[midPoint] Import users from AD

Peter Viskup skupko.sk at gmail.com
Thu May 17 15:17:01 CEST 2018


Trying to import users from AD tree to Midpoint without success
(inbound mapping).
Not able to define inbound mapping condition with check of the value
of DN attribute.

This is schema handling for users:

      <objectType>
         <kind>account</kind>
         <intent>corp</intent>
         <displayName>User CORP</displayName>
         <default>true</default>
         <objectClass>ri:user</objectClass>
         <attribute>
            <c:ref>ri:sAMAccountName</c:ref>
            <displayName>Account name</displayName>
            <tolerant>true</tolerant>
            <exclusiveStrong>false</exclusiveStrong>
            <inbound>
               <authoritative>false</authoritative>
               <exclusive>true</exclusive>
               <strength>normal</strength>
               <source>
                  <name>dn</name>
                  <c:path>$shadow/attributes/distinguishedName</c:path>
               </source>
               <target>
                  <c:path>$user/name</c:path>
               </target>
               <condition>
                  <script xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
                          xsi:type="c:ScriptExpressionEvaluatorType">
                     <code>
        log.info("Attribute dn value: {}", dn.dump());
        log.info("Attribute input value: {}", input.dump());
        if (!basic.isEmpty(dn)){
          return dn.contains('OU=Users');
        }
        return false;
                     </code>
                  </script>
               </condition>
            </inbound>
         </attribute>

Getting error (seems both dn and input variables are not defined):

Cannot invoke method hashCode() on null object in condition in mapping
in inbound expression for
{http://midpoint.evolveum.com/xml/ns/public/resource/instance-3}sAMAccountName
in resource:2a59c3d6-9d65-4284-980a-3bb8404126b3(Active Directory
CORP)({.../common/common-3}input=null; dn=null; ) in condition in
mapping in inbound expression for
{http://midpoint.evolveum.com/xml/ns/public/resource/instance-3}sAMAccountName
in resource:2a59c3d6-9d65-4284-980a-3bb8404126b3(Active Directory
CORP)

What source and target paths needs to used in this case?

Peter



More information about the midPoint mailing list