[midPoint] Map attribute only when account is created
Ivan Noris
ivan.noris at evolveum.com
Tue Sep 4 09:00:44 CEST 2018
Hi Andy,
AFAIK you can use condition for the mapping, and there is internal
variable "operation" which will have value "add" for adding the account
(i.e. create).
Can't find an example right away...
Ivan
On 04.09.2018 02:03, Andrew Morgan wrote:
> Is it possible to only apply an attribute mapping when an account is
> created?
>
> I have several attributes that need to be set to an initial value when
> the account is created. Later on, such as when the account is
> activated by the user (externally, not via midPoint), the attribute is
> changed or removed entirely.
>
> In the first case, I can use a weak mapping strength to make sure an
> existing value is not overwritten during some later reconciliation.
>
> However, what if the attribute is removed entirely? For example, we
> set msExchHideFromAddressLists=TRUE when we create the account. This
> hides it from the Exchange Global Address List. When the person
> activates their account, a separate script removes the
> msExchHideFromAddressLists entirely. Even with a weak mapping,
> midPoint wants to re-create the initial value on an existing account.
> If the mapping only applied during account creation...
>
> Thanks,
>
> Andy Morgan
> Systems Administrator, Identity & Access Management
> Information Services | Oregon State University
> 541-737-8877 | is.oregonstate.edu
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> http://lists.evolveum.com/mailman/listinfo/midpoint
--
Ivan Noris
Senior Identity Engineer
evolveum.com
More information about the midPoint
mailing list