[midPoint] Map attribute only when account is created
Andrew Morgan
morgan at oregonstate.edu
Tue Sep 4 02:03:10 CEST 2018
Is it possible to only apply an attribute mapping when an account is
created?
I have several attributes that need to be set to an initial value when the
account is created. Later on, such as when the account is activated by
the user (externally, not via midPoint), the attribute is changed or
removed entirely.
In the first case, I can use a weak mapping strength to make sure an
existing value is not overwritten during some later reconciliation.
However, what if the attribute is removed entirely? For example, we set
msExchHideFromAddressLists=TRUE when we create the account. This hides it
from the Exchange Global Address List. When the person activates their
account, a separate script removes the msExchHideFromAddressLists
entirely. Even with a weak mapping, midPoint wants to re-create the
initial value on an existing account. If the mapping only applied during
account creation...
Thanks,
Andy Morgan
Systems Administrator, Identity & Access Management
Information Services | Oregon State University
541-737-8877 | is.oregonstate.edu
More information about the midPoint
mailing list