[midPoint] Possible to sync lockoutStatus from AD?
Ivan Noris
ivan.noris at evolveum.com
Wed Jan 20 08:35:47 CET 2016
Hi Jason,
haven't tried yet, but I suppose you need to specify the source/target
attribute in the mappings. Please try $user/activation/lockoutStatus.
Regards,
Ivan
On 01/19/2016 09:18 PM, Jason Everling wrote:
> Late response, I could not get it to work :(
>
> I tried the below,
>
> <attribute>
> <ref>icfs:lockOut</ref>
> <outbound>
> <expression>
> <asIs/>
> </expression>
> </outbound>
> <inbound>
> <expression>
> <asIs/>
> </expression>
> </inbound>
> </attribute>
>
> JASON
>
> JASON
>
> On Tue, Jan 12, 2016 at 8:31 AM, Jason Everling <jeverling at bshp.edu
> <mailto:jeverling at bshp.edu>> wrote:
>
> Nice! I will create a mapping for that, I was searching in github
> and wiki for the connector for lock out, lockout, locked, etc.. no
> wonder why I didn't see it.
>
> JASON
>
> JASON
>
> On Tue, Jan 12, 2016 at 4:36 AM, Pavol Mederly
> <mederly at evolveum.com <mailto:mederly at evolveum.com>> wrote:
>
> Hello Jason,
>
> according to .Net AD Connector sources, there is an attribute
> called "__LOCK_OUT__" (icfs:lockOut in midPoint) that is
> filled-in by the connector.
>
> Do you use it? Have you an inbound mapping for it?
>
> Best regards,
> Pavol
>
>> It is the .NET Connector, and it very well could be not
>> implemented yet. I couldn't find anything on it. I haven't
>> had much time with the new semester start to test out the new
>> LDAP AD Connector,
>>
>> JASON
>>
>> JASON
>>
>> On Mon, Jan 11, 2016 at 9:45 AM, Ivan Noris
>> <ivan.noris at evolveum.com <mailto:ivan.noris at evolveum.com>> wrote:
>>
>> Hi Jason,
>>
>> which connector are you using? .NET/AD or the new LDAP/AD...?
>>
>> Do you have inbound mapping for that attribute?
>>
>> I have never yet tried this, but it might be
>> unimplemented yet (Radovan will know for LDAP/AD at least).
>>
>> Regards,
>> Ivan
>>
>>
>> On 01/11/2016 03:52 PM, Jason Everling wrote:
>>> I noticed that when a user account get's locked in AD it
>>> does not update the lockoutStatus in midpoint. You have
>>> to expand the AD account and then scroll to
>>> Lockout-Status and change it.
>>>
>>> Is there a setting I am missing somewhere in the
>>> resource config or is that not supported by the AD
>>> connector?
>>>
>>> Thanks!
>>> JASON
>>>
>>>
>>>
>>> CONFIDENTIALITY NOTICE:
>>> This e-mail together with any attachments is proprietary
>>> and confidential; intended for only the recipient(s)
>>> named above and may contain information that is
>>> privileged. You should not retain, copy or use this
>>> e-mail or any attachments for any purpose, or disclose
>>> all or any part of the contents to any person. Any views
>>> or opinions expressed in this e-mail are those of the
>>> author and do not represent those of the Baptist School
>>> of Health Professions. If you have received this e-mail
>>> in error, or are not the named recipient(s), you are
>>> hereby notified that any review, dissemination,
>>> distribution or copying of this communication is
>>> prohibited by the sender and to do so might constitute a
>>> violation of the Electronic Communications Privacy Act,
>>> 18 U.S.C. section 2510-2521. Please immediately notify
>>> the sender and delete this e-mail and any attachments
>>> from your computer.
>>>
>>>
>>> _______________________________________________
>>> midPoint mailing list
>>> midPoint at lists.evolveum.com
>>> <mailto:midPoint at lists.evolveum.com>
>>> http://lists.evolveum.com/mailman/listinfo/midpoint
>>
>> --
>> Ing. Ivan Noris
>> Senior Identity Management Engineer & IDM Architect
>> evolveum.com <http://evolveum.com> evolveum.com/blog/ <http://evolveum.com/blog/>
>> ___________________________________________________
>> "Semper Id(e)M Vix."
>>
>>
>> _______________________________________________
>> midPoint mailing list
>> midPoint at lists.evolveum.com
>> <mailto:midPoint at lists.evolveum.com>
>> http://lists.evolveum.com/mailman/listinfo/midpoint
>>
>>
>>
>>
>>
>> CONFIDENTIALITY NOTICE:
>> This e-mail together with any attachments is proprietary and
>> confidential; intended for only the recipient(s) named above
>> and may contain information that is privileged. You should
>> not retain, copy or use this e-mail or any attachments for
>> any purpose, or disclose all or any part of the contents to
>> any person. Any views or opinions expressed in this e-mail
>> are those of the author and do not represent those of the
>> Baptist School of Health Professions. If you have received
>> this e-mail in error, or are not the named recipient(s), you
>> are hereby notified that any review, dissemination,
>> distribution or copying of this communication is prohibited
>> by the sender and to do so might constitute a violation of
>> the Electronic Communications Privacy Act, 18 U.S.C. section
>> 2510-2521. Please immediately notify the sender and delete
>> this e-mail and any attachments from your computer.
>>
>>
>> _______________________________________________
>> midPoint mailing list
>> midPoint at lists.evolveum.com <mailto:midPoint at lists.evolveum.com>
>> http://lists.evolveum.com/mailman/listinfo/midpoint
>
>
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com <mailto:midPoint at lists.evolveum.com>
> http://lists.evolveum.com/mailman/listinfo/midpoint
>
>
>
>
>
>
> CONFIDENTIALITY NOTICE:
> This e-mail together with any attachments is proprietary and
> confidential; intended for only the recipient(s) named above and may
> contain information that is privileged. You should not retain, copy or
> use this e-mail or any attachments for any purpose, or disclose all or
> any part of the contents to any person. Any views or opinions
> expressed in this e-mail are those of the author and do not represent
> those of the Baptist School of Health Professions. If you have
> received this e-mail in error, or are not the named recipient(s), you
> are hereby notified that any review, dissemination, distribution or
> copying of this communication is prohibited by the sender and to do so
> might constitute a violation of the Electronic Communications Privacy
> Act, 18 U.S.C. section 2510-2521. Please immediately notify the sender
> and delete this e-mail and any attachments from your computer.
>
>
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> http://lists.evolveum.com/mailman/listinfo/midpoint
--
Ing. Ivan Noris
Senior Identity Management Engineer & IDM Architect
evolveum.com evolveum.com/blog/
___________________________________________________
"Semper Id(e)M Vix."
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20160120/dcaad743/attachment.htm>
More information about the midPoint
mailing list