[midPoint] Fwd: Import or Recon Organization is only creates Shadow, nor Organizational Structure
Martin Lízner - AMI Praha a.s.
martin.lizner at ami.cz
Thu Feb 2 09:32:17 CET 2017
Your welcome :-)
I cache org parent attribute to extension/orgSupOrgId in resource xml and
then make a link based on it with org object template. You could probably
make a link directly from resource xml.
<mapping>
<name>Link org parent</name>
<strength>strong</strength>
<source>
<c:path>$focus/extension/orgSupOrgId</c:path>
</source>
<expression>
<assignmentTargetSearch>
<targetType>c:OrgType</targetType>
<filter>
<q:equal>
<q:path>c:name</q:path>
<expression>
<path>$orgSupOrgId</path>
</expression>
</q:equal>
</filter>
</assignmentTargetSearch>
</expression>
<target>
<path>$focus/assignment</path>
</target>
<c:condition>
<c:script>
<c:code>orgSupOrgId != null</c:code>
</c:script>
</c:condition>
</mapping>
Martin Lízner
solution architect
gsm: [+420] 737 745 571
e-mail: martin.lizner at ami.cz
AMI Praha a.s.
Pláničkova 11
162 00 Praha 6
tel.: [+420] 274 783 239
web: www.ami.cz
[image: AMI Praha a.s.] <http://www.skyidentity.com/>
Textem tohoto e-mailu podepisující neslibuje uzavřít ani neuzavírá za
společnost AMI Praha a.s.
jakoukoliv smlouvu. Každá smlouva, pokud bude uzavřena, musí mít výhradně
písemnou formu.
2017-02-02 8:56 GMT+01:00 Dilek Gider <dilek.gider at basistek.com>:
> Hi Martin,
>
> Thank you so much, yesterday I made changes you have suggested. First of
> all it always gave an error, but when I reset all db, then it worked!
> I think shadows that I created before caused errors.
> But inspite of setting "parentOrgRef" to the correct value, all of
> organizations created seperatedly, I am trying to create all organizations
> bu parent-child relation.
>
>
> On Tue, Jan 31, 2017 at 5:13 PM, Martin Lízner - AMI Praha a.s. <
> martin.lizner at ami.cz> wrote:
>
>> Hi, Im pretty sure there is documentation for that :-) Its called generic
>> synchronization: - https://wiki.evolveum.com/di
>> splay/midPoint/Roles,+Metaroles+and+Generic+Synchronization
>>
>> Basically you handle organizations in the simillar way as accounts. In
>> basic scenario, you would be fine with just resource definition
>> customization. Here is the code snippet from my DBTable connector syncing
>> org. structure. On top of that create live sync or reconcile task to load
>> changes into mp.
>>
>> M.
>>
>> <schemaHandling>
>> <objectType>
>> <kind>generic</kind>
>> <intent>organization</intent>
>> <default>false</default>
>> <objectClass>ri:AccountObjectClass</objectClass>
>> <attribute>
>> <c:ref>icfs:uid</c:ref>
>> <inbound>
>> <strength>strong</strength>
>> <target>
>> <c:path>$focus/name</c:path>
>> </target>
>> </inbound>
>> </attribute>
>> ....
>>
>> <synchronization>
>> <objectSynchronization>
>> <objectClass>ri:AccountObjectClass</objectClass>
>> <kind>generic</kind>
>> <intent>organization</intent>
>> * <focusType>c:OrgType</focusType>*
>> <enabled>true</enabled>
>> <correlation>
>> <q:equal>
>> <q:path>c:name</q:path>
>> <expression>
>> <path>$shadow/attributes/icfs:uid</path>
>> </expression>
>> </q:equal>
>> </correlation>
>> <reaction>
>> <situation>linked</situation>
>> <synchronize>true</synchronize>
>> </reaction>
>> <reaction>
>> <situation>deleted</situation>
>> <synchronize>true</synchronize>
>> <action>
>> <handlerUri>http://midpoint.e
>> volveum.com/xml/ns/public/model/action-3#unlink</handlerUri>
>> </action>
>> </reaction>
>> <reaction>
>> <situation>unlinked</situation>
>> <synchronize>true</synchronize>
>> <action>
>> <handlerUri>http://midpoint.e
>> volveum.com/xml/ns/public/model/action-3#link</handlerUri>
>> </action>
>> </reaction>
>> <reaction>
>> <situation>unmatched</situation>
>> <synchronize>true</synchronize>
>> <action>
>> <handlerUri>http://midpoint.e
>> volveum.com/xml/ns/public/model/action-3#addFocus</handlerUri>
>> </action>
>> </reaction>
>> </objectSynchronization>
>> </synchronization>
>>
>> Martin Lízner
>> solution architect
>>
>> gsm: [+420] 737 745 571 <+420%20737%20745%20571>
>> e-mail: martin.lizner at ami.cz
>>
>>
>> AMI Praha a.s.
>> Pláničkova 11
>> 162 00 Praha 6
>> tel.: [+420] 274 783 239 <+420%20274%20783%20239>
>> web: www.ami.cz
>>
>>
>>
>> [image: AMI Praha a.s.] <http://www.skyidentity.com/>
>>
>> Textem tohoto e-mailu podepisující neslibuje uzavřít ani neuzavírá za
>> společnost AMI Praha a.s.
>> jakoukoliv smlouvu. Každá smlouva, pokud bude uzavřena, musí mít výhradně
>> písemnou formu.
>>
>>
>> 2017-01-31 15:03 GMT+01:00 Dilek Gider <dilek.gider at basistek.com>:
>>
>>> Hi everyone,
>>>
>>> Could you please help me? Organizations added only as Shadows. How can
>>> I add them into real Organizational Structure in to Midpoint?
>>> I asked this question before and nobody answered. There is no
>>> documentation about this problem.
>>>
>>> Thanks in advance
>>>
>>>
>>> ---------- Forwarded message ----------
>>> From: Dilek Gider <dilek.gider at basistek.com>
>>> Date: Wed, Jan 18, 2017 at 4:06 PM
>>> Subject: Import or Recon Organization is only creates Shadow, nor
>>> Organizational Structure
>>> To: midPoint General Discussion <midpoint at lists.evolveum.com>
>>>
>>>
>>> Hi,
>>>
>>> I have ScriptedSQL Connector. I am getting organization structure from
>>> database these attrbutes: name, displayName and parentOrgRef
>>> I tried import and reconciliation type tasks, Shadows are creating
>>> successfully but Organizations are not creating.
>>> I tried both <kind>account</kind> and <kind>generic</kind> on
>>> SchemaHandling. Nothing changes.
>>> How can I import or reconcile organizations and build organization
>>> structure from database? My datas are as follows:
>>>
>>> id name parent_id
>>> 0101 XXX.A.Ş. 0000
>>> 0102 YYY A.Ş. 0000
>>> 0103 ZZZ A.Ş. 0000
>>> 0200 CCCCC AŞ 0000
>>> 0201 SSSSSS 0000
>>> 50001365 MANAGEMENT 0101
>>> 50001366 ASİSTANCE 0101
>>> 50001367 DRIVERS 0101
>>> 50002780 COMMUNICATION 0102
>>> 50004775 MANAGEMENT 0102
>>> 50006930 MANAGEMENT 0103
>>>
>>> <xsd:complexType name="CustomOrganizationObjectClass">
>>> <xsd:annotation>
>>> <xsd:appinfo>
>>> <ra:resourceObject/>
>>> <ra:identifier>icfs:uid</ra:identifier>
>>> <ra:secondaryIdentifier>icfs:
>>> name</ra:secondaryIdentifier>
>>> <ra:displayNameAttribute>icfs
>>> :name</ra:displayNameAttribute>
>>> <ra:namingAttribute>icfs:name</ra:namingAttribute>
>>> <ra:nativeObjectClass>Organiz
>>> ation</ra:nativeObjectClass>
>>> </xsd:appinfo>
>>> </xsd:annotation>
>>> <xsd:sequence>
>>> <xsd:element minOccurs="0" name="displayName"
>>> type="xsd:string">
>>> <xsd:annotation>
>>> <xsd:appinfo>
>>> <a:displayOrder>120</a:displayOrder>
>>> <ra:frameworkAttributeName>di
>>> splayName</ra:frameworkAttributeName>
>>> </xsd:appinfo>
>>> </xsd:annotation>
>>> </xsd:element>
>>> <xsd:element minOccurs="0" name="parentOrg"
>>> type="xsd:string">
>>> <xsd:annotation>
>>> <xsd:appinfo>
>>> <a:displayOrder>130</a:displayOrder>
>>> <ra:frameworkAttributeName>pa
>>> rentOrg</ra:frameworkAttributeName>
>>> </xsd:appinfo>
>>> </xsd:annotation>
>>> </xsd:element>
>>> <xsd:element minOccurs="0" name="description"
>>> type="xsd:string">
>>> <xsd:annotation>
>>> <xsd:appinfo>
>>> <a:displayOrder>140</a:displayOrder>
>>> <ra:frameworkAttributeName>de
>>> scription</ra:frameworkAttributeName>
>>> </xsd:appinfo>
>>> </xsd:annotation>
>>> </xsd:element>
>>> <xsd:element ref="icfs:name">
>>> <xsd:annotation>
>>> <xsd:appinfo>
>>> <a:displayName>ConnId Name</a:displayName>
>>> <a:displayOrder>110</a:displayOrder>
>>> <ra:frameworkAttributeName>__
>>> NAME__</ra:frameworkAttributeName>
>>> </xsd:appinfo>
>>> </xsd:annotation>
>>> </xsd:element>
>>> <xsd:element minOccurs="0" name="name"
>>> type="xsd:string">
>>> <xsd:annotation>
>>> <xsd:appinfo>
>>> <a:displayOrder>150</a:displayOrder>
>>> <ra:frameworkAttributeName>na
>>> me</ra:frameworkAttributeName>
>>> </xsd:appinfo>
>>> </xsd:annotation>
>>> </xsd:element>
>>> <xsd:element minOccurs="0" ref="icfs:uid">
>>> <xsd:annotation>
>>> <xsd:appinfo>
>>> <a:displayName>ConnId UID</a:displayName>
>>> <a:displayOrder>100</a:displayOrder>
>>> <a:access>read</a:access>
>>> </xsd:appinfo>
>>> </xsd:annotation>
>>> </xsd:element>
>>> </xsd:sequence>
>>> </xsd:complexType>
>>>
>>>
>>> <schemaHandling>
>>> <objectType>
>>> <kind>account</kind>
>>> <displayName>OrgType</displayName>
>>> <default>true</default>
>>> <objectClass>ri:CustomOrganizationObjectClass</objectClass>
>>> <attribute>
>>> <c:ref>icfs:uid</c:ref>
>>> <displayName>Entry UUID</displayName>
>>> <limitations>
>>> <access>
>>> <read>true</read>
>>> </access>
>>> </limitations>
>>> </attribute>
>>> <attribute>
>>> <c:ref>icfs:name</c:ref>
>>> <displayName>Organization Id</displayName>
>>> <limitations>
>>> <minOccurs>0</minOccurs>
>>> <access>
>>> <read>true</read>
>>> <add>true</add>
>>> <modify>true</modify>
>>> </access>
>>> </limitations>
>>> <tolerant>false</tolerant>
>>> <exclusiveStrong>false</exclusiveStrong>
>>> <outbound>
>>> <authoritative>true</authoritative>
>>> <exclusive>false</exclusive>
>>> <strength>normal</strength>
>>> <source>
>>> <c:path>$focus/name</c:path>
>>> </source>
>>> </outbound>
>>> <inbound>
>>> <authoritative>true</authoritative>
>>> <exclusive>false</exclusive>
>>> <strength>normal</strength>
>>> <target>
>>> <c:path>$focus/name</c:path>
>>> </target>
>>> </inbound>
>>> </attribute>
>>> <attribute>
>>> <c:ref>ri:name</c:ref>
>>> <displayName>Organization Name</displayName>
>>> <tolerant>false</tolerant>
>>> <exclusiveStrong>false</exclusiveStrong>
>>> <outbound>
>>> <authoritative>true</authoritative>
>>> <exclusive>false</exclusive>
>>> <strength>normal</strength>
>>> <source>
>>> <c:path>$focus/displayName</c:path>
>>> </source>
>>> </outbound>
>>> <inbound>
>>> <authoritative>true</authoritative>
>>> <exclusive>false</exclusive>
>>> <strength>normal</strength>
>>> <target>
>>> <c:path>$focus/displayName</c:path>
>>> </target>
>>> </inbound>
>>> </attribute>
>>> <attribute>
>>> <c:ref>ri:parentOrg</c:ref>
>>> <displayName>Parent Org Id</displayName>
>>> <tolerant>false</tolerant>
>>> <exclusiveStrong>false</exclusiveStrong>
>>> <outbound>
>>> <authoritative>true</authoritative>
>>> <exclusive>false</exclusive>
>>> <strength>normal</strength>
>>> <source>
>>> <c:path>$focus/costCenter</c:path>
>>> </source>
>>> </outbound>
>>> <inbound>
>>> <authoritative>true</authoritative>
>>> <exclusive>false</exclusive>
>>> <strength>normal</strength>
>>> <target>
>>> <c:path>$focus/costCenter</c:path>
>>> </target>
>>> </inbound>
>>> </attribute>
>>> </objectType>
>>> </schemaHandling>
>>> <capabilities>
>>> <cachingMetadata>
>>> <retrievalTimestamp>2017-01-18T14:32:39.006+02:00</retrieva
>>> lTimestamp>
>>> <serialNumber>31a0960a98ab18d-4afc49b08ce181c6</serialNumber>
>>> </cachingMetadata>
>>> <native xmlns:cap="http://midpoint.evo
>>> lveum.com/xml/ns/public/resource/capabilities-3">
>>> <cap:addRemoveAttributeValues/>
>>> <cap:activation>
>>> <cap:status/>
>>> <cap:lockoutStatus/>
>>> </cap:activation>
>>> <cap:credentials>
>>> <cap:password>
>>> <cap:returnedByDefault>false</cap:returnedByDefault>
>>> </cap:password>
>>> </cap:credentials>
>>> <cap:liveSync/>
>>> <cap:testConnection/>
>>> <cap:create/>
>>> <cap:read/>
>>> <cap:update/>
>>> <cap:delete/>
>>> <cap:script>
>>> <cap:host>
>>> <cap:type>connector</cap:type>
>>> </cap:host>
>>> </cap:script>
>>> </native>
>>> </capabilities>
>>> <synchronization>
>>> <objectSynchronization>
>>> <name>Org Unit</name>
>>> <objectClass>ri:CustomOrganizationObjectClass</objectClass>
>>> <kind>account</kind>
>>> <intent>default</intent>
>>> <focusType>c:OrgType</focusType>
>>> <enabled>true</enabled>
>>> <correlation>
>>> <q:description>Correlation expression.</q:description>
>>> <q:equal>
>>> <q:path>c:name</q:path>
>>> <expression>
>>> <c:path>declare namespace icfs='
>>> http://midpoint.evolveum.com/xml/ns/public/connector/i
>>> cf-1/resource-schema-3'; $shadow/attributes/icfs:name</c:path>
>>> </expression>
>>> </q:equal>
>>> </correlation>
>>> <reconcile>false</reconcile>
>>> <reaction>
>>> <name>Linked</name>
>>> <situation>linked</situation>
>>> <synchronize>true</synchronize>
>>> <reconcile>false</reconcile>
>>> </reaction>
>>> <reaction>
>>> <name>Deleted</name>
>>> <situation>deleted</situation>
>>> <synchronize>true</synchronize>
>>> <reconcile>false</reconcile>
>>> <action>
>>> <name>Unlink</name>
>>> <handlerUri>
>>> http://midpoint.evolveum.com/xml/ns/public/model/action-3#unlink
>>> </handlerUri>
>>> </action>
>>> </reaction>
>>> <reaction>
>>> <name>Unlinked</name>
>>> <situation>unlinked</situation>
>>> <synchronize>true</synchronize>
>>> <reconcile>false</reconcile>
>>> <action>
>>> <name>Link</name>
>>> <handlerUri>
>>> http://midpoint.evolveum.com/xml/ns/public/model/action-3#link
>>> </handlerUri>
>>> </action>
>>> </reaction>
>>> <reaction>
>>> <name>Unmatched</name>
>>> <situation>unmatched</situation>
>>> <synchronize>true</synchronize>
>>> <reconcile>false</reconcile>
>>> <objectTemplateRef oid="c0c010c0-d34d-b33f-f00d-777222555111"
>>> type="c:ObjectTemplateType"/>
>>> <action>
>>> <name>Add focus</name>
>>> <handlerUri>
>>> http://midpoint.evolveum.com/xml/ns/public/model/action-3#addFocus
>>> </handlerUri>
>>> </action>
>>> </reaction>
>>> </objectSynchronization>
>>>
>>>
>>>
>>>
>>>
>>>
>>> _______________________________________________
>>> midPoint mailing list
>>> midPoint at lists.evolveum.com
>>> http://lists.evolveum.com/mailman/listinfo/midpoint
>>>
>>>
>>
>> _______________________________________________
>> midPoint mailing list
>> midPoint at lists.evolveum.com
>> http://lists.evolveum.com/mailman/listinfo/midpoint
>>
>>
>
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> http://lists.evolveum.com/mailman/listinfo/midpoint
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20170202/98d2e127/attachment.htm>
More information about the midPoint
mailing list