[midPoint] Synchronizating roles between a database table and midPoint
Marc Fueller
marc.fueller at daasi.de
Thu Feb 10 16:46:51 CET 2022
Hi,
please check you correlation. In the path-Tag you need to refer to an
attribute of the projection/account, not to an attribute of the focus
object.
You could try this:
<correlation> <q:equal xmlns=""> <q:path>name</q:path> <expression> <path>$projection/attributes/ri:/TREL_CODIGO/</path> </expression> </q:equal> </correlation>
You also need to make sure that you are also mapping TREL_CODIGO to the
midPoint "name" property in the schema handling.
HTH
Marc
Am 10.02.22 um 14:14 schrieb Mercedes Oncina Deltell via midPoint:
>
> I have configured it as you wrote and I can see the entitlements from
> de resource in midPoint, but when I try to import them, I get the now
> familiar error:
>
> Message
> Could not import account
> shadow:b18c3e63-f2c5-461c-b6c0-27b91e0aa2bb(01)
>
> Error
> No object class found for the shadow
>
> My configuration is:
>
> /* <schemaHandling>*
> <objectType id="16">
> * <kind>entitlement</kind>**
> ** <intent>default</intent>**
> ** <default>true</default>**
> **<objectClass>ri:AccountObjectClass</objectClass>*
> <attribute id="17">
> <ref>icfs:uid</ref>
> <tolerant>true</tolerant>
> <inbound id="19">
> <authoritative>true</authoritative>
> <exclusive>false</exclusive>
> <strength>normal</strength>
> <target>
> <path>name</path>
> </target>
> </inbound>
> </attribute>
> <attribute id="18">
> <ref>ri:TREL_DESCRIPCION</ref>
> <tolerant>true</tolerant>
> <exclusiveStrong>false</exclusiveStrong>
> <inbound id="20">
> <authoritative>true</authoritative>
> <exclusive>false</exclusive>
> <strength>normal</strength>
> <target>
> <path>displayName</path>
> </target>
> </inbound>
> </attribute>
> </objectType>
> </schemaHandling>
> * <synchronization>*
> <objectSynchronization>
> <name>SynchroRoles</name>
> *<objectClass>AccountObjectClass</objectClass>**
> ** <kind>entitlement</kind>**
> ** <intent>default</intent>**
> **<focusType>c:RoleType</focusType>**
> ** <enabled>true</enabled>*
> * <correlation>*
> <q:equal xmlns="">
> <q:path>name</q:path>
> <expression xmlns="">
> <path>$focus/attributes/trel_codigo</path>
> </expression>
> </q:equal>
> <q:description>CheckUIDwithCODIGO</q:description>
> </correlation>
> <reconcile>false</reconcile>
> <reaction>
> <situation>deleted</situation>
> <synchronize>true</synchronize>
> <action>
> <handlerUri>http://midpoint.evolveum.com/xml/ns/public/model/action-3#unlink</handlerUri>
> </action>
> </reaction>
> <reaction>
> <situation>linked</situation>
> <synchronize>true</synchronize>
> <reconcile>false</reconcile>
> </reaction>
> <reaction>
> <situation>unlinked</situation>
> <synchronize>true</synchronize>
> <action>
> <handlerUri>http://midpoint.evolveum.com/xml/ns/public/model/action-3#link</handlerUri>
> </action>
> </reaction>
> <reaction>
> <situation>unmatched</situation>
> <synchronize>true</synchronize>
> <reconcile>false</reconcile>
> <action>
> <handlerUri>http://midpoint.evolveum.com/xml/ns/public/model/action-3#addFocus</handlerUri>
> </action>
> </reaction>
> </objectSynchronization>
> </synchronization>/
>
> The Oracle table is:
>
> /CREATE TABLE TIPO_RELACIONES
> (
> TREL_CODIGO VARCHAR2(2 BYTE),
> TREL_DESCRIPCION VARCHAR2(60 BYTE),
> TREL_UNIVERSITARIO VARCHAR2(1 BYTE),
> TREL_PRIORIDAD NUMBER(2),
> TREL_DURACION DATE,
> TREL_MESES NUMBER(4),
> TREL_TIPO_DURACION VARCHAR2(1 BYTE),
> TREL_VIGENTE VARCHAR2(1 BYTE),
> TREL_RESPONSABLE VARCHAR2(8 BYTE),
> TREL_TIPO_EMAIL VARCHAR2(1 BYTE),
> TREL_EXTERNO VARCHAR2(1 BYTE)
> )/
>
> I only want it for importing and synchronizing data into midPoint
> (inbound).
>
>
> El 10/02/2022 a las 12:00, midpoint-request at lists.evolveum.com escribió:
>> <schemaHandling> <objectType> <objectClass>ri:AccountObjectClass</objectClass> <default>true</default> <kind>*entitlement*</kind> <intent>default</intent> ...
>> <synchronization> <objectSynchronization> <objectClass>AccountObjectClass</objectClass> <kind>*entitlement*</kind> <intent>default</intent> <focusType>RoleType</focusType> <enabled>true</enabled>
>>
>> ...
> --
> Mercedes Oncina Deltell
> Servicio de Infraestructuras TICS
> ATICA - Universidad de Murcia
> Telf: +34 868881983
>
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> https://lists.evolveum.com/mailman/listinfo/midpoint
--
Marc Füller
Consultant
DAASI International GmbH
Europaplatz 3
D-72072 Tübingen
Germany
phone: +49 7071 407109-0
fax: +49 7071 407109-9
email:marc.fueller at daasi.de
web:www.daasi.de
Sitz der Gesellschaft: Tübingen
Registergericht: Amtsgericht Stuttgart, HRB 382175
Geschäftsleitung: Peter Gietz
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20220210/6cf285e3/attachment-0001.htm>
More information about the midPoint
mailing list