[midPoint] midpoint 4.0.1 - need to do a bulk action to assign users from AD specific security group to a role in midpoint
Pascal PÉRICHON
pascal.perichon at u-paris.fr
Fri Sep 4 11:51:38 CEST 2020
hello,
SomethIng like that : this is a task that you should import from import
menu and run from task menu.
by group you mean midpoint organizations ?
This is not tested, so... but it just a start.
<?xml version="1.0" encoding="UTF-8"?>
<objects xmlns="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
xmlns:q="http://prism.evolveum.com/xml/ns/public/query-3"
xmlns:t="http://prism.evolveum.com/xml/ns/public/types-3"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<task>
<name>task suppression Assignement ETUDIANT-LICENCE</name>
<extension>
<scext:executeScript
xmlns:scext="http://midpoint.evolveum.com/xml/ns/public/model/scripting/extension-3"
xmlns:s="http://midpoint.evolveum.com/xml/ns/public/model/scripting-3"
xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
xmlns:t="http://prism.evolveum.com/xml/ns/public/types-3"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:api="http://midpoint.evolveum.com/xml/ns/public/common/api-types-3"
xmlns:q="http://prism.evolveum.com/xml/ns/public/query-3"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:org="http://midpoint.evolveum.com/xml/ns/public/common/org-3">
<s:search>
<s:type>c:UserType</s:type>
<s:query>
<q:filter>
<q:and>
<q:equal>
<q:path>subtype</q:path>
<q:value>ETUDIANT-LICENCE</q:value>
</q:equal>
<q:org>
<q:orgRef>
<!-- TPC group (organization) -->
<q:oid>1f043504-127b-4707-b4dd-11fa5603ef1e</q:oid>
</q:orgRef>
<q:maxDepth>unbounded</q:maxDepth>
</q:org>
</q:and>
</q:filter>
</s:query>
<s:action>
<s:type>modify</s:type>
<s:parameter>
<s:name>delta</s:name>
<c:value xsi:type="t:ObjectDeltaType">
<t:changeType>modify</t:changeType>
<t:itemDelta>
<t:modificationType>add</t:modificationType>
<t:path>c:assignment</t:path>
<t:value xsi:type="c:AssignmentType">
<!-- Telem role -->
<targetRef
oid="f602c03b-4c50-4a7c-8866-59202dc27fad" relation="org:default"
type="c:RoleType"/>
<!-- add multiple role is
necessary -->
<!--targetRef oid="other-role"
relation="org:default" type="c:RoleType"/>
<targetRef oid="another-role"
relation="org:default" type="c:RoleType"/-->
</t:value>
</t:itemDelta>
</c:value>
</s:parameter>
</s:action>
</s:search>
</scext:executeScript>
</extension>
<ownerRef oid="00000000-0000-0000-0000-000000000002"/>
<executionStatus>runnable</executionStatus>
<category>BulkActions</category>
<handlerUri>http://midpoint.evolveum.com/xml/ns/public/model/scripting/handler-3</handlerUri>
<recurrence>single</recurrence>
</task>
</objects>
Le 04/09/2020 à 09:33, mid point via midPoint a écrit :
> Good morning
>
> I ask this question 2 weeks ago, and no answer.
> I supposed i was wrong to think that this question would have
> interested a lot of midpoint users.
> it is maybe too simple.
> in case of someone has an example of bulk action that accomplish what
> i want, please do not hesitate to share
>
> Best regards
>
>
>
>
>
> -----Original Message-----
> From: mid point <pointmid2 at aol.com>
> To: midpoint at lists.evolveum.com <midpoint at lists.evolveum.com>
> Sent: Thu, Aug 20, 2020 5:41 pm
> Subject: [midPoint] midpoint 4.0.1 - need to do a bulk action to
> assign users from AD specific security group to a role in midpoint
>
> Hello
>
> As a short introduction, i'm a new midpoint administrator and i'm
> French :-)
>
> My company is using a midpoint solution, it was installed recently by
> an external company.
> it is working fine so far.
> Midpoint has two AD domain resources
>
> I need to assign all users from an existing security group within one
> of the AD ressources to a midpoint role
> I already created the midpoint role with all necessary assignments and
> inducements
>
> but there is too much users in the security group to assign them one
> by one and i would like to use bulk action to do this.
> Unfortunately , my developer skills are null and for this reason
> kindly request your help
>
> I hope one of you will help me and give me a good script.I hope the
> data below can be enough
>
> the role name is : Telem his OID is
> f602c03b-4c50-4a7c-8866-59202dc27fad
> the security group name is TPC his OID is
> 1f043504-127b-4707-b4dd-11fa5603ef1e
> the AD ressource name is Internal his OID is
> e580a543-6b87-460b-aa80-3525e436cf9f
>
> thanks in advance
>
> Raymond
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com <mailto:midPoint at lists.evolveum.com>
> https://lists.evolveum.com/mailman/listinfo/midpoint
>
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> https://lists.evolveum.com/mailman/listinfo/midpoint
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20200904/589c56ed/attachment.htm>
More information about the midPoint
mailing list