hi Brad,
>
>
>
>include your mapping, org definition and response error message.
>
>
>
>Thanks!
>
>
>Regards
>
>
>
>
>
>Roman Pudil
>solution architect
>
>gsm: [+420] 775 663 666
>e-mail: roman.pudil at ami.cz
>
>
>
>
>
>AMI Praha a.s.
>Pláničkova 11
>162 00 Praha 6
>tel./fax: [+420] 274 783 239
>web: www.ami.cz
>
>
>
>
>
>
>
>
>
>Textem tohoto e-mailu podepisující neslibuje uzavřít ani neuzavírá za 
>společnost AMI Praha a.s.
>jakoukoliv smlouvu. Každá smlouva, pokud bude uzavřena, musí mít 
>výhradně písemnou formu.
>
>
>
>
>
>
>
>------ Původní zpráva ------
>
>Od: "Brad Fardig" <brad.fardig at cogitogroup.com.au>
>
>Komu: "midpoint at lists.evolveum.com" <midpoint at lists.evolveum.com>
>
>Odesláno: 22.8.2016 12:54:47
>
>Předmět: [midPoint] Adding org assignment via User Template
>
>
>
>>Hi,
>>
>>
>>
>>I have a user template where I am trying to assign an org based on an 
>>oid that is set as part of the user import.
>>
>>
>>
>>The assignment mapping looks like:
>>
>>
>>
>><mapping>
>>
>>                 <name>map organization</name>
>>
>>                 <strength>strong</strength>
>>
>>                 <source>
>>
>>                                 <path>$user/organizationalUnit</path>
>>
>>                 </source>
>>
>>                 <expression>
>>
>>                                 <assignmentTargetSearch>
>>
>>                                                                 
>><targetType>c:OrgType</targetType>
>>
>>                                                                 
>><oid>Need to put organizationalUnit OID here</oid>
>>
>>                                 </assignmentTargetSearch>
>>
>>                 </expression>
>>
>>                 <target>
>>
>>                                 <c:path>assignment</c:path>
>>
>>                 </target>
>>
>></mapping>
>>
>>
>>
>>
>>
>>Issue is I can’t get the OID value populated in the <oid> tag of the 
>>assignmentTargetSearch
>>
>>
>>
>>Any help greatly appreciated
>>
>>
>>
>>Regards,
>>
>>
>>
>>Brad
>>
>
>
>This email, and any attachment, is confidential and also privileged. If 
>you have received it in error, please notify me immediately and delete 
>it from your system along with any attachments. You should not copy or 
>use it for any purpose, nor disclose its contents to any other person.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20160822/74530f6f/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 4060 bytes
Desc: not available
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20160822/74530f6f/attachment.bin>

More information about the midPoint mailing list