<html>
<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div class="moz-cite-prefix">Hello Jason,<br>
<br>
mapping strength influences how the mapping is applied, either
during normal operation or during reconciliation.<br>
I'm sure you have already seen this: <a
href="https://wiki.evolveum.com/display/midPoint/Mapping#Mapping-MappingStrength">https://wiki.evolveum.com/display/midPoint/Mapping#Mapping-MappingStrength</a><br>
<br>
In your case, I assume the outbound mapping for password is
specified with strength of "normal" (the default) or "weak".<br>
According to the documentation, both are used if the target
attribute does not have any value.<br>
<br>
So far so good. But in AD the password always has no value,
because the AD clients are not allowed to retrieve it (for obvious
reasons).<br>
So I'm almost sure that the AD password would get overwritten by
the one stored in the repository.<br>
<br>
This is what the theory says. Maybe Ivan (or anyone with practical
experiences in this respect) would correct me.<br>
<br>
Back to your case; it is possible to enable/disable a mapping for
example depending on a channel that caused the mapping to fire.<br>
See the <channel> element directly under <mapping>. In
your case, you could try to include a limitation to LiveSync
channel, with<br>
an assumption that changes from your CSV file would come through
LiveSync. But please try in the test environment before<br>
using this advice :)<br>
<br>
Best regards and nice weekend!<br>
Pavol<br>
<br>
<br>
On 3. 7. 2015 21:06, Jason Everling wrote:<br>
</div>
<blockquote
cite="mid:CAFkZXY5PYgTidoUtgrV=eZ0HGVMUrptXJqa67vq-y=C1rbbs+Q@mail.gmail.com"
type="cite">
<div dir="ltr">I just wanted to confirm, before I un-comment
outbound credentials for my AD resource,
<div><br>
</div>
<div>The only time a password is sent outbound is when the
password in midPoint is changed correct?</div>
<div><br>
</div>
<div>I need to run a reconcile against AD after making a few
changes but I wanted to make sure that this will not send out
passwords for all users? I am correct in assuming not?</div>
<div><br>
</div>
<div>Users in midPoint will authenticate via CAS, the outbound
password mapping is for when a user is created from CSV and a
password is generated.</div>
<div><br>
</div>
<div>JASON</div>
</div>
<br>
<font size="2"><br>
<br>
CONFIDENTIALITY NOTICE:<br>
This e-mail together with any attachments is proprietary and
confidential; intended for only the recipient(s) named above and
may contain information that is privileged. You should not
retain, copy or use this e-mail or any attachments for any
purpose, or disclose all or any part of the contents to any
person. Any views or opinions expressed in this e-mail are those
of the author and do not represent those of the Baptist School
of Health Professions. If you have received this e-mail in
error, or are not the named recipient(s), you are hereby
notified that any review, dissemination, distribution or copying
of this communication is prohibited by the sender and to do so
might constitute a violation of the Electronic Communications
Privacy Act, 18 U.S.C. section 2510-2521. Please immediately
notify the sender and delete this e-mail and any attachments
from your computer. </font><br>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
midPoint mailing list
<a class="moz-txt-link-abbreviated" href="mailto:midPoint@lists.evolveum.com">midPoint@lists.evolveum.com</a>
<a class="moz-txt-link-freetext" href="http://lists.evolveum.com/mailman/listinfo/midpoint">http://lists.evolveum.com/mailman/listinfo/midpoint</a>
</pre>
</blockquote>
<br>
</body>
</html>