[midPoint] Inbound mapping using literal expression

Brad Firestone bhotrock at gmail.com
Wed Apr 19 20:42:41 CEST 2017 

Hello,
I am trying to connect an Active Directory resource which will be an 
authoritative source for some of my midPoint Users.  However, I need to 
set some static values for the midPoint User extended attributes and 
these values are unrelated to anything in Active Directory.  I've read 
everything I can find about inbound mapping and expressions and can't 
find how to configure the mapping when there's not a source, and the 
value will just be created by the expression.  The problem seems to be 
what to put in the <ref> field.  (It doesn't work without something 
there.)  I have five of these attributes that I need to set.

Here is my intended attribute setting from the AD resource, without a 
<ref> field:

<attribute>
<ref></ref>
<displayName>Affiliation</displayName>
<inbound>
<expression>
<value>HQ-AD</value>
</expression>
<target>
<path>$user/extension/affiliation</path>
</target>
</inbound>
</attribute>

I'm still getting started with midPoint, and know I'm missing a lot of 
understanding.  Maybe this is something that I need to handle using 
Object Templates?  (I'm still trying to wrap my brain around how 
Templates are used.)

My overall goal is to be able to automatically pull midPoint Users from 
several different resources including two different Active Directories, 
and three different LDAP directories.  Each of these connections will be 
inbound ONLY.  We will also create users directly in midPoint.  Then I 
would use outbound mappings to a different LDAP directory (we can call 
it MasterLDAP) that will include an account for all the midPoint Users.  
I would like all of this to happen "automatically" so that when an 
account is added to one of the "source" resources, the midPoint User 
will be created and also the MasterLDAP account would be projected.  We 
may also end up projecting accounts to other resources at some time in 
the future, but what I have listed is Phase 1.

I would be grateful for any advice on how to best do this.
Thank you!
Brad

More information about the midPoint mailing list