[midPoint] Group sync error for scriptedsql with Sentrifugo HR database

Fri Oct 12 18:27:54 CEST 2018

Hi,

you may try to add this to schemahandling:
<attribute>
<ref>icfs:name</ref>
</attribute>

icfs:name is in your correlation rule and it's at least required to show objects in gui (afaik).

-----Ursprüngliche Nachricht-----
Von: midPoint [mailto:midpoint-bounces at lists.evolveum.com] Im Auftrag von Dieter Plassmann
Gesendet: Freitag, 12. Oktober 2018 16:25
An: midpoint at lists.evolveum.com
Betreff: [midPoint] Group sync error for scriptedsql with Sentrifugo HR database

Dear MidPoint community,
I trying to connect the open source HR database Sentrifugo to MidPoint.
The data of users, employees, business units, departments, roles and job titles
is split among various database tables.
Therefore I have started from the “scriptedsql” sample to adopted to this use case.
I have conducted successfully the import and sync. of user, employees
including attributes (ids) for the users business unit, department, role and job title.

I got stock how to import and sync. role and job titles to MidPoint roles as well
as business units and departments to Midpoint Org. structure.

I have to confess I’m novice on MidPoint. Thus please forgive me, if I’m asking for the obvious.

Enclosed, I describe the steps and adoptions I have performed for the groups, but first of all the error message that currently blocks my progress during import of roles.

“User: No name in new object null as produced by template null in iteration 0, we cannot process an object without a name”
I assume my fault is in the correlation query of the sync object, but did’t get a clue how to adopt this.

1. SearchScript.groovy
I changed the table name to “main_roles” and the corresponding column names.
case "Group":
sql.eachRow("SELECT * FROM main_roles" + where, {result_list.add([__UID__:it.id, __NAME__:it.rolename, description:it.roledescription])} );

2. SchemaScript.groovy
I add the column names
group.addAttributeInfo(AttributeInfoBuilder.build("rolename", String.class, flags));
group.addAttributeInfo(AttributeInfoBuilder.build("roledescription", String.class));

3. localhost-scriptedsql-advanced-sync.xml
I add an new objectType with objectClass ri:CustomGroupObjectClass
<objectType>
<kind>entitlement</kind>
<intent>group</intent>
<default>true</default>
<displayName>User Role</displayName>
<objectClass>ri:CustomGroupObjectClass</objectClass>
<attribute>
<ref>icfs:uid</ref>
<displayName>Entry UUID</displayName>
</attribute>
<attribute>
<ref>ri:rolename</ref>
<displayName>User role</displayName>
<inbound>
<target>
<path>$focus/name</path>
</target>
</inbound>
</attribute>
<attribute>
<ref>ri:roledescription</ref>
<displayName>Description</displayName>
<inbound>
<target>
<path>$focus/description</path>
</target>
</inbound>
</attribute>
</objectType>

4. localhost-scriptedsql-advanced-sync.xml
I add an objectSynchronization for the object Class ri:CustomGroupObjectClass

<objectSynchronization>
<enabled>true</enabled>
<objectClass>ri:CustomGroupObjectClass</objectClass>
<kind>entitlement</kind>
<intent>group</intent>
<focusType>c:RoleType</focusType>
<correlation>
<q:equal>
<q:path>c:name</q:path>
<expression>
<path>
declare namespace icfs="http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/resource-schema-3";
$account/attributes/icfs:name
</path>
</expression>
</q:equal>
</correlation>

<reaction>
<situation>linked</situation>
<action>
<handlerUri>http://midpoint.evolveum.com/xml/ns/public/model/action-3#modifyFocus</handlerUri>
</action>
</reaction>
<reaction>
<situation>deleted</situation>
<action>
<handlerUri>http://midpoint.evolveum.com/xml/ns/public/model/action-3#deleteFocus</handlerUri>
</action>
</reaction>
<reaction>
<situation>unlinked</situation>
<action>
<handlerUri>http://midpoint.evolveum.com/xml/ns/public/model/action-3#link</handlerUri>
</action>
</reaction>
<reaction>
<situation>unmatched</situation>
<action>
<handlerUri>http://midpoint.evolveum.com/xml/ns/public/model/action-3#addFocus</handlerUri>
</action>
</reaction>
</objectSynchronization>

5. Generated using the GUI an import task:

Type: Import Accounts (tried also reconciliation with the same result)
Resource: scriptedsql
Kind: entitlement
Object class: CustomGroupObjectClass (also tried to leave this empty)

The shadow accounts are generated, but I end up with the error message:
“User: No name in new object null as produced by template null in iteration 0, we cannot process an object without a name”

I’m looking forward, if someone can give me a hint to put me back on the right track. Right now I’m lost.

Thanks a lot in advance

Dieter

_______________________________________________
midPoint mailing list
midPoint at lists.evolveum.com
http://lists.evolveum.com/mailman/listinfo/midpoint
WWK Lebensversicherung a. G., Vorstand: Jürgen Schrameier (V.), Rainer Gebhart (stv. V.), Dirk Fassott; Vorsitzender des Aufsichtsrats: Dr. Frank Schindelhauer, Sitz München, Registergericht München HR B 211; WWK Allgemeine Versicherung AG, Vorstand: Jürgen Schrameier (V.), Rainer Gebhart (stv. V.), Dirk Fassott; Vorsitzender des Aufsichtsrats: Prof. Dr. Peter Reiff, Sitz München, Registergericht München HR B 5553; WWK Vermögensverwaltungs und Dienstleistungs GmbH, Geschäftsführer: Karl Ruffing, Stefan Sedlmeir, Sitz München, Registergericht München HR B 76323; WWK Pensionsfonds AG, Vorstand: Ansgar Eckert, Karl Ruffing, Heinrich Schüppert; Vorsitzender des Aufsichtsrats: Dirk Fassott, Sitz München, Registergericht München HR B 146295; Hausanschrift: Marsstraße 37, 80335 München; WWK Investment S.A., Verwaltungsrat: Karl Ruffing (V.), Ansgar Eckert, Stefan Schneider (Hauck & Aufhäuser), Handelsregister: R.C. Luxembourg Nr. B 81 270, Sitz der Gesellschaft: 1c, rue Gabriel Lippmann, L-5365 Munsbach
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5623 bytes
Desc: not available
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20181012/819928e2/attachment.bin>