[midPoint] Mapping of Service attributes
Pavol Mederly
mederly at evolveum.com
Wed Nov 16 17:36:43 CET 2016
Resource wizard tries to determine focus type based on <synchronization>
section; so the problem could be there.
Best regards,
Pavol Mederly
Software developer
evolveum.com
On 16.11.2016 15:47, Ivan Noris wrote:
>
> Hi,
>
> schema handling looks ok for me - mapping whatever focus to account.
> Btw. which connector are you using?
>
> But - how are you provisioning this? Which role are you assigning to
> your Service?
>
> I need to see the inducement part of the role...
>
> Ivan
>
>
> On 11/16/2016 03:11 PM, Jiri Brom wrote:
>> Hi,
>>
>> Just for testing I tried to map $focus/identifier as Source in the
>> existing LDAP connector in online demo. In schema handling called
>> "LDAP project groups" it was working. The main difference from my
>> schema handling is that it has __GROUP__ objectClass. Is it possible
>> that attributes from Org, Role or Service can be mapped only to
>> __GROUP__ object class?
>>
>> My schema handling is following:
>>
>> <schemaHandling>
>> <objectType>
>> <kind>account</kind>
>> <default>true</default>
>> <objectClass>ri:AccountObjectClass</objectClass>
>> <attribute>
>> <c:ref>icfs:name</c:ref>
>> <tolerant>true</tolerant>
>> <exclusiveStrong>false</exclusiveStrong>
>> <outbound>
>> <authoritative>true</authoritative>
>> <exclusive>false</exclusive>
>> <strength>normal</strength>
>> <source>
>> <c:path>$focus/name</c:path>
>> </source>
>> </outbound>
>> </attribute>
>> <attribute>
>> <c:ref>ri:identifier</c:ref>
>> <tolerant>true</tolerant>
>> <exclusiveStrong>false</exclusiveStrong>
>> <outbound>
>> <authoritative>true</authoritative>
>> <exclusive>false</exclusive>
>> <strength>normal</strength>
>> <source>
>> <c:path>$focus/identifier</c:path>
>> </source>
>> </outbound>
>> </attribute>
>> </objectType>
>> </schemaHandling>
>>
>>
>> Thank you for your answers,
>>
>> Jiri
>>
>>
>> Jiří Brom
>>
>> e-mail: bromjiri at gmail.com <mailto:bromjiri at gmail.com>
>> CZ: +420723860707
>> AT: +436607144324
>>
>> On Wed, Nov 16, 2016 at 1:33 PM, Ivan Noris <ivan.noris at evolveum.com
>> <mailto:ivan.noris at evolveum.com>> wrote:
>>
>> Hi,
>>
>> the __ACCOUNT__ is the default, yes.
>>
>> I don't know which connector are you using, but in general there
>> is no problem for midPoint to create accounts for organizations
>> or roles; it's just not very common. Normally you sould use
>> <objectClass> in the schema handling to tell the connector which
>> kind of the object it should create.
>>
>> Could you share the resource of at least part of it - schema
>> handling?
>>
>> Ivan
>>
>>
>> On 11/16/2016 01:07 PM, Jiri Brom wrote:
>>> Hi,
>>>
>>> In my case when I try to map for instance "$focus/tenant", which
>>> is an attribute of OrgType
>>> (https://wiki.evolveum.com/display/midPoint/OrgType
>>> <https://wiki.evolveum.com/display/midPoint/OrgType>) it also
>>> doesn't work. Still the same error "No definition for 'tenant'
>>> in user". I think I do some stupid mistake in setup which allows
>>> me to provision User attributes only. Do you use some special
>>> configuration when working with OrgType or RoleType? E.g. Kind,
>>> Intent, etc..
>>>
>>> Or is it possible that the problem is in the ObjectClass defined
>>> in my connector schema? As I understand the Connector
>>> Development Guide, then __ACOUNT__ is the default one (I am
>>> using that one). Do I have to use some other ObjectClass when
>>> mapping Role, Org or other attributes?
>>>
>>> Thank you for your answers,
>>>
>>> Jiri
>>>
>>> Jiří Brom
>>>
>>> e-mail: bromjiri at gmail.com <mailto:bromjiri at gmail.com>
>>> CZ: +420723860707 <tel:%2B420723860707>
>>> AT: +436607144324 <tel:%2B436607144324>
>>>
>>> On Wed, Nov 16, 2016 at 12:57 PM, Pavol Mederly
>>> <mederly at evolveum.com <mailto:mederly at evolveum.com>> wrote:
>>>
>>> The wizard could really have a problem in this respect. We
>>> haven't updated it after Services were introduced, as far as
>>> I know.
>>>
>>> Pavol Mederly
>>> Software developer
>>> evolveum.com <http://evolveum.com>
>>>
>>> On 16.11.2016 12:42, Ivan Noris wrote:
>>>>
>>>> Hi Jiri,
>>>>
>>>> I have not used Service, but for provisioning objects for
>>>> Roles / Organizations I'm using $focus and it should be the
>>>> same for Service.
>>>>
>>>> Maybe the resource wizard has an issue with Service? Just
>>>> thinking. But using XML editor/upload you should be able to
>>>> access the attributes as $focus/identifier etc.
>>>>
>>>> Let us know please anyway.
>>>>
>>>> Regards,
>>>>
>>>> Ivan
>>>>
>>>>
>>>> On 11/16/2016 12:29 PM, Jiri Brom wrote:
>>>>> Hi all,
>>>>>
>>>>> I have a problem with mapping of Service attributes to a
>>>>> connector in Schema handling.
>>>>> I've successfully implemented a midPoint connector which
>>>>> maps User attributes to my resource. Now I want to do the
>>>>> same but with Service attributes.
>>>>>
>>>>> In case of User attributes I can simply define Outbound
>>>>> mapping (e.g. "name", "givenName", "familyName") but I
>>>>> can't figure out how to access Service attributes (e.g.
>>>>> "identifier", "url") in the same way.
>>>>>
>>>>> I know I should probably use "$focus/" variable but the
>>>>> resource wizard keeps notifying me "No definition for
>>>>> 'identifier' in user".
>>>>> Is there a way to simply access the Service attributes?
>>>>>
>>>>> Thank you very much,
>>>>>
>>>>> Jiri
>>>>>
>>>>>
>>>>> e-mail: bromjiri at gmail.com <mailto:bromjiri at gmail.com>
>>>>> CZ: +420723860707 <tel:%2B420723860707>
>>>>>
>>>>>
>>>>>
>>>>> _______________________________________________
>>>>> midPoint mailing list
>>>>> midPoint at lists.evolveum.com
>>>>> <mailto:midPoint at lists.evolveum.com>
>>>>> http://lists.evolveum.com/mailman/listinfo/midpoint
>>>>> <http://lists.evolveum.com/mailman/listinfo/midpoint>
>>>> --
>>>> Ivan Noris
>>>> Senior Identity Engineer
>>>> evolveum.com <http://evolveum.com>
>>>>
>>>> _______________________________________________
>>>> midPoint mailing list
>>>> midPoint at lists.evolveum.com
>>>> <mailto:midPoint at lists.evolveum.com>
>>>> http://lists.evolveum.com/mailman/listinfo/midpoint
>>>> <http://lists.evolveum.com/mailman/listinfo/midpoint>
>>> _______________________________________________ midPoint
>>> mailing list midPoint at lists.evolveum.com
>>> <mailto:midPoint at lists.evolveum.com>
>>> http://lists.evolveum.com/mailman/listinfo/midpoint
>>> <http://lists.evolveum.com/mailman/listinfo/midpoint>
>>>
>>> _______________________________________________
>>> midPoint mailing list
>>> midPoint at lists.evolveum.com <mailto:midPoint at lists.evolveum.com>
>>> http://lists.evolveum.com/mailman/listinfo/midpoint
>>> <http://lists.evolveum.com/mailman/listinfo/midpoint>
>> --
>> Ivan Noris
>> Senior Identity Engineer
>> evolveum.com <http://evolveum.com>
>>
>> _______________________________________________ midPoint mailing
>> list midPoint at lists.evolveum.com
>> <mailto:midPoint at lists.evolveum.com>
>> http://lists.evolveum.com/mailman/listinfo/midpoint
>> <http://lists.evolveum.com/mailman/listinfo/midpoint>
>>
>> _______________________________________________
>> midPoint mailing list
>> midPoint at lists.evolveum.com
>> http://lists.evolveum.com/mailman/listinfo/midpoint
> --
> Ivan Noris
> Senior Identity Engineer
> evolveum.com
>
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> http://lists.evolveum.com/mailman/listinfo/midpoint
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20161116/3015f77d/attachment.htm>
More information about the midPoint
mailing list