<div dir="ltr">Hello Ivan,<div><br></div><div>Thanks for your suggestion, it works now. But now I want to associate the entitlement to the account. I use the association example from midpoint GitHub:</div><div><br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left-width:1px;border-left-style:solid;border-left-color:rgb(204,204,204);padding-left:1ex"><association><br><span class="" style="white-space:pre"> </span><ref>ri:role_id</ref><br><span class="" style="white-space:pre"> </span><displayName>My Role</displayName><br><span class="" style="white-space:pre"> </span><kind>entitlement</kind><br><span class="" style="white-space:pre"> </span><intent>default</intent><br><span class="" style="white-space:pre"> </span><direction>objectToSubject</direction><br><span class="" style="white-space:pre"> </span><associationAttribute>icfs:uid</associationAttribute><br><span class="" style="white-space:pre"> </span><valueAttribute>ri:role_name</valueAttribute><br></association></blockquote><div> </div><div>But it causes an error, and my guess is because of the entitlements and accounts are in different resources. Is it possible to do the association with another resource? </div><div><br></div><div>Thanks</div><div class="gmail_extra"><br><div class="gmail_quote">2016-05-02 14:02 GMT+07:00 Ivan Noris <span dir="ltr"><<a href="mailto:ivan.noris@evolveum.com" target="_blank">ivan.noris@evolveum.com</a>></span>:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div text="#000000" bgcolor="#FFFFFF">
Hi Harits,<span class=""><br>
<br>
<div>On 05/02/2016 08:17 AM, Harits Elfahmi
wrote:<br>
</div>
<blockquote type="cite">
<div dir="ltr">Hello all,
<div><br>
</div>
<div>I'm trying to sync my role data from database table to
midpoint using the GUI. From the docs I get the impression
that the entitlements and accounts originated from single
resource, but since DatabaseTableConnector connect to a
certain table, I think I need to make another resource to
store entitlement data. What I don't get is:</div>
<div><br>
</div>
<div>- In Schema Handling what's the attribute I use in <b>target</b>?
Is it <b>$role/name</b>? I can't find the reference in the
docs</div>
</div>
</blockquote>
<br></span>
Instead of $user you would use $focus. (It would work for users as
well.)<span class=""><br>
<br>
<blockquote type="cite">
<div dir="ltr">
<div>- In Synchronization, what's the appropriate reaction? I
can't find <b>add role</b> reaction in the dropdown list</div>
</div>
</blockquote>
<br></span>
No, that's connected to the bug you discovered earlier. The proper
action is addFocus.<br>
<handlerUri><a href="http://midpoint.evolveum.com/xml/ns/public/model/action-3#addFocus" target="_blank">http://midpoint.evolveum.com/xml/ns/public/model/action-3#addFocus</a></handlerUri><br>
<br>
In order to synchronize resource objects to anything else than
users, the following must be added to synchronization settings (I
don't know if the wizard supports it):<br>
<br>
...<br>
<objectSynchronization><br>
<name>role sync</name><br>
<objectClass>ri:AccountObjectClass</objectClass><!--
DB Table connector supports only accounts --><br>
<kind>account</kind><br>
<intent>default</intent><br>
<focusType><b>c:RoleType</b></focusType><br>
<enabled>true</enabled><br>
<correlation><br>
...<br>
</correlation><br>
...<br>
<br>
This means that the object will be corelated with Roles, not Users
(which is default). In correlation expression you will search for
Roles and not Users. If the correlation expressions returns zero
results, unmatched situation will occur and action (e.g. addFocus)
will be executed. Everything is the same as for users. Just use
$focus instead of $user in the inbound mappings.<br>
<br>
See some of our Generic Synchronization samples such as
<a href="https://github.com/Evolveum/midpoint/blob/master/samples/resources/opendj/opendj-resource-genericsync.xml" target="_blank">https://github.com/Evolveum/midpoint/blob/master/samples/resources/opendj/opendj-resource-genericsync.xml</a>
(it's OpenDJ, not DB Table, but you will see the things I
mentioned).<br>
<br>
Also see
<a href="https://wiki.evolveum.com/display/midPoint/Generic+Synchronization" target="_blank">https://wiki.evolveum.com/display/midPoint/Generic+Synchronization</a><br>
<br>
Regards,<br>
Ivan<br>
<br>
<blockquote type="cite"><span class="">
<div dir="ltr">
<div><br>
</div>
<div>Is it possible to do this? Or do I need to manually add
roles to midpoint? Please help.</div>
<div><br>
</div>
<div>Thanks</div>
<div>
<div><br>
</div>
-- <br>
<div>
<div dir="ltr">
<div>
<div dir="ltr">
<div>Cheers,</div>
<div><b><br>
</b></div>
<div><b>Harits</b> Elfahmi</div>
</div>
</div>
</div>
</div>
</div>
</div>
<br>
<fieldset></fieldset>
<br>
</span><pre>_______________________________________________
midPoint mailing list
<a href="mailto:midPoint@lists.evolveum.com" target="_blank">midPoint@lists.evolveum.com</a>
<a href="http://lists.evolveum.com/mailman/listinfo/midpoint" target="_blank">http://lists.evolveum.com/mailman/listinfo/midpoint</a><span class="HOEnZb"><font color="#888888">
</font></span></pre><span class="HOEnZb"><font color="#888888">
</font></span></blockquote><span class="HOEnZb"><font color="#888888">
<br>
<pre cols="72">--
Ing. Ivan Noris
Senior Identity Management Engineer & IDM Architect
<a href="http://evolveum.com" target="_blank">evolveum.com</a> <a href="http://evolveum.com/blog/" target="_blank">evolveum.com/blog/</a>
___________________________________________________
"Semper ID(e)M Vix."
</pre>
</font></span></div>
<br>_______________________________________________<br>
midPoint mailing list<br>
<a href="mailto:midPoint@lists.evolveum.com">midPoint@lists.evolveum.com</a><br>
<a href="http://lists.evolveum.com/mailman/listinfo/midpoint" rel="noreferrer" target="_blank">http://lists.evolveum.com/mailman/listinfo/midpoint</a><br>
<br></blockquote></div><br><br clear="all"><div><br></div>-- <br><div class="gmail_signature"><div dir="ltr"><div><div dir="ltr"><div>Cheers,</div><div><b><br></b></div><div><b>Harits</b> Elfahmi</div></div></div></div></div>
</div></div>