[midPoint] Resource connection automation

[Wojciech Staszewski]

Hello All!

This question is for those, who have some experience in midPoint deployment.

Simple case:
- You need to connect already working system as a resource to midPoint,
- This system contains a few thousands of user accounts with different
privileges (for simplicity - user groups), and tens of user groups.
- midPoint already has some of these users taken from elsewhere (let's
say from HR system), but some of them are archival, disabled or forgotten.
- Resource user groups are imported as midPoint roles.

The tasks to do:
- map the resource accounts to midPoint users (this is quite easy:
"unliked->link" synchronization action),
- reflect the resource account privileges (group membership) by
assigning adequate role or roles to the midPoint users.

I wonder if you have any kind of worked out automation (scripts? bulk
actions?) for the second task?
Or maybe you're assigning proper roles to the thousands of users just by
clicking it out one by one using midPoint GUI?

Thanks!
WS