[midPoint] Adding Custom Attributes to Midpoint

Mencel, Matt mr-mencel at wiu.edu
Tue Aug 23 19:32:42 CEST 2016


The CSV is the authoritative source.  When an account is first sent in that
file I don't have an LDAP entry for it yet, so no username can be assigned
yet.  So ideally what would happen...

- New user created from the CSV with the ID as it's name for the time
being...
- An LDAP account is then provisioned based on the info and I get the
username back from the LDAP resource
- "Rename" the object in midpoint with the username set as name and ID
would be in the employeeID attribute.

I haven't done anything with the name attribute yet because I wasn't sure
what I needed to do.  So right now it just picks up the ID from the CSV I
think because that is what is set as the "uniqueIdentifier" in that
resource.

<attribute>
<ref>icfs:name</ref>
<displayName>Name</displayName>
<outbound>
<strength>weak</strength>
<source>
<path>$user/name</path>
</source>
</outbound>
<inbound>
<target>
<path>$user/name</path>
</target>
</inbound>
</attribute>

On Tue, Aug 23, 2016 at 12:22 PM, Jason Everling <jeverling at bshp.edu> wrote:

> In one of our resources, we also use the ID as the unique identifier. Do
> the users already exist in midpoint that the CSV accounts belong too? If
> so, then you would match based on your extension attribute, what do you
> have for icfs:name mapping? like our CSV for example,
>
>                 <attribute>
>                     <ref>icfs:name</ref>
>                     <displayName>Name</displayName>
>                     <limitations>
>                         <minOccurs>0</minOccurs>
>                         <access>
>                             <read>true</read>
>                         </access>
>                     </limitations>
>                     <inbound>
>                         <target>
>                             <path>
>                                 $c:user/c:extension/bshp:uniqueID
>                             </path>
>                         </target>
>                     </inbound>
>                 </attribute>
>
>                 <correlation>
>                     <q:equal>
>                         <q:path>c:user/c:extension/bshp:unqiueID</q:path>
> <expression>
> <path>
> declare namespace icfs="http://midpoint.evolveum.com/xml/ns/public/
> connector/icf-1/resource-schema-3";
> $account/attributes/icfs:name
> </path>
> </expression>
>                     </q:equal>
>                 </correlation>
>
> This way, if it is an existing user with the same value, it will match and
> link accounts, if not, then the object template will generate a new user
> based on what we have defined as a 'username'
>
> JASON
>
> On Tue, Aug 23, 2016 at 10:50 AM, Mencel, Matt <mr-mencel at wiu.edu> wrote:
>
>> I meant to include this screenshot in my reply....
>>
>>
>>>>
>> On Tue, Aug 23, 2016 at 10:37 AM, Mencel, Matt <mr-mencel at wiu.edu> wrote:
>>
>>> So I have a followup question.  In my CSV resource the unique attribute
>>> is an ID number.  It's getting imported to the "Name" field in Midpoint.
>>> It's just odd that the "Name" appears as the id number.  Can I rename that
>>> field or should I import that ID attribute to a new custom field that I put
>>> in my custom schema file?  Is there a way to present a custom schema
>>> attribute in that top bar?
>>>
>>> I'm assuming the Name field in Midpoint really should be a username as
>>> that seems to be the intent for that.  When I get my LDAP resource working
>>> I will be able to add the username data, but I'm not that far yet.  So just
>>> trying to figure out how to handle it with the data coming from the CSV
>>> import.
>>>
>>> Thanks,
>>> Matt
>>>
>>> On Mon, Aug 22, 2016 at 5:20 PM, Mencel, Matt <mr-mencel at wiu.edu> wrote:
>>>
>>>> Figured it out.  Have to call $user/extention/major in the attribute
>>>> mapping.
>>>>
>>>>
>>>>
>>>> On Mon, Aug 22, 2016 at 5:17 PM, Mencel, Matt <mr-mencel at wiu.edu>
>>>> wrote:
>>>>
>>>>> Ah, of course...thanks for that link.  I created the xsd file with my
>>>>> new attributes...
>>>>>
>>>>> <xsd:element name="major" type="xsd:string" minOccurs="0"
>>>>> maxOccurs="unbounded">
>>>>>                 <xsd:annotation>
>>>>>                     <xsd:appinfo>
>>>>>                         <a:indexed>true</a:indexed>
>>>>>                         <a:displayName>Major</a:displayName>
>>>>>                         <a:displayOrder>130</a:displayOrder>
>>>>>                     </xsd:appinfo>
>>>>>                 </xsd:annotation>
>>>>>             </xsd:element>
>>>>>
>>>>> I see the empty fields now in the user entry (Extension section), but
>>>>> I must still be missing something because I'm still not getting it during
>>>>> the import.  Do I have to do anything different in the schemaHandling
>>>>> section of my resource in order to use it?
>>>>>
>>>>> <schemaHandling>
>>>>> ...
>>>>> <attribute>
>>>>>           <ref>ri:major</ref>
>>>>>           <displayName>Major</displayName>
>>>>>           <outbound>
>>>>>             <strength>weak</strength>
>>>>>             <source>
>>>>>               <path>$user/major</path>
>>>>>             </source>
>>>>>           </outbound>
>>>>>           <inbound>
>>>>>             <target>
>>>>>               <path>$user/major</path>
>>>>>             </target>
>>>>>           </inbound>
>>>>>         </attribute>
>>>>> ...
>>>>>
>>>>> On Mon, Aug 22, 2016 at 4:56 PM, Brad Fardig <
>>>>> brad.fardig at cogitogroup.com.au> wrote:
>>>>>
>>>>>> Hi Matt,
>>>>>>
>>>>>>
>>>>>>
>>>>>> This doc provides an example of how to add the schema extensions that
>>>>>> you require:  https://wiki.evolveum.com/disp
>>>>>> lay/midPoint/Custom+Schema+Extension
>>>>>>
>>>>>>
>>>>>>
>>>>>> Hope this helps
>>>>>>
>>>>>>
>>>>>>
>>>>>> Regards,
>>>>>>
>>>>>>
>>>>>>
>>>>>> Brad
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> *From:* midPoint [mailto:midpoint-bounces at lists.evolveum.com] *On
>>>>>> Behalf Of *Mencel, Matt
>>>>>> *Sent:* Tuesday, 23 August 2016 7:39 AM
>>>>>> *To:* midPoint General Discussion <midpoint at lists.evolveum.com>
>>>>>> *Subject:* [midPoint] Adding Custom Attributes to Midpoint
>>>>>>
>>>>>>
>>>>>>
>>>>>> I have lots of custom attributes in my different resources (e.g.
>>>>>> studentId, major, minor, etc....).  I'd like to add this and many others to
>>>>>> Midpoint so I can sync them between resources.  I see there is an
>>>>>> objectTemplate that can be used, but the examples I've seen only only show
>>>>>> using that to do actions like create fullName from givenName and
>>>>>> familyName.
>>>>>>
>>>>>>
>>>>>>
>>>>>> Do I also use objectTemplate when I just want to sync a new attribute
>>>>>> in from a resource?  Or should it be picking that up from the schema?
>>>>>>
>>>>>>
>>>>>>
>>>>>> I get errors like this when attempting to import an account with a
>>>>>> custom attribute.
>>>>>>
>>>>>>
>>>>>>
>>>>>> 2016-08-22 16:35:45,425 [] [http-nio-8080-exec-4] WARN
>>>>>> (com.evolveum.midpoint.provisioning.impl.ResourceManager): Schema
>>>>>> error while processing schemaHandling section of
>>>>>> resource:0d6babea-6896-11e6-9d38-0050569aa9d2(CSV TEADVS):
>>>>>> Definition of attribute studentmajor not found in object class {
>>>>>> http://midpoint.evolveum.com/xml/ns/public/resource/instanc
>>>>>> e-3}AccountObjectClass as defined in definition of
>>>>>> resource:0d6babea-6896-11e6-9d38-0050569aa9d2(CSV TEADVS)
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> *This email, and any attachment, is confidential and also privileged.
>>>>>> If you have received it in error, please notify me immediately and delete
>>>>>> it from your system along with any attachments. You should not copy or use
>>>>>> it for any purpose, nor disclose its contents to any other person. *
>>>>>>
>>>>>> _______________________________________________
>>>>>> midPoint mailing list
>>>>>> midPoint at lists.evolveum.com
>>>>>> http://lists.evolveum.com/mailman/listinfo/midpoint
>>>>>>
>>>>>>
>>>>>
>>>>
>>>
>>
>> _______________________________________________
>> midPoint mailing list
>> midPoint at lists.evolveum.com
>> http://lists.evolveum.com/mailman/listinfo/midpoint
>>
>>
>
>
>
> CONFIDENTIALITY NOTICE:
> This e-mail together with any attachments is proprietary and confidential;
> intended for only the recipient(s) named above and may contain information
> that is privileged. You should not retain, copy or use this e-mail or any
> attachments for any purpose, or disclose all or any part of the contents to
> any person. Any views or opinions expressed in this e-mail are those of the
> author and do not represent those of the Baptist School of Health
> Professions. If you have received this e-mail in error, or are not the
> named recipient(s), you are hereby notified that any review, dissemination,
> distribution or copying of this communication is prohibited by the sender
> and to do so might constitute a violation of the Electronic Communications
> Privacy Act, 18 U.S.C. section 2510-2521. Please immediately notify the
> sender and delete this e-mail and any attachments from your computer.
>
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> http://lists.evolveum.com/mailman/listinfo/midpoint
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20160823/3bd8783d/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: Screen Shot 2016-08-23 at 10.28.56 AM.png
Type: image/png
Size: 36370 bytes
Desc: not available
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20160823/3bd8783d/attachment.png>


More information about the midPoint mailing list