[midPoint] Recompute all users is not working for me

Gus Lou gugalou38 at gmail.com
Mon Jun 22 16:02:33 CEST 2020 

Hi Ivan

I've attached my configs:
Resource: AD Resource
Role: Rbac Role - SOC - Sec
Role: Metarole AD Group
Role: gs_snow_sec_soc
Role: gs_jira_sec_soc
Role: gs_spo_sec_soc

I checked the mapping and there is only one field like strong in my
Resource - AD:
<attribute id="18">
                <c:ref xmlns:ri="
http://midpoint.evolveum.com/xml/ns/public/resource/instance-3
">ri:description</c:ref>
                <outbound>
                    <strength>strong</strength>
                    <source>
                        <c:path>description</c:path>
                    </source>
                </outbound>
                <inbound id="20">
                    <target>
                        <c:path>description</c:path>
                    </target>
                </inbound>
            </attribute>

Best Regards

Gus


Em seg., 22 de jun. de 2020 às 08:29, Ivan Noris <ivan.noris at evolveum.com>
escreveu:

> Hi Gus,
>
> I don't know if you are referring to a specific sample, e.g. for the
> metarole.
>
> Sharing it would be helpful.
>
> So far my only idea is to check if the (2nd order) mapping for association
> has strong strength.
>
> Best regards,
>
> Ivan
> On 22. 6. 2020 1:18, Gus Lou wrote:
>
> Hi Guys
> I need the permissions of users assigned to a Role (Rbac role named "Sec -
> SOC") to be updated after adding a new group (gs_spo_sec_soc) to this Role.
> After adding the group to the role, I ran a recompute task, I expected the
> new group to be added to users but it didn't. If I add a new user to the
> role he receives all groups.
>
> Did I do something wrong, did any steps miss?
>
> I followed the instructions on the wiki:
> https://wiki.evolveum.com/display/midPoint/Recompute+Task
>
> And also in this thread:
> https://lists.evolveum.com/pipermail/midpoint/2014-November/000639.html
>
> *My Lab*
> 01 Midpoint 4.1
> 01 Active Directory (Connector Ldap / AD 3.0) Resource
> 01 Metarole: "Metarole for groups - AD" (inducement to Active Directory
> (LDAP) Resource
> 03 Groups (gs_snow_sec_soc, gs_jira_sec_soc, gs_spo_sec_soc) assigned to
> Metarole
> 01 Rbac Role "Sec - SOC" inducements (gs_snow_sec_soc, gs_jira_sec_soc,
> gs_spo_sec_soc)
>
>
> Best Regards
> Gus
>
>
> _______________________________________________
> midPoint mailing listmidPoint at lists.evolveum.comhttps://lists.evolveum.com/mailman/listinfo/midpoint
>
> --
> Ivan Noris
> Senior Identity Engineerevolveum.com
>
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> https://lists.evolveum.com/mailman/listinfo/midpoint
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20200622/46aeb35b/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: RoleType_2020_06_22_10_22_50 - gs_spo_sec_soc.xml
Type: text/xml
Size: 5611 bytes
Desc: not available
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20200622/46aeb35b/attachment.xml>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: RoleType_2020_06_22_10_15_21 - Rbac SOC - Sec.xml
Type: text/xml
Size: 6712 bytes
Desc: not available
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20200622/46aeb35b/attachment-0001.xml>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: RoleType_2020_06_22_09_55_3 - Metarole - AD Groups.xml
Type: text/xml
Size: 4345 bytes
Desc: not available
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20200622/46aeb35b/attachment-0002.xml>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: RoleType_2020_06_22_10_18_14 - gs_snow_sec_soc.xml
Type: text/xml
Size: 5388 bytes
Desc: not available
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20200622/46aeb35b/attachment-0003.xml>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: RoleType_2020_06_22_10_17_34 - gs_jira_sec_soc.xml
Type: text/xml
Size: 5388 bytes
Desc: not available
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20200622/46aeb35b/attachment-0004.xml>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ResourceType_2020_06_22_09_51_28 - Active Directory.xml
Type: text/xml
Size: 384150 bytes
Desc: not available
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20200622/46aeb35b/attachment-0005.xml>

More information about the midPoint mailing list