[midPoint] Problem with correlation and external attribute

Ethan Kromhout kromhout at unc.edu
Wed Sep 23 15:12:16 CEST 2020 

I have used an extension attribute in a similar way, though it wasn't 
with AD. In my case I explicitly called out the namespace of the custom 
schema, not sure if that was required, but it works okay. Do note that 
the custom attribute must be indexed.

In my schema I have the namespace and indexed attribute, note the 
"targetNamespace":

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<xsd:schema elementFormDefault="qualified"
             targetNamespace="http://unc.edu/xml/ns/uncPerson"
             xmlns:tns="http://example.com/xml/ns/mySchema"
xmlns:a="http://prism.evolveum.com/xml/ns/public/annotation-3"
xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
             xmlns:xsd="http://www.w3.org/2001/XMLSchema">

    <xsd:element name="subId" type="xsd:string" minOccurs="0" maxOccurs="1">
                 <xsd:annotation>
                     <xsd:appinfo>
                         <a:indexed>true</a:indexed>
<a:displayName>subId</a:displayName>
                         <a:help>Subject ID</a:help>
<a:displayOrder>150</a:displayOrder>
                     </xsd:appinfo>
                 </xsd:annotation>
             </xsd:element>

Then in the correlation I reference that namespace as uncPerson:

<correlation>
                 <q:equal>
                     <q:path 
xmlns:uncPerson="http://unc.edu/xml/ns/uncPerson">extension/uncPerson:subId</q:path>
                     <expression>
                         <path 
xmlns:ri="http://midpoint.evolveum.com/xml/ns/public/resource/instance-3">
                             declare namespace 
ri="http://midpoint.evolveum.com/xml/ns/public/resource/instance-3";
                             $account/attributes/ri:pid
                         </path>
                     </expression>
                 </q:equal>
             </correlation>

Ethan

On 9/23/20 8:55 AM, Andrea Picconi via midPoint wrote:
>
> Hi all,
>
> I have a problem for which I have searched for a solution everywhere, 
> but I couldn’t find anything: I am making a correlation between an 
> extended attribute present in the user in midpoint (*/uidLDAP/*) and 
> the */sAMAccountName/* attribute of an AD account that I need to import.
>
> below, you can see one of the tests made (of the many)
>
> but this does not give me any errors, it just tells me that the 
> correlation has reported an unmatched:
>
> But if I try to force the correlation by choosing the "change owner" 
> option and going to grab the correct user by hand in midpoint, it works
>
> So i think the problem comes from the attribute path on midpoint (the 
> extended one):
>
> Has anyone already tried to use an extended attribute in the first 
> correlation path?
>
> Could you help me?
>
> Thank you and regards,
>
> *Andrea Picconi*
>
> /IAM (Identity Access Management)/
>
> Innovery
> Skype: precons
> T: +39 06 51963439 (int. 196)
>
> Strada Quattro Palazzina A6 c/o Centro Direzionale Milanofiori, 20057 
> Assago (MI).
> www.innovery.net <http://www.innovery.net/> |  T: +39 06 519 63 439
>
>
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> https://lists.evolveum.com/mailman/listinfo/midpoint
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20200923/c3ad2299/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image002.png
Type: image/png
Size: 15140 bytes
Desc: not available
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20200923/c3ad2299/attachment.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image003.png
Type: image/png
Size: 1993 bytes
Desc: not available
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20200923/c3ad2299/attachment-0001.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image005.jpg
Type: image/jpeg
Size: 3937 bytes
Desc: not available
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20200923/c3ad2299/attachment.jpg>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image007.png
Type: image/png
Size: 9128 bytes
Desc: not available
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20200923/c3ad2299/attachment-0002.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image008.png
Type: image/png
Size: 4210 bytes
Desc: not available
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20200923/c3ad2299/attachment-0003.png>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image010.png
Type: image/png
Size: 8050 bytes
Desc: not available
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20200923/c3ad2299/attachment-0004.png>

More information about the midPoint mailing list