[midPoint] Configuring synchronisation of resource account to user
Ivan Noris
ivan.noris at evolveum.com
Thu Apr 20 13:32:35 CEST 2017
Hi,
at first look it looks ok to me, so please post your resource (without
password) and stack trace of the error - or share it somewhere and send
the link please. I will try to look at it when I have some spare time.
On 04/20/2017 01:01 PM, Tommy Montegu wrote:
>
> Hello,
>
>
>
> Thanks for answering me.
>
>
>
> I try what you say but it seems not work.
>
>
>
> I configure my synchronization task like that :
>
>
>
> <correlation>
>
> <q:equal>
>
> <q:path>c:fullName</q:path>
>
> <expression>
>
> <path>$account/attributes/ri:cn</path>
>
> </expression>
>
> </q:equal>
>
> </correlation>
>
> <reconcile>true</reconcile>
>
>
>
> So to me, this would search users in midPoint where fullName equals
> zimbra cn. I look with LDAP Browser, and the cn in Zimbra matching the
> fullName in midPoint.
>
> But after that, I create a reconcile task, and I saw all my account in
> my resource, but with this error :
>
>
>
> Failed to reconciliation: Error occurred during resource object shadow
> owner lookup, reason: Couldn't convert query.
>
>
>
> Please, could you tell me where in my code (or my task) I made a
> mistake ? Why I get this error ? And all this account is in the
> “Unmatched” situation.
>
Unmatched situation is OK (expected), as the correlation failed for now.
>
>
> Moreover, I didn’t see the account appear in Projections tab for the
> user. Do I need to do something to add the projections, after creating
> the reconciliation task ?
>
No, if the reconciliation task finished and links the account, you will
see the projections.
Ivan
--
Ivan Noris
Senior Identity Engineer
evolveum.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20170420/fed2df20/attachment.htm>
More information about the midPoint
mailing list