[midPoint] Inbound mapping using literal expression

Brad Firestone bhotrock at gmail.com
Wed Apr 19 23:14:19 CEST 2017 

Hi Gustáv,

I tried adding the strength tag, removing the displayName tag, and 
rearranging the order so that it matches what you have shown.  I still 
get an error message when testing the connection.  My current attribute 
as defined in the resource's schemaHandling section looks like this:

<attribute>
<inbound>
<strength>strong</strength>
<target>
<c:path>$user/extension/affiliation</c:path>
</target>
<expression>
<value>HQ-AD</value>
</expression>
</inbound>
</attribute>

The error that I get when I try to test the resource connection is:
Schema error while processing schemaHandling section of 
resource:746ecf5e-3e8c-11e6-b2f9-3c970e44b9e2(HQ Active Directory 
(LDAP)): Missing reference to the attribute schema definition in 
definition ResourceAttributeDefinitionType() during processing of 
{http://midpoint.evolveum.com/xml/ns/public/resource/instance-3}queryPolicyBL, 
in definition of resource:746ecf5e-3e8c-11e6-b2f9-3c970e44b9e2(HQ Active 
Directory (LDAP))

Sorry that I didn't think to include the error message in my original 
email.  When I comment out this attribute, I don't receive the error 
message listed above.
Thanks!
Brad

Pálos Gustáv wrote:
> Hi Brad,
>
> for similar case I'm using something like:
> <inbound>
> <strength>strong</strength>
> <target>
> <c:path>locality</c:path>
> </target>
> <expression>
> <description>Fixed locality</description>
> <value>Bratislava</value>
> </expression>
> </inbound>
> </attribute>
>
> Gustav
>
> 2017-04-19 20:42 GMT+02:00 Brad Firestone <bhotrock at gmail.com 
> <mailto:bhotrock at gmail.com>>:
>
>     Hello,
>     I am trying to connect an Active Directory resource which will be
>     an authoritative source for some of my midPoint Users.  However, I
>     need to set some static values for the midPoint User extended
>     attributes and these values are unrelated to anything in Active
>     Directory.  I've read everything I can find about inbound mapping
>     and expressions and can't find how to configure the mapping when
>     there's not a source, and the value will just be created by the
>     expression.  The problem seems to be what to put in the <ref>
>     field.  (It doesn't work without something there.)  I have five of
>     these attributes that I need to set.
>
>     Here is my intended attribute setting from the AD resource,
>     without a <ref> field:
>
>     <attribute>
>     <ref></ref>
>     <displayName>Affiliation</displayName>
>     <inbound>
>     <expression>
>     <value>HQ-AD</value>
>     </expression>
>     <target>
>     <path>$user/extension/affiliation</path>
>     </target>
>     </inbound>
>     </attribute>
>
>     I'm still getting started with midPoint, and know I'm missing a
>     lot of understanding.  Maybe this is something that I need to
>     handle using Object Templates?  (I'm still trying to wrap my brain
>     around how Templates are used.)
>
>     My overall goal is to be able to automatically pull midPoint Users
>     from several different resources including two different Active
>     Directories, and three different LDAP directories.  Each of these
>     connections will be inbound ONLY.  We will also create users
>     directly in midPoint.  Then I would use outbound mappings to a
>     different LDAP directory (we can call it MasterLDAP) that will
>     include an account for all the midPoint Users.  I would like all
>     of this to happen "automatically" so that when an account is added
>     to one of the "source" resources, the midPoint User will be
>     created and also the MasterLDAP account would be projected.  We
>     may also end up projecting accounts to other resources at some
>     time in the future, but what I have listed is Phase 1.
>
>     I would be grateful for any advice on how to best do this.
>     Thank you!
>     Brad
>     _______________________________________________
>     midPoint mailing list
>     midPoint at lists.evolveum.com <mailto:midPoint at lists.evolveum.com>
>     http://lists.evolveum.com/mailman/listinfo/midpoint
>     <http://lists.evolveum.com/mailman/listinfo/midpoint>
>
>
>
>
> -- 
> Gustáv Pálos
> Identity Engineer
> evolveum.com <http://evolveum.com/>
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> http://lists.evolveum.com/mailman/listinfo/midpoint

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20170419/fca56dd6/attachment.htm>

More information about the midPoint mailing list