[midPoint] recompute on OU members

Dick Muller dick.muller at tahzoo.com
Thu Sep 15 12:41:32 CEST 2016 

Hi Radovan,

Thanks for your answer, I will look into the document as well.

But as extra information I can tell that I have added the End Users group also as inducement in the same way and that one works.
This was created in another version of MidPoint, I’ve upgrade twice since then.

I will check if the End-User group still works, but it absolutely did.

I do this to make it possible for MidPoint users to change and look at their profile if they have a user object in one of our OU’s.

Thanks,

Dick


Dick Muller
Senior Systems Engineer
P: 0031 8 82682586 | M: 0031 6 46477690
E: dick.muller at tahzoo.com | W: www.tahzoo.com
A: Delftechpark 37I, 2628 XJDelft, Netherlands

From: midPoint <midpoint-bounces at lists.evolveum.com> on behalf of Radovan Semancik <radovan.semancik at evolveum.com>
Reply-To: midPoint General Discussion <midpoint at lists.evolveum.com>
Date: Thursday 15 September 2016 at 11:13
To: "midpoint at lists.evolveum.com" <midpoint at lists.evolveum.com>
Subject: Re: [midPoint] recompute on OU members

Hi,

This may be a configuration issue or it may be a bug. Difficult to say. I would quite wonder is this is a bug as we have automated tests for these cases. But no testing is perfect and there is still a chance that something was missed. So first thing would be to make sure that your configuration is correct. Recently I have written down a guide that can help you diagnose the configuration issues and that can also provide more data in case that his is really a bug:

https://wiki.evolveum.com/display/midPoint/Troubleshooting+Mappings



--

Radovan Semancik

Software Architect

evolveum.com

On 09/14/2016 01:37 PM, Dick Muller wrote:
Strangest thing is:
When I configure the role on an OU some users aren’t projected to the group in the AD domain.
If the same user is directly added to the group as an assignment it doesn’t work eighter.
But if I unassign the role from the OU and assign the user directly to that group it works.

Very strange, especially because there are users in that OU that inherit the role successfully.

The user objects in the repository show that they inherit the role. I looked at the shadow objects, the user objects, the role objects.
I absolutely don’t understand why?


[cid:image001.png at 01D20F4E.7C8DCFE0]<http://www.tahzoo.com>

Dick Muller

Senior Systems Engineer


P:

0031 8 82682586<tel:0031%208%2082682586>

 |

M:

0031 6 46477690<tel:0031%206%2046477690>


E:

dick.muller at tahzoo.com<mailto:dick.muller at tahzoo.com>

 |

W:

www.tahzoo.com<http://www.tahzoo.com>


A:

Delftechpark 37I, 2628 XJ Delft, Netherlands<https://www.google.com/maps/place/Delftechpark+37,+2628+XJ+Delft,+Netherlands/@51.997531,4.3824845,17z/data=%213m1%214b1%214m5%213m4%211s0x47c5b589ec2c237b:0x22b6e5d15befb3d5%218m2%213d51.997531%214d4.3846732>



[cid:image002.png at 01D20F4E.7C8DCFE0]




From: midPoint <midpoint-bounces at lists.evolveum.com><mailto:midpoint-bounces at lists.evolveum.com> on behalf of Dick Muller <dick.muller at tahzoo.com><mailto:dick.muller at tahzoo.com>
Reply-To: midPoint General Discussion <midpoint at lists.evolveum.com><mailto:midpoint at lists.evolveum.com>
Date: Wednesday 14 September 2016 at 08:46
To: midPoint General Discussion <midpoint at lists.evolveum.com><mailto:midpoint at lists.evolveum.com>
Subject: [midPoint] recompute on OU members

Hi,

I have 700 users devided over different OU’s for ease of administration.
I now want to add all members of a OU in a new role and added the role as an inducement to the OU.
After that I did a recompute on all members in the OU.

For some reason some users are added to the role and projected to our AD environment successfully.
But most of them are not.

I enabled the projector logging and recomputed two users blokers that was added successfully and mduiker that wasn’t added.
You can find the two logs in this mail.

In the mduiker file there are errors for the NLDFTDC01 (Hinttech) resource, but I don’t mind because I only used that for provisioning.
The projection I really need is to the Tahzoo EU1 envinroment.

In the log I can see the evaluation and the assignment path for the role jira-users and don’t see any errors on that.
But still it isn’t projected to Tahzoo EU1 domain.

Is there something I can do or that I didn’t see?

Thanks in advance,

DIck

[cid:image003.png at 01D20F4E.7C8DCFE0]<http://www.tahzoo.com>

Dick Muller

Senior Systems Engineer


P:

0031 8 82682586<tel:0031%208%2082682586>

 |

M:

0031 6 46477690<tel:0031%206%2046477690>


E:

dick.muller at tahzoo.com<mailto:dick.muller at tahzoo.com>

 |

W:

www.tahzoo.com<http://www.tahzoo.com>


A:

Delftechpark 37I, 2628 XJ Delft, Netherlands<https://www.google.com/maps/place/Delftechpark+37,+2628+XJ+Delft,+Netherlands/@51.997531,4.3824845,17z/data=%213m1%214b1%214m5%213m4%211s0x47c5b589ec2c237b:0x22b6e5d15befb3d5%218m2%213d51.997531%214d4.3846732>



[cid:image004.png at 01D20F4E.7C8DCFE0]








_______________________________________________

midPoint mailing list

midPoint at lists.evolveum.com<mailto:midPoint at lists.evolveum.com>

http://lists.evolveum.com/mailman/listinfo/midpoint


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20160915/952c78a6/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 1294 bytes
Desc: image001.png
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20160915/952c78a6/attachment.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image002.png
Type: image/png
Size: 1069 bytes
Desc: image002.png
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20160915/952c78a6/attachment-0001.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image003.png
Type: image/png
Size: 1295 bytes
Desc: image003.png
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20160915/952c78a6/attachment-0002.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image004.png
Type: image/png
Size: 1070 bytes
Desc: image004.png
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20160915/952c78a6/attachment-0003.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image677000.png
Type: image/png
Size: 1293 bytes
Desc: image677000.png
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20160915/952c78a6/attachment-0004.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image762001.png
Type: image/png
Size: 1068 bytes
Desc: image762001.png
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20160915/952c78a6/attachment-0005.png>

More information about the midPoint mailing list