[midPoint] Import users from AD

Ivan Noris ivan.noris at evolveum.com
Fri May 18 11:55:29 CEST 2018 

Hi,

what do you want to achieve? Import only accounts from ou=users? That
can be done using condition in <objectSynchronization>...

Ivan


On 17.05.2018 15:17, Peter Viskup wrote:
> Trying to import users from AD tree to Midpoint without success
> (inbound mapping).
> Not able to define inbound mapping condition with check of the value
> of DN attribute.
>
> This is schema handling for users:
>
>       <objectType>
>          <kind>account</kind>
>          <intent>corp</intent>
>          <displayName>User CORP</displayName>
>          <default>true</default>
>          <objectClass>ri:user</objectClass>
>          <attribute>
>             <c:ref>ri:sAMAccountName</c:ref>
>             <displayName>Account name</displayName>
>             <tolerant>true</tolerant>
>             <exclusiveStrong>false</exclusiveStrong>
>             <inbound>
>                <authoritative>false</authoritative>
>                <exclusive>true</exclusive>
>                <strength>normal</strength>
>                <source>
>                   <name>dn</name>
>                   <c:path>$shadow/attributes/distinguishedName</c:path>
>                </source>
>                <target>
>                   <c:path>$user/name</c:path>
>                </target>
>                <condition>
>                   <script xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
>                           xsi:type="c:ScriptExpressionEvaluatorType">
>                      <code>
>         log.info("Attribute dn value: {}", dn.dump());
>         log.info("Attribute input value: {}", input.dump());
>         if (!basic.isEmpty(dn)){
>           return dn.contains('OU=Users');
>         }
>         return false;
>                      </code>
>                   </script>
>                </condition>
>             </inbound>
>          </attribute>
>
> Getting error (seems both dn and input variables are not defined):
>
> Cannot invoke method hashCode() on null object in condition in mapping
> in inbound expression for
> {http://midpoint.evolveum.com/xml/ns/public/resource/instance-3}sAMAccountName
> in resource:2a59c3d6-9d65-4284-980a-3bb8404126b3(Active Directory
> CORP)({.../common/common-3}input=null; dn=null; ) in condition in
> mapping in inbound expression for
> {http://midpoint.evolveum.com/xml/ns/public/resource/instance-3}sAMAccountName
> in resource:2a59c3d6-9d65-4284-980a-3bb8404126b3(Active Directory
> CORP)
>
> What source and target paths needs to used in this case?
>
> Peter
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> http://lists.evolveum.com/mailman/listinfo/midpoint

-- 
Ivan Noris
Senior Identity Engineer
evolveum.com

More information about the midPoint mailing list