<html>
  <head>
    <meta content="text/html; charset=utf-8" http-equiv="Content-Type">
  </head>
  <body bgcolor="#FFFFFF" text="#000000">
    Hi Jason,<br>
    <br>
    it seems you've hit a bug. I've replicated it on midPoint master.<br>
    <br>
    The issue is now being investigated by our developers in order to
    fix it. I will drop a message to the list when it's resolved.<br>
    <br>
    Regards,<br>
    Ivan<br>
    <br>
    <div class="moz-cite-prefix">On 11/05/2014 03:13 PM, Jason Everling
      wrote:<br>
    </div>
    <blockquote
cite="mid:CAFkZXY41P8Soe4MLk2jEK_vvTUieJbcNYx8su8BsgyT-xW-AKQ@mail.gmail.com"
      type="cite">
      <div dir="ltr">So the role that gets assigned is nothing special,
        I just created a new role in the GUI and added the inducement
        for AD Resource. Eventually I will change the permissions on the
        roles to match what they need to be in production.
        <div><br>
        </div>
        <div>I attached the AD Resource and AD User Template,</div>
        <div><br>
        </div>
        <div>JASON</div>
      </div>
      <div class="gmail_extra"><br>
        <div class="gmail_quote">On Wed, Nov 5, 2014 at 3:17 AM, Ivan
          Noris <span dir="ltr"><<a moz-do-not-send="true"
              href="mailto:Ivan.Noris@evolveum.com" target="_blank">Ivan.Noris@evolveum.com</a>></span>
          wrote:<br>
          <blockquote class="gmail_quote" style="margin:0 0 0
            .8ex;border-left:1px #ccc solid;padding-left:1ex">
            <div>
              <div style="font-family:times new roman,new
                york,times,serif;font-size:12pt;color:#000000">
                <div>Hi Jason,<br>
                </div>
                <div><br>
                </div>
                <div>yes I think it's somehow depending on the fact that
                  you are generating username.<br>
                </div>
                <div><br>
                </div>
                <div>Can you please share details how AD accounts are
                  constructed from the midpoint's username? What
                  attributes are depending on user/name? DN?
                  sAMAccountName? ... ?<br>
                </div>
                <div>Also, could you send the role definition? I have
                  some conditional roles that are assigned to user, but
                  don't do anything if the condition is false. Which
                  resembles your situation...<br>
                </div>
                <div><br>
                </div>
                <div>BTW it's really strange for me so far. I'd expect
                  at least some exception...<br>
                </div>
                <div><br>
                </div>
                <div>Thanks,<br>
                </div>
                <div>regards,<br>
                </div>
                <div>Ivan<br>
                </div>
                <div><br>
                </div>
                <hr>
                <blockquote style="border-left:2px solid
#1010ff;margin-left:5px;padding-left:5px;color:#000;font-weight:normal;font-style:normal;text-decoration:none;font-family:Helvetica,Arial,sans-serif;font-size:12pt"><span
                    class=""><b>From: </b>"Jason Everling" <<a
                      moz-do-not-send="true"
                      href="mailto:jeverling@bshp.edu">jeverling@bshp.edu</a>><br>
                    <b>To: </b>"midPoint General Discussion" <<a
                      moz-do-not-send="true"
                      href="mailto:midpoint@lists.evolveum.com">midpoint@lists.evolveum.com</a>><br>
                  </span><b>Sent: </b>Tuesday, November 4, 2014 5:19:31
                  PM<br>
                  <b>Subject: </b>Re: [midPoint] Account Creation, Not
                  Being created in AD
                  <div>
                    <div class="h5"><br>
                      <div><br>
                      </div>
                      <div dir="ltr">So yes, those are from today but
                        instead of digging through to yesterday I just
                        added a new line to the CSV feed, so new
                        firstname,lastname, employeeID so that it would
                        create a new account.
                        <div><br>
                        </div>
                        <div>I actually added 3 new lines to the CSV and
                          all 3 get created in Midpoint, Role Assigned
                          with AD inducement, and Org Assigned, the AD
                          account never gets created though until I
                          modify the account in Midpoint.</div>
                        <div><br>
                        </div>
                        <div>That is the only log entry I get when the
                          CSV feed is updated and new account is created
                          in Midpoint,</div>
                        <div><br>
                        </div>
                        <div>Using Midpoint 3.0</div>
                        <div><br>
                        </div>
                        <div>
                          <div>
                            <div>
                              <table>
                                <tbody>
                                  <tr>
                                    <td>Version</td>
                                    <td>3.0</td>
                                  </tr>
                                  <tr>
                                    <td>Git describe</td>
                                    <td>git-v3.0</td>
                                  </tr>
                                </tbody>
                              </table>
                              <br>
                            </div>
                            <div>If I remove the username generation and
                              add a username attribute to the CSV feed
                              it works as expected, this is just when
                              generating the username, is it maybe
                              because the role is getting assigned
                              before Midpoint has time to generate the
                              username and such?</div>
                            <div><br>
                            </div>
                            <div>Jason</div>
                          </div>
                        </div>
                      </div>
                      <div class="gmail_extra"><br>
                        <div class="gmail_quote">On Tue, Nov 4, 2014 at
                          9:57 AM, Ivan Noris <span dir="ltr"><<a
                              moz-do-not-send="true"
                              href="mailto:ivan.noris@evolveum.com"
                              target="_blank">ivan.noris@evolveum.com</a>></span>
                          wrote:<br>
                          <blockquote class="gmail_quote"
                            style="margin:0 0 0 .8ex;border-left:1px
                            #ccc solid;padding-left:1ex">
                            <div> Hi Jason,<br>
                              <br>
                              just to be sure: these error messages have
                              timestamp from today; but you've reported
                              your problem to the list yesterday.<br>
                              <br>
                              Could you please:<br>
                              <br>
                              1) double check that the log is the
                              correct one / or find the (supposed) error
                              messages in previously rotated log (stored
                              in the same directory as idm.log, but the
                              name derived from the date..)<br>
                              2) replicate the issue and send current
                              idm.log fragment<br>
                              <br>
                              The messages referenced here are ok = we
                              don't see anything yet.<br>
                              <br>
                              Also please, what version of midPoint are
                              you using..?<br>
                              <br>
                              Thanks,<br>
                              regards,<br>
                              Ivan
                              <div>
                                <div><br>
                                  <br>
                                  <div>On 11/04/2014 03:25 PM, Jason
                                    Everling wrote:<br>
                                  </div>
                                  <blockquote>
                                    <div dir="ltr">I added a new line to
                                      the CSV so it could create a new
                                      user, it gets created in Midpoint
                                      and the role and org assigned, the
                                      only item in the log that stands
                                      out is,
                                      <div><br>
                                      </div>
                                      <div>2014-11-04 08:22:11,914
                                        [PROVISIONING]
                                        [midPointScheduler_Worker-2]
                                        WARN
                                        (com.evolveum.midpoint.provisioning.impl.ResourceObjectConverter):
                                        The resource: SonisWeb-Generate
                                        (OID:af2bc95b-76e0-48e2-86d6-3d4f02d3fafa)
                                        does not provide definition for
                                        null value of simulated
                                        activation attribute<br>
                                      </div>
                                      <div><br>
                                      </div>
                                      <div>There is no other errors
                                        besides that,</div>
                                      <div><br>
                                      </div>
                                      <div>
                                        <div>2014-11-04 08:09:00,859
                                          [REPOSITORY]
                                          [midPointScheduler_Worker-6]
                                          INFO
                                          (org.hibernate.engine.jdbc.batch.internal.AbstractBatchImpl):
                                          HHH000010: On release of batch
                                          it still contained JDBC
                                          statements</div>
                                        <div>2014-11-04 08:09:29,824
                                          [REPOSITORY]
                                          [midPointScheduler_Worker-3]
                                          INFO
                                          (org.hibernate.engine.jdbc.batch.internal.AbstractBatchImpl):
                                          HHH000010: On release of batch
                                          it still contained JDBC
                                          statements</div>
                                        <div>2014-11-04 08:12:20,134
                                          [REPOSITORY]
                                          [midPointScheduler_Worker-3]
                                          INFO
                                          (org.hibernate.engine.jdbc.batch.internal.AbstractBatchImpl):
                                          HHH000010: On release of batch
                                          it still contained JDBC
                                          statements</div>
                                        <div>2014-11-04 08:12:20,247
                                          [REPOSITORY]
                                          [midPointScheduler_Worker-9]
                                          INFO
                                          (org.hibernate.engine.jdbc.batch.internal.AbstractBatchImpl):
                                          HHH000010: On release of batch
                                          it still contained JDBC
                                          statements</div>
                                        <div>2014-11-04 08:14:00,397
                                          [REPOSITORY]
                                          [midPointScheduler_Worker-9]
                                          INFO
                                          (org.hibernate.engine.jdbc.batch.internal.AbstractBatchImpl):
                                          HHH000010: On release of batch
                                          it still contained JDBC
                                          statements</div>
                                        <div>2014-11-04 08:22:00,465
                                          [REPOSITORY]
                                          [midPointScheduler_Worker-3]
                                          INFO
                                          (org.hibernate.engine.jdbc.batch.internal.AbstractBatchImpl):
                                          HHH000010: On release of batch
                                          it still contained JDBC
                                          statements</div>
                                        <div>2014-11-04 08:22:06,150
                                          [REPOSITORY]
                                          [midPointScheduler_Worker-2]
                                          INFO
                                          (org.hibernate.engine.jdbc.batch.internal.AbstractBatchImpl):
                                          HHH000010: On release of batch
                                          it still contained JDBC
                                          statements</div>
                                        <div>2014-11-04 08:22:06,271
                                          [REPOSITORY]
                                          [midPointScheduler_Worker-2]
                                          INFO
                                          (org.hibernate.engine.jdbc.batch.internal.AbstractBatchImpl):
                                          HHH000010: On release of batch
                                          it still contained JDBC
                                          statements</div>
                                        <div>2014-11-04 08:22:11,914
                                          [PROVISIONING]
                                          [midPointScheduler_Worker-2]
                                          WARN
                                          (com.evolveum.midpoint.provisioning.impl.ResourceObjectConverter):
                                          The resource:
                                          SonisWeb-Generate
                                          (OID:af2bc95b-76e0-48e2-86d6-3d4f02d3fafa)
                                          does not provide definition
                                          for null value of simulated
                                          activation attribute</div>
                                      </div>
                                    </div>
                                    <div class="gmail_extra"><br>
                                      <div class="gmail_quote">On Tue,
                                        Nov 4, 2014 at 1:17 AM, Ivan
                                        Noris <span dir="ltr"><<a
                                            moz-do-not-send="true"
                                            href="mailto:Ivan.Noris@evolveum.com"
                                            target="_blank">Ivan.Noris@evolveum.com</a>></span>
                                        wrote:<br>
                                        <blockquote class="gmail_quote"
                                          style="margin:0 0 0
                                          .8ex;border-left:1px #ccc
                                          solid;padding-left:1ex">
                                          <div>
                                            <div
                                              style="font-family:times
                                              new roman,new
                                              york,times,serif;font-size:12pt;color:#000000">
                                              <div>Jason,<br>
                                              </div>
                                              <div><br>
                                              </div>
                                              <div>could you please
                                                check error messages
                                                from idm.log from the
                                                time of the supposed
                                                creation?<br>
                                              </div>
                                              <div><br>
                                              </div>
                                              <div>Thanks,<br>
                                              </div>
                                              <div>Ivan<br>
                                              </div>
                                              <div><br>
                                              </div>
                                              <hr>
                                              <blockquote
                                                style="border-left:2px
                                                solid
#1010ff;margin-left:5px;padding-left:5px;color:#000;font-weight:normal;font-style:normal;text-decoration:none;font-family:Helvetica,Arial,sans-serif;font-size:12pt"><b>From:

                                                </b>"Jason Everling"
                                                <<a
                                                  moz-do-not-send="true"
href="mailto:jeverling@bshp.edu" target="_blank">jeverling@bshp.edu</a>><br>
                                                <b>To: </b>"midPoint
                                                General Discussion" <<a
                                                  moz-do-not-send="true"
href="mailto:midpoint@lists.evolveum.com" target="_blank">midpoint@lists.evolveum.com</a>><br>
                                                <b>Sent: </b>Monday,
                                                November 3, 2014
                                                11:50:06 PM<br>
                                                <b>Subject: </b>[midPoint]
                                                Account Creation, Not
                                                Being created in AD
                                                <div>
                                                  <div><br>
                                                    <div><br>
                                                    </div>
                                                    <div dir="ltr">So my
                                                      director wanted to
                                                      see it fully
                                                      automated so all I
                                                      basically had to
                                                      do was modify the
                                                      CSV resource to
                                                      generate the
                                                      usernames and
                                                      email addresses,
                                                      done, this works.
                                                      <div><br>
                                                      </div>
                                                      <div>The account
                                                        gets created in
                                                        Midpoint from
                                                        the CSV, gets an
                                                        Org assigned and
                                                        gets a Role
                                                        assigned. The
                                                        role has an
                                                        inducement for
                                                        active directory
                                                        but even though
                                                        the account gets
                                                        the role
                                                        assigned an
                                                        account in AD
                                                        does not get
                                                        created. Now if
                                                        I modify the
                                                        user in
                                                        midpoint, lets
                                                        say just change
                                                        a letter in the
                                                        personal email
                                                        address field
                                                        the AD account
                                                        creation kicks
                                                        off.</div>
                                                      <div><br>
                                                      </div>
                                                      <div>I cannot seem
                                                        to figure out
                                                        why the AD
                                                        account does not
                                                        get created even
                                                        though it gets
                                                        the role
                                                        assigned and
                                                        before I changed
                                                        it to create the
                                                        usernames it was
                                                        creating those
                                                        accounts in AD.</div>
                                                      <div><br>
                                                      </div>
                                                      <div>I attached
                                                        the CSV Resource
                                                        and the CSV
                                                        Template that is
                                                        being used,</div>
                                                      <div><br>
                                                      </div>
                                                      <div>Thanks,</div>
                                                      <div>JASON</div>
                                                      <div><br>
                                                      </div>
                                                      <div><br>
                                                      </div>
                                                    </div>
                                                    <br>
                                                    <span
                                                      style="font-size:small"><span
style="font-size:small"><br>
                                                      </span></span>
                                                    <div><br>
                                                    </div>
                                                  </div>
                                                </div>
                                                <span
                                                  style="font-size:small">CONFIDENTIALITY

                                                  NOTICE:<br>
                                                  This e-mail together
                                                  with any attachments
                                                  is proprietary and
                                                  confidential; intended
                                                  for only the
                                                  recipient(s) named
                                                  above and may contain
                                                  information that is
                                                  privileged. You should
                                                  not retain, copy or
                                                  use this e-mail or any
                                                  attachments for any
                                                  purpose, or disclose
                                                  all or any part of the
                                                  contents to any
                                                  person. Any views or
                                                  opinions expressed in
                                                  this e-mail are those
                                                  of the author and do
                                                  not represent those of
                                                  the Baptist School of
                                                  Health Professions. If
                                                  you have received this
                                                  e-mail in error, or
                                                  are not the named
                                                  recipient(s), you are
                                                  hereby notified that
                                                  any review,
                                                  dissemination,
                                                  distribution or
                                                  copying of this
                                                  communication is
                                                  prohibited by the
                                                  sender and to do so
                                                  might constitute a
                                                  violation of the
                                                  Electronic
                                                  Communications Privacy
                                                  Act, 18 U.S.C. section
                                                  2510-2521. Please
                                                  immediately notify the
                                                  sender and delete this
                                                  e-mail and any
                                                  attachments from your
                                                  computer. </span><br>
                                                <div><br>
                                                </div>
_______________________________________________<br>
                                                midPoint mailing list<br>
                                                <a
                                                  moz-do-not-send="true"
href="mailto:midPoint@lists.evolveum.com" target="_blank">midPoint@lists.evolveum.com</a><br>
                                                <a
                                                  moz-do-not-send="true"
href="http://lists.evolveum.com/mailman/listinfo/midpoint"
                                                  target="_blank">http://lists.evolveum.com/mailman/listinfo/midpoint</a><span><span
style="color:#888888" color="#888888"><br>
                                                  </span></span></blockquote>
                                              <span><span
                                                  style="color:#888888"
                                                  color="#888888">
                                                  <div><br>
                                                    <br>
                                                  </div>
                                                  <div><br>
                                                  </div>
                                                  <div>-- <br>
                                                  </div>
                                                  <div><span></span>  Ing.
                                                    Ivan Noris<br>
                                                      Senior Identity
                                                    Management Engineer<br>
                                                      <a
                                                      moz-do-not-send="true"
href="http://evolveum.com" target="_blank">evolveum.com</a><br>
  ___________________________________________<br>
                                                               "Idem per
                                                    idem - semper idem
                                                    Vix."<span></span><br>
                                                  </div>
                                                </span></span></div>
                                          </div>
                                          <br>
_______________________________________________<br>
                                          midPoint mailing list<br>
                                          <a moz-do-not-send="true"
                                            href="mailto:midPoint@lists.evolveum.com"
                                            target="_blank">midPoint@lists.evolveum.com</a><br>
                                          <a moz-do-not-send="true"
                                            href="http://lists.evolveum.com/mailman/listinfo/midpoint"
                                            target="_blank">http://lists.evolveum.com/mailman/listinfo/midpoint</a><br>
                                          <br>
                                        </blockquote>
                                      </div>
                                      <br>
                                    </div>
                                    <br>
                                    <span><br>
                                      <br>
                                      CONFIDENTIALITY NOTICE:<br>
                                      This e-mail together with any
                                      attachments is proprietary and
                                      confidential; intended for only
                                      the recipient(s) named above and
                                      may contain information that is
                                      privileged. You should not retain,
                                      copy or use this e-mail or any
                                      attachments for any purpose, or
                                      disclose all or any part of the
                                      contents to any person. Any views
                                      or opinions expressed in this
                                      e-mail are those of the author and
                                      do not represent those of the
                                      Baptist School of Health
                                      Professions. If you have received
                                      this e-mail in error, or are not
                                      the named recipient(s), you are
                                      hereby notified that any review,
                                      dissemination, distribution or
                                      copying of this communication is
                                      prohibited by the sender and to do
                                      so might constitute a violation of
                                      the Electronic Communications
                                      Privacy Act, 18 U.S.C. section
                                      2510-2521. Please immediately
                                      notify the sender and delete this
                                      e-mail and any attachments from
                                      your computer. </span><br>
                                    <br>
                                    <fieldset></fieldset>
                                    <br>
                                    <pre>_______________________________________________
midPoint mailing list
<a moz-do-not-send="true" href="mailto:midPoint@lists.evolveum.com" target="_blank">midPoint@lists.evolveum.com</a>
<a moz-do-not-send="true" href="http://lists.evolveum.com/mailman/listinfo/midpoint" target="_blank">http://lists.evolveum.com/mailman/listinfo/midpoint</a>
</pre>
                                  </blockquote>
                                  <br>
                                  <pre>-- 
  Ing. Ivan Noris
  Senior Identity Management Engineer
  <a moz-do-not-send="true" href="http://evolveum.com" target="_blank">evolveum.com</a>
  ___________________________________________
           "Idem per idem - semper idem Vix."
</pre>
                                </div>
                              </div>
                            </div>
                            <br>
_______________________________________________<br>
                            midPoint mailing list<br>
                            <a moz-do-not-send="true"
                              href="mailto:midPoint@lists.evolveum.com"
                              target="_blank">midPoint@lists.evolveum.com</a><br>
                            <a moz-do-not-send="true"
                              href="http://lists.evolveum.com/mailman/listinfo/midpoint"
                              target="_blank">http://lists.evolveum.com/mailman/listinfo/midpoint</a><br>
                            <br>
                          </blockquote>
                        </div>
                        <br>
                      </div>
                      <br>
                      <span style="font-size:small" size="2"><br>
                        <div><br>
                        </div>
                        CONFIDENTIALITY NOTICE:<br>
                        This e-mail together with any attachments is
                        proprietary and confidential; intended for only
                        the recipient(s) named above and may contain
                        information that is privileged. You should not
                        retain, copy or use this e-mail or any
                        attachments for any purpose, or disclose all or
                        any part of the contents to any person. Any
                        views or opinions expressed in this e-mail are
                        those of the author and do not represent those
                        of the Baptist School of Health Professions. If
                        you have received this e-mail in error, or are
                        not the named recipient(s), you are hereby
                        notified that any review, dissemination,
                        distribution or copying of this communication is
                        prohibited by the sender and to do so might
                        constitute a violation of the Electronic
                        Communications Privacy Act, 18 U.S.C. section
                        2510-2521. Please immediately notify the sender
                        and delete this e-mail and any attachments from
                        your computer. </span><br>
                      <div><br>
                      </div>
                      _______________________________________________<br>
                      midPoint mailing list<br>
                      <a moz-do-not-send="true"
                        href="mailto:midPoint@lists.evolveum.com">midPoint@lists.evolveum.com</a><br>
                      <a moz-do-not-send="true"
                        href="http://lists.evolveum.com/mailman/listinfo/midpoint">http://lists.evolveum.com/mailman/listinfo/midpoint</a><br>
                    </div>
                  </div>
                </blockquote>
                <div>
                  <div class="h5">
                    <div><br>
                      <br>
                    </div>
                    <div><br>
                    </div>
                    <div>-- <br>
                    </div>
                    <div><span name="x"></span>  Ing. Ivan Noris<br>
                        Senior Identity Management Engineer<br>
                        <a moz-do-not-send="true"
                        href="http://evolveum.com">evolveum.com</a><br>
                        ___________________________________________<br>
                                 "Idem per idem - semper idem Vix."<span
                        name="x"></span><br>
                    </div>
                  </div>
                </div>
              </div>
            </div>
            <br>
            _______________________________________________<br>
            midPoint mailing list<br>
            <a moz-do-not-send="true"
              href="mailto:midPoint@lists.evolveum.com">midPoint@lists.evolveum.com</a><br>
            <a moz-do-not-send="true"
              href="http://lists.evolveum.com/mailman/listinfo/midpoint">http://lists.evolveum.com/mailman/listinfo/midpoint</a><br>
            <br>
          </blockquote>
        </div>
        <br>
      </div>
      <br>
      <font size="2"><br>
        <br>
        CONFIDENTIALITY NOTICE:<br>
        This e-mail together with any attachments is proprietary and
        confidential; intended for only the recipient(s) named above and
        may contain information that is privileged. You should not
        retain, copy or use this e-mail or any attachments for any
        purpose, or disclose all or any part of the contents to any
        person. Any views or opinions expressed in this e-mail are those
        of the author and do not represent those of the Baptist School
        of Health Professions. If you have received this e-mail in
        error, or are not the named recipient(s), you are hereby
        notified that any review, dissemination, distribution or copying
        of this communication is prohibited by the sender and to do so
        might constitute a violation of the Electronic Communications
        Privacy Act, 18 U.S.C. section 2510-2521. Please immediately
        notify the sender and delete this e-mail and any attachments
        from your computer. </font><br>
      <br>
      <fieldset class="mimeAttachmentHeader"></fieldset>
      <br>
      <pre wrap="">_______________________________________________
midPoint mailing list
<a class="moz-txt-link-abbreviated" href="mailto:midPoint@lists.evolveum.com">midPoint@lists.evolveum.com</a>
<a class="moz-txt-link-freetext" href="http://lists.evolveum.com/mailman/listinfo/midpoint">http://lists.evolveum.com/mailman/listinfo/midpoint</a>
</pre>
    </blockquote>
    <br>
    <pre class="moz-signature" cols="72">-- 
  Ing. Ivan Noris
  Senior Identity Management Engineer
  evolveum.com
  ___________________________________________
           "Idem per idem - semper idem Vix."
</pre>
  </body>
</html>