[midPoint] midPoint Digest, Vol 94, Issue 2

Markus Steiner markus.steiner at itconcepts.ch
Mon Feb 3 12:52:58 CET 2020 

Hi Maxime

I will prepare the Documents this afternoon. 


Regards
Markus

-----Original Message-----
From: midPoint <midpoint-bounces at lists.evolveum.com> On Behalf Of midpoint-request at lists.evolveum.com
Sent: Montag, 3. Februar 2020 12:38
To: midpoint at lists.evolveum.com
Subject: midPoint Digest, Vol 94, Issue 2

Send midPoint mailing list submissions to
	midpoint at lists.evolveum.com

To subscribe or unsubscribe via the World Wide Web, visit
	http://lists.evolveum.com/mailman/listinfo/midpoint
or, via email, send a message with subject or body 'help' to
	midpoint-request at lists.evolveum.com

You can reach the person managing the list at
	midpoint-owner at lists.evolveum.com

When replying, please edit your Subject line so it is more specific than "Re: Contents of midPoint digest..."


Today's Topics:

   1. Setting the credentials of a shadow (Chris Woods)
   2. Refresh Shadow : MP 3.7 (Sylvaire kevin TIPA)


----------------------------------------------------------------------

Message: 1
Date: Sun, 2 Feb 2020 16:33:23 +0000
From: Chris Woods <Chris.Woods at rohde-schwarz.com>
To: midPoint General Discussion <midpoint at lists.evolveum.com>
Subject: [midPoint] Setting the credentials of a shadow
Message-ID: <451f26426fcb471abfd991d710425e8b at rohde-schwarz.com>
Content-Type: text/plain; charset="utf-8"

Hi everyone,

does anyone know the correct way (using the Java REST Client) to set the password of a specific resource account. I don't want to set the midpoint password itself - I already have that working. I am trying the following, but not succeeding. I am using the 3.9-SNAPSHOT builds of the java client from October 2019 as I cannot move the system performing the call to Java 11.

ObjectModifyService<ShadowType> oms = impersonateService.shadows().oid(rai.getOid()).modify();
PasswordType password = new PasswordType(); ProtectedStringType passwordString = new ProtectedStringType(); passwordString.getContent().add(newPassword);
password.setValue(passwordString);
password.setForceChange(Boolean.FALSE);

oms.replace("credentials/password", password);

oms.post();

This does cause a modification, but in the audit it shows a "delete" + "add" for the credentials. This does not happen when changing the password via the UI. In addition, the password is not valid on the resource after the REST call. Changing via the UI (where the audit shows just one modify) does work correctly.

The other variation that I tried was :
ObjectCredentialService<ShadowType> ocs = impersonateService.shadows().oid(rai.getOid()).credential();
ExecuteCredentialResetRequestType ecrrt = new ExecuteCredentialResetRequestType();
ecrrt.setResetMethod("passwordReset");
ecrrt.setUserEntry(newPassword);

TaskFuture<ExecuteCredentialResetResponseType> task = ocs.executeResetPassword(ecrrt).apost();

but this results in an "ObjectNotFound" exception.

Thanks in advance!
Regards,
Chris
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.evolveum.com/pipermail/midpoint/attachments/20200202/6f13aaea/attachment-0001.htm>

------------------------------

Message: 2
Date: Mon, 3 Feb 2020 11:37:32 +0000
From: Sylvaire kevin TIPA <sylvaire-kevin.tipa at mythalesgroup.io>
To: "midpoint at lists.evolveum.com" <midpoint at lists.evolveum.com>
Subject: [midPoint] Refresh Shadow : MP 3.7
Message-ID:
	<AM0PR09MB329714B87152A8500A088128C1000 at AM0PR09MB3297.eurprd09.prod.outlook.com>
	
Content-Type: text/plain; charset="utf-8"

Hey all,

I need to use the refresh shadow mechanic but I'm in MP 3.7... Any idee of how I can do this ?

Full explain :

I have CSV resource with all the RH people. I use it for detect deleted account or not present account (CSV Resource is in RO).

When user create MP account, I add a assignment on this resource in order to link user to CSV account. For some reason, I cannot import all CSV account as user, so I use a ugly java code for import CSV account shadow when user is in creation state.

Problem, when user has been manually created or activated, the shadow are not present. MP try to create it on resources and get reject because CSV resource do not support creation.

It's look like shadow are not fully represent resource. I need to run anythings for synchronize CSV resource to shadow repo (import all ressource as shadow ? or else ? )  ...

Maybe I have bad configuration, or missing tasks ... Any help will be great 🙂




Cordialement,



[https://attachment.outlook.office.net/owa/sylvaire-kevin.tipa@mythalesgroup.io/service.svc/s/GetFileAttachment?id=AAMkAGY1ZjY5NWRmLTQ0ZDgtNGNjMy05NzNkLWJmMDRiMWE1MzRlZABGAAAAAABh4WdBWT4xR7DMeIEaHdTyBwAoAS%2FqG5cHS6e%2BmMV1HZP5AAAAAAEJAAAoAS%2FqG5cHS6e%2BmMV1HZP5AAA6Qq2YAAABEgAQABu5cy33gBtFlMD7DO8YR0A%3D&X-OWA-CANARY=ChiPfpk72ke8XYNev7RaMjBqkl3Gx9UY9Eb1nD0ESaO9Vu49v6lQFICf4be4xrzkFIas0KMHQr8.&token=eyJhbGciOiJSUzI1NiIsImtpZCI6IjA2MDBGOUY2NzQ2MjA3MzdFNzM0MDRFMjg3QzQ1QTgxOENCN0NFQjgiLCJ4NXQiOiJCZ0Q1OW5SaUJ6Zm5OQVRpaDhSYWdZeTN6cmciLCJ0eXAiOiJKV1QifQ.eyJ2ZXIiOiJFeGNoYW5nZS5DYWxsYmFjay5WMSIsImFwcGN0eHNlbmRlciI6Ik93YURvd25sb2FkQGNkOTQzYmVhLTZjYmQtNGI1Mi05ZWVkLTY1MDE1MjYwMzBlYSIsImFwcGN0eCI6IntcIm1zZXhjaHByb3RcIjpcIm93YVwiLFwicHJpbWFyeXNpZFwiOlwiUy0xLTUtMjEtMTg2Mjg2NDE5LTE3ODA1Mzc0ODItMzc3MTQ0MjUwMy0xNzA1MDkzXCIsXCJwdWlkXCI6XCIxMTUzODM2Mjk2ODEyMDA2MTcyXCIsXCJvaWRcIjpcImUwNDllZjY1LTA3OTctNGFlNC04YTlkLTI4ZDg4NTU5ZDAzMVwiLFwic2NvcGVcIjpcIk93YURvd25sb2FkXCJ9IiwibmJmIjoxNTI3ODYwODc3LCJleHAiOjE1Mjc4NjE0NzcsImlzcyI6IjAwMDAwMDAyLTAwMDAtMGZmMS1jZTAwLTAwMDAwMDAwMDAwMEBjZDk0M2JlYS02Y2JkLTRiNTItOWVlZC02NTAxNTI2MDMwZWEiLCJhdWQiOiIwMDAwMDAwMi0wMDAwLTBmZjEtY2UwMC0wMDAwMDAwMDAwMDAvYXR0YWNobWVudC5vdXRsb29rLm9mZmljZS5uZXRAY2Q5NDNiZWEtNmNiZC00YjUyLTllZWQtNjUwMTUyNjAzMGVhIn0.nd8YaoCszRU3J-pTpf2fo2Sjs4X8EeyDVIGRODX-WaLwtbDHAXqMEVMw2_wldyedQ07nJYXTXI7yJ8JwPB09H30wKs9ytHcuchZNPhJZWc6x2ssYRUfiW4dtcuFpSIV16vXS_Lu61-cjbcKGtHNAbGDYFgKiv3vMLzge_N95-xkvLd0GDbPrk743gK0l9TUIjfLTgnrK2uqlSwpVRUeL_dSG-_kKqaMyvJNo0Eh55dKUckmZhws2shczl72V4Ftt-dWzklX6lDGZ6goiYMWb3i0T-_QekdsXRNXlCRO7nIUSlBRndBjtfCMaOE40RBI9lcp9VQKmxWAWQDJpNEUhtQ&owa=outlook.office365.com&isImagePreview=True]

Sylvaire-Kevin TIPA
Thales Services / OIC / DevOps Automatisation Infrastructures …………………………………………………………………………………………
THALES SERVICES SAS
44 Quai Charles de Gaulle
CS 20100
69463 Lyon Cedex 06
…………………………………………………………………………………………
www.thalesgroup.com<http://www.thalesgroup.com/>





This message contains confidential information and is intended only for the individual(s) addressed in the message. If you are not the named addressee, you should not disseminate, distribute, or copy this e-mail. If you are not the intended recipient, you are notified that disclosing, distributing, or copying this e-mail is strictly prohibited.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.evolveum.com/pipermail/midpoint/attachments/20200203/e57fc258/attachment.htm>

------------------------------

Subject: Digest Footer

_______________________________________________
midPoint mailing list
midPoint at lists.evolveum.com
http://lists.evolveum.com/mailman/listinfo/midpoint


------------------------------

End of midPoint Digest, Vol 94, Issue 2
***************************************

More information about the midPoint mailing list