[midPoint] Provisioning Scripts in activation

Sylvaire kevin TIPA sylvaire-kevin.tipa at mythalesgroup.io
Mon Oct 29 10:21:26 CET 2018


Hey all,

I want to execute provisioning scripts when an AD Account is activated or disabled. In my AD resource, It's possible to use Provisioning Scripts in activation field or I need to put it as script and make conditional check ?

On last case, how I can catch delta for execute my change only when Administrative status change ? ModelContext variable is available in resource scripts ?

More general, In MP, How I can know what variable are available?


  <activation>
            <administrativeStatus>
               <outbound id="28"/>
                          <-- Provisionning script here ?
            </administrativeStatus>
         </activation>


Or in scripts, but how I can check delta ?
<script>
         <host>resource</host>
         <language>powershell</language>
         <argument>
            <name>identity</name>
            <c:path xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
                    xsi:type="t:ItemPathType">$user/name</c:path>
         </argument>
         <argument>
            <name>createCertificate</name>
            <value>0</value>
         </argument>
         <code>powershell "D:\midpoint\create-certificate\create-certificate.ps1 $identity $createCertificate"</code>
         <operation>modify</operation>
         <kind>account</kind>
         <order>after</order>
         <condition>
            <script xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
                    xsi:type="c:ScriptExpressionEvaluatorType">
               <code>
                                                                   <--Need to check diff between old and new effective status
                                            import com.evolveum.midpoint.xml.ns._public.common.common_3.ActivationStatusType;
                                            return (focus.getActivation()?.getEffectiveStatus() == ActivationStatusType.DISABLED)
                </code>
            </script>
         </condition>

Thanks, Br,

Cordialement,


[cid:8e2f30c3-f5eb-4f4e-aefb-9d083f8a3b45]

Sylvaire-Kevin TIPA
Thales Services / OIC / DevOps Automatisation Infrastructures
......................................................................................................
THALES SERVICES SAS
44 Quai Charles de Gaulle
CS 20100
69463 Lyon Cedex 06
......................................................................................................
www.thalesgroup.com<http://www.thalesgroup.com/>





This message contains confidential information and is intended only for the individual(s) addressed in the message. If you are not the named addressee, you should not disseminate, distribute, or copy this e-mail. If you are not the intended recipient, you are notified that disclosing, distributing, or copying this e-mail is strictly prohibited.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20181029/93702460/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.png
Type: image/png
Size: 6112 bytes
Desc: image001.png
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20181029/93702460/attachment.png>


More information about the midPoint mailing list