<div dir="ltr"><div>That could work. I'd still like to avoid creating several hundred resource definitions just for Unix, if I can avoid it. We've seen clients with that many individually controlled Unix systems in Production. However, since it's easy enough to script creating 400 resource definitions with the hostname configurations, the template model would definitely work for now.<br><br><br></div><div><br><br></div></div><div class="gmail_extra"><br><div class="gmail_quote">On Thu, Nov 19, 2015 at 1:22 PM, Radovan Semancik <span dir="ltr"><<a href="mailto:radovan.semancik@evolveum.com" target="_blank">radovan.semancik@evolveum.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000">
<div>I'm not sure what you mean by
"connector's connection-configuration info". If you mean connector
configuration parameters (the <connectorConfiguration> part)
then the answer is no. This is limited by the design of ConnId
(which is based on Sun Identity Connectors). Only primitive values
can be used there.<br>
<br>
So the multi-resource feature needs to be implemented inside
midPoint. What we plan if having something like "resource
templates" that can hold parameters common for all similar
resources. Then the actual resource definition will have just the
special parameters (hostname, admin password) and the generic
parameters and configurations will be taken from the template. See
<a href="https://jira.evolveum.com/browse/MID-1653" target="_blank">https://jira.evolveum.com/browse/MID-1653</a><span class=""><br>
<br>
<pre cols="72">--
Radovan Semancik
Software Architect
<a href="http://evolveum.com" target="_blank">evolveum.com</a>
</pre>
<br>
<br></span><div><div class="h5">
On 11/19/2015 07:17 PM, Devin Rosenbauer wrote:<br>
</div></div></div><div><div class="h5">
<blockquote type="cite">
<div dir="ltr">
<div>
<div>
<div>
<div>
<div>
<div>
<div>
<div>
<div>Is it possible to define a complex
configuration type for a connector's
connection-configuration info? Or is that
restricted to strings and other simple types?
If so, it would be easy enough to create a
nested connection info like this:<br>
<br>
<s:hosts><br>
</div>
<s:host name="whatever1"><br>
</div>
<s:details/><br>
</div>
</s:host><br>
</div>
<s:host name="whatever2"><br>
</div>
<s:details/><br>
</div>
</s:host><br>
</div>
</s:hosts><br>
<br>
</div>
And have the connector decide up which host info to use at an
ICF level.<br>
<br>
</div>
Problem then, of course, is that you're passing around dozens of
credentials with every connector call.<br>
</div>
<div class="gmail_extra"><br>
<div class="gmail_quote">On Thu, Nov 19, 2015 at 1:13 PM,
Radovan Semancik <span dir="ltr"><<a href="mailto:radovan.semancik@evolveum.com" target="_blank"></a><a href="mailto:radovan.semancik@evolveum.com" target="_blank">radovan.semancik@evolveum.com</a>></span>
wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div bgcolor="#FFFFFF" text="#000000">
<div>Hi,<br>
<br>
No, currently there is no easy way to do this. But you
are not the first one to request this and such a feature
is planned. All that is needed is that some midPoint
subscriber/contributor/sponzor explicitly requests it so
the priority of this feature is increased.<br>
<br>
<pre cols="72">--
Radovan Semancik
Software Architect
<a href="http://evolveum.com" target="_blank">evolveum.com</a>
</pre>
<div>
<div> <br>
<br>
On 11/19/2015 07:00 PM, Devin Rosenbauer wrote:<br>
</div>
</div>
</div>
<blockquote type="cite">
<div>
<div>
<div dir="ltr">
<div>
<div>I'm curious if there's a clean way to do
this in Midpoint. I have some ideas but don't
want to reinvent the wheel if this sort of
thing already exists.<br>
</div>
<br>
I've got a demo setup with ten different Unix
systems which are authenticated locally. I would
like to be able to provision an identical
account to any / all of this Unix systems
without creating ten identical connectors,
replicating configuration, etc. That's just
asking for misconfiguration disasters down the
line.<br>
</div>
<div><br>
</div>
Is there a good Midpoint-y way to do this? Is
there a good way to store the admin credentials
separately for each of the ten hosts without
making separate connectors?<br clear="all">
<div>
<div>
<div><br>
-- <br>
<div>
<div dir="ltr">Devin Rosenbauer<br>
Principal Consultant<br>
Identity Works LLC<br>
<a href="tel:%2B1%20585%20210%203201" value="+15852103201" target="_blank">+1
585 210 3201</a><br>
</div>
</div>
</div>
</div>
</div>
</div>
<br>
<fieldset></fieldset>
<br>
</div>
</div>
<pre>_______________________________________________
midPoint mailing list
<a href="mailto:midPoint@lists.evolveum.com" target="_blank">midPoint@lists.evolveum.com</a>
<a href="http://lists.evolveum.com/mailman/listinfo/midpoint" target="_blank">http://lists.evolveum.com/mailman/listinfo/midpoint</a>
</pre>
</blockquote>
<br>
<br>
</div>
<br>
_______________________________________________<br>
midPoint mailing list<br>
<a href="mailto:midPoint@lists.evolveum.com" target="_blank">midPoint@lists.evolveum.com</a><br>
<a href="http://lists.evolveum.com/mailman/listinfo/midpoint" rel="noreferrer" target="_blank">http://lists.evolveum.com/mailman/listinfo/midpoint</a><br>
<br>
</blockquote>
</div>
<br>
<br clear="all">
<br>
-- <br>
<div>
<div dir="ltr">Devin Rosenbauer<br>
Principal Consultant<br>
Identity Works LLC<br>
<a href="tel:%2B1%20585%20210%203201" value="+15852103201" target="_blank">+1 585 210 3201</a><br>
</div>
</div>
</div>
<br>
<fieldset></fieldset>
<br>
<pre>_______________________________________________
midPoint mailing list
<a href="mailto:midPoint@lists.evolveum.com" target="_blank">midPoint@lists.evolveum.com</a>
<a href="http://lists.evolveum.com/mailman/listinfo/midpoint" target="_blank">http://lists.evolveum.com/mailman/listinfo/midpoint</a>
</pre>
</blockquote>
<br>
<br>
</div></div></div>
<br>_______________________________________________<br>
midPoint mailing list<br>
<a href="mailto:midPoint@lists.evolveum.com">midPoint@lists.evolveum.com</a><br>
<a href="http://lists.evolveum.com/mailman/listinfo/midpoint" rel="noreferrer" target="_blank">http://lists.evolveum.com/mailman/listinfo/midpoint</a><br>
<br></blockquote></div><br><br clear="all"><br>-- <br><div class="gmail_signature"><div dir="ltr">Devin Rosenbauer<br>Principal Consultant<br>Identity Works LLC<br>+1 585 210 3201<br></div></div>
</div>