[midPoint] LDAP Import - No Sync Policy?

Pavol Mederly mederly at evolveum.com
Sat Aug 27 00:17:48 CEST 2016 

Matt,

this is really strange. I've imported your configuration (adapted to a 
CSV resource) and it works.

Please, could you make sure the script in <condition> section really 
starts and check the result it produces?

If that would not help, there is a brute force approach:

 1. Set logging to TRACE for both Model and Provisioning (don't forget
    to remove Projector & Clockwork logging entries, as they are part of
    Model and are set to INFO by default).
 2. Prepare to invoke one-time import
 3. Clear the log
 4. Invoke the import
 5. Post the log to the gist

I'll be awake for next ~ 20 minutes to be able to help you, if 
necessary. Or on Monday then...

Pavol Mederly
Software developer
evolveum.com

On 26.08.2016 23:59, Mencel, Matt wrote:
> Thanks Pavol,
>
> I enabled trace logging and added the segment for my user account to 
> that gist.  The trace says there's no matching policy.
>
> Matt
>
> On Fri, Aug 26, 2016 at 3:45 PM, Pavol Mederly <mederly at evolveum.com 
> <mailto:mederly at evolveum.com>> wrote:
>
>     Matt,
>
>     on first look I don't see anything suspicious.
>
>     You could try the following:
>
>      1. enable TRACE logging for
>         com.evolveum.midpoint.model.impl.sync.SynchronizationServiceImpl
>         (or whole com.evolveum.midpoint.model.impl.sync if you like)
>      2. manually import one account (from Resource -> Account -> From
>         resource view)
>
>     and then have a look into the log; the reason should be there.
>
>     Regards,
>
>     Pavol Mederly
>     Software developer
>     evolveum.com <http://evolveum.com>
>
>     On 26.08.2016 22:33, Mencel, Matt wrote:
>>     So I've got the LDAP import running. I see all the shadow objects
>>     appear in Midpoint. It should be matching on about 80 accounts
>>     based on my confirmation rule and actually create the account
>>     object in Midpoint.  When the import runs though it always says
>>     "no sync policy" for every object.  I think I should see the 80
>>     or so unmatched and then have them appear as users in Midpoint.
>>
>>     I've tried to make my resource as generic as possible for now
>>     until I get a working config. Can anyone see what I might be
>>     doing wrong?
>>
>>     https://gist.github.com/MattMencel/f7f9ad65a791d15c9dc820d747dc6197
>>     <https://gist.github.com/MattMencel/f7f9ad65a791d15c9dc820d747dc6197>
>>
>>     Thanks,
>>     Matt
>>
>>
>>     _______________________________________________
>>     midPoint mailing list
>>     midPoint at lists.evolveum.com <mailto:midPoint at lists.evolveum.com>
>>     http://lists.evolveum.com/mailman/listinfo/midpoint
>>     <http://lists.evolveum.com/mailman/listinfo/midpoint>
>     _______________________________________________ midPoint mailing
>     list midPoint at lists.evolveum.com
>     <mailto:midPoint at lists.evolveum.com>
>     http://lists.evolveum.com/mailman/listinfo/midpoint
>     <http://lists.evolveum.com/mailman/listinfo/midpoint> 
>
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> http://lists.evolveum.com/mailman/listinfo/midpoint
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20160827/d4def462/attachment.htm>

More information about the midPoint mailing list