[midPoint] DatabaseTableConnector organization structure sync

mceylan mrveceylan at gmail.com
Tue May 12 21:25:43 CEST 2020 

Hi Arnost,

Hi, do I have to define all parent ones in filter one by one? What will be
added later? and how can I do this?

Arnošt Starosta - AMI Praha a.s. <arnost.starosta at ami.cz>, 12 May 2020 Sal,
20:03 tarihinde şunu yazdı:

> Hi Merve,
>
> you may load the parent org id to each organization in midpoint with
> ordinary resource inbound mapping to an extension attribute. Then create
> the assignment from organization to it's parent org in org template by
> using the parent id in the filter, like this
>
> https://wiki.evolveum.com/display/midPoint/Automatic+Role+Assignment+HOWTO
>
> Do the same for users and their parent orgs.
>
> During the first organization import the parent org may not exist yet (it
> may be processed and created after the child org), thats why you need to
> recompute the orgs second time to get all parent assignments working.
>
> good luck
>
> arnost
>
>
>
>
> út 12. 5. 2020 v 16:33 odesílatel mceylan <mrveceylan at gmail.com> napsal:
>
>> Hi Gustav, Thanks for your answer
>>
>> It did not improve when I imported twice. I didn't understand that. There
>> are users in the database table and there is also identifier and parent
>> information in their information. Users are sorted, for example, by
>> employeeNumber. But unfortunately, the organization name, identifier and
>> parent_id in their columns are not sequential. What do I have to do in this
>> situation?
>>
>> Pálos Gustáv <gustav.palos at gmail.com>, 12 May 2020 Sal, 16:57 tarihinde
>> şunu yazdı:
>>
>>> Hi  mceylan,
>>>
>>> You need organizations in right order (from bottom to top), and I prefer
>>> not using createOnDemand, just create orgs with linked shadows & strong
>>> assignmentTargetSearch.
>>> If you have in wrong order, you need to import "twice", first just
>>> create orgs and assign what you already have, and on second round create
>>> assignments to missing parents from first run.
>>>
>>> best regards,
>>>
>>> Gustav
>>>
>>>
>>> ut 12. 5. 2020 o 15:15 mceylan <mrveceylan at gmail.com> napísal(a):
>>>
>>>> I made it as the attached source. I added the user template in the
>>>> file. This way the organizational tree is created, but parent_id and
>>>> identifier get mixed. So some don't occur under child parent. It occurs as
>>>> a side tab. I couldn't figure it out.
>>>>
>>>> Ivan Noris <ivan.noris at evolveum.com>, 12 May 2020 Sal, 15:57 tarihinde
>>>> şunu yazdı:
>>>>
>>>>> Hi,
>>>>>
>>>>> nothing special. Just use them as AccountObjectClass from the
>>>>> connector and link them to corresponding objects in midPoint (e.g.
>>>>> Organizations).
>>>>>
>>>>> Ivan
>>>>> On 12. 5. 2020 14:55, mceylan wrote:
>>>>>
>>>>> Thanks for the answer, Ivan. So what should I do to pull the
>>>>> organizational units from DB Table resource and create and synchronize the
>>>>> organization tree in midpoint according to parent id and identifier?
>>>>>
>>>>> Ivan Noris <ivan.noris at evolveum.com>, 12 May 2020 Sal, 14:30
>>>>> tarihinde şunu yazdı:
>>>>>
>>>>>> Hi,
>>>>>>
>>>>>> I think DB Table connector supports only AccountObjectClass.
>>>>>>
>>>>>> Ivan
>>>>>>
>>>>>>
>>>>>> On 12. 5. 2020 13:06, mceylan wrote:
>>>>>>
>>>>>> I get the following error when I set
>>>>>> CustomorganizationalUnitObjectClass as database resorce object class. What
>>>>>> would be the reason?
>>>>>>
>>>>>> Error:No objectclass specified and no default can be determined
>>>>>>
>>>>>> <default>true</default>
>>>>>> When I do, I get the following error.
>>>>>>
>>>>>> Internal error: Got unexpected exception:
>>>>>> java.lang.IllegalArgumentException: Operation requires an Account
>>>>>> ObjectClass.
>>>>>>
>>>>>>
>>>>>>
>>>>>> <schemaHandling>
>>>>>>       <objectType id="1">
>>>>>>          <kind>generic</kind>
>>>>>>          <default>false</default>
>>>>>>
>>>>>>  <objectClass>ri:CustomorganizationalUnitObjectClass</objectClass>
>>>>>>          <attribute id="2">
>>>>>>             <c:ref>icfs:uid</c:ref>
>>>>>>             <displayName>Entry UUID</displayName>
>>>>>>             <limitations>
>>>>>>                <access>
>>>>>>                   <read>true</read>
>>>>>>                </access>
>>>>>>             </limitations>
>>>>>>          </attribute>
>>>>>>          <attribute id="3">
>>>>>>             <c:ref>icfs:name</c:ref>
>>>>>>             <displayName>Name</displayName>
>>>>>>             <limitations>
>>>>>>                <minOccurs>0</minOccurs>
>>>>>>                <access>
>>>>>>                   <read>true</read>
>>>>>>                   <add>true</add>
>>>>>>                   <modify>true</modify>
>>>>>>                </access>
>>>>>>             </limitations>
>>>>>>             <inbound id="24">
>>>>>>                <target>
>>>>>>                   <c:path>$user/employeeNumber</c:path>
>>>>>>                </target>
>>>>>>             </inbound>
>>>>>>             <inbound id="43">
>>>>>>                <target>
>>>>>>                   <c:path>$user/name</c:path>
>>>>>>                </target>
>>>>>>             </inbound>
>>>>>>          </attribute>
>>>>>>          <attribute id="15">
>>>>>>             <c:ref>ri:parent_id</c:ref>
>>>>>>             <inbound id="16">
>>>>>>                <target>
>>>>>>                   <c:path>$user/extension/parent_id</c:path>
>>>>>>                </target>
>>>>>>             </inbound>
>>>>>>          </attribute>
>>>>>>          <attribute id="37">
>>>>>>             <c:ref>ri:identifier</c:ref>
>>>>>>             <inbound id="39">
>>>>>>                <target>
>>>>>>                   <c:path>$user/extension/identifier</c:path>
>>>>>>                </target>
>>>>>>             </inbound>
>>>>>>          </attribute>
>>>>>>          <attribute id="32">
>>>>>>             <c:ref>ri:organization_name</c:ref>
>>>>>>             <inbound id="33">
>>>>>>                <target>
>>>>>>                   <c:path>$user/extension/organizationname</c:path>
>>>>>>                </target>
>>>>>>             </inbound>
>>>>>>          </attribute>
>>>>>>          <activation>
>>>>>>             <administrativeStatus>
>>>>>>                <outbound id="5"/>
>>>>>>                <inbound id="6">
>>>>>>                   <strength>weak</strength>
>>>>>>                </inbound>
>>>>>>             </administrativeStatus>
>>>>>>          </activation>
>>>>>>       </objectType>
>>>>>>    </schemaHandling>
>>>>>>
>>>>>>
>>>>>>
>>>>>> _______________________________________________
>>>>>> midPoint mailing listmidPoint at lists.evolveum.comhttps://lists.evolveum.com/mailman/listinfo/midpoint
>>>>>>
>>>>>> --
>>>>>> Ivan Noris
>>>>>> Senior Identity Engineerevolveum.com
>>>>>>
>>>>>> _______________________________________________
>>>>>> midPoint mailing list
>>>>>> midPoint at lists.evolveum.com
>>>>>> https://lists.evolveum.com/mailman/listinfo/midpoint
>>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> Merve CEYLAN
>>>>>
>>>>> _______________________________________________
>>>>> midPoint mailing listmidPoint at lists.evolveum.comhttps://lists.evolveum.com/mailman/listinfo/midpoint
>>>>>
>>>>> --
>>>>> Ivan Noris
>>>>> Senior Identity Engineerevolveum.com
>>>>>
>>>>> _______________________________________________
>>>>> midPoint mailing list
>>>>> midPoint at lists.evolveum.com
>>>>> https://lists.evolveum.com/mailman/listinfo/midpoint
>>>>>
>>>>
>>>>
>>>> --
>>>> Merve CEYLAN
>>>> _______________________________________________
>>>> midPoint mailing list
>>>> midPoint at lists.evolveum.com
>>>> https://lists.evolveum.com/mailman/listinfo/midpoint
>>>>
>>>
>>>
>>> --
>>> s pozdravom
>>>
>>> Gustáv Pálos
>>> _______________________________________________
>>> midPoint mailing list
>>> midPoint at lists.evolveum.com
>>> https://lists.evolveum.com/mailman/listinfo/midpoint
>>>
>>
>>
>> --
>> Merve CEYLAN
>> _______________________________________________
>> midPoint mailing list
>> midPoint at lists.evolveum.com
>> https://lists.evolveum.com/mailman/listinfo/midpoint
>>
>
>
> --
>
> *Arnošt Starosta*
> solution architect
>
> gsm: [+420] 603 794 932
> e‑mail: arnost.starosta at ami.cz
>
> *AMI Praha a.s.*
> Pláničkova 11, 162 00 Praha 6
>
> tel.: [+420] 274 783 239 | web: www.ami.cz
>
> [image: AMI Praha a.s.]
>
> Textem tohoto e‑mailu podepisující neslibuje uzavřít ani neuzavírá
> za společnost AMI Praha a.s.
> jakoukoliv smlouvu. Každá smlouva, pokud bude uzavřena, musí mít výhradně
> písemnou formu.
>
> Tento e‑mail je určen výhradně pro potřeby jeho adresáta/ů a může
> obsahovat důvěrné nebo osobní
> informace. Nejste‑li zamýšleným příjemcem, je zakázáno jakékoliv
> zveřejňování, zprostředkování
> nebo jiné použití těchto informací. Pokud jste obdrželi e‑mail
> neoprávněně, informujte o tom prosím
> odesílatele a vymažte neprodleně všechny kopie tohoto e‑mailu včetně
> všech jeho příloh. Nakládáním
> s neoprávněně získanými informacemi se vystavujete riziku právního postihu.
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> https://lists.evolveum.com/mailman/listinfo/midpoint
>


-- 
Merve CEYLAN
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20200512/8c2efd44/attachment.htm>

More information about the midPoint mailing list