<html>
<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<p>Hi Saule,</p>
<p>is this "existing group" created by midPoint, or it was created
manually in Active Directory and you wish to put accounts there
using midPoint?</p>
<p>Regards,</p>
<p>Ivan<br>
</p>
<br>
<div class="moz-cite-prefix">On 10/07/2016 11:54 AM, Мамаева Сауле
Сериковна wrote:<br>
</div>
<blockquote
cite="mid:83137352867b493da2d28e26a2d58626@exch-02.ktg.kz"
type="cite">
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta name="Generator" content="Microsoft Word 14 (filtered
medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri","sans-serif";
mso-fareast-language:EN-US;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
span.EmailStyle17
{mso-style-type:personal;
font-family:"Calibri","sans-serif";
color:windowtext;}
span.EmailStyle18
{mso-style-type:personal-reply;
font-family:"Calibri","sans-serif";
color:#1F497D;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:612.0pt 792.0pt;
margin:2.0cm 42.5pt 2.0cm 3.0cm;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
<div class="WordSection1">
<p class="MsoNormal"><span
style="color:#1F497D;mso-fareast-language:RU" lang="EN-US">Hello,<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="color:#1F497D;mso-fareast-language:RU" lang="EN-US">I’m
trying to assign role to user that will add user as a member
to existing group in Active Directory. I created role with
inducement and add to resource schema handling object type
for my existing group in AD. But after assigning role to
user, my user will not become member of existing group in
Active Directory. What did I miss?<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="color:#1F497D;mso-fareast-language:RU" lang="EN-US">The
name of group in AD: free_mail_all<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="color:#1F497D;mso-fareast-language:RU" lang="EN-US">This
is inducement for my role:<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="color:#1F497D;mso-fareast-language:RU" lang="EN-US">
<inducement id="1"><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="color:#1F497D;mso-fareast-language:RU" lang="EN-US">
<construction><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="color:#1F497D;mso-fareast-language:RU" lang="EN-US">
<resourceRef oid="ef2bc95b-76e0-11e2-86d6-3d4f02d30001"
type="c:ResourceType"></resourceRef><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="color:#1F497D;mso-fareast-language:RU" lang="EN-US">
<kind>account</kind><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="color:#1F497D;mso-fareast-language:RU" lang="EN-US">
<intent>default</intent><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="color:#1F497D;mso-fareast-language:RU" lang="EN-US">
<association><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="color:#1F497D;mso-fareast-language:RU" lang="EN-US">
<c:ref>ri:group</c:ref><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="color:#1F497D;mso-fareast-language:RU" lang="EN-US">
<outbound><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="color:#1F497D;mso-fareast-language:RU" lang="EN-US">
<expression><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="color:#1F497D;mso-fareast-language:RU" lang="EN-US">
<associationFromLink><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="color:#1F497D;mso-fareast-language:RU" lang="EN-US">
<projectionDiscriminator><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="color:#1F497D;mso-fareast-language:RU" lang="EN-US">
<kind>entitlement</kind><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="color:#1F497D;mso-fareast-language:RU" lang="EN-US">
<intent>free_mail_all</intent><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="color:#1F497D;mso-fareast-language:RU" lang="EN-US">
</projectionDiscriminator><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="color:#1F497D;mso-fareast-language:RU" lang="EN-US">
</associationFromLink><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="color:#1F497D;mso-fareast-language:RU" lang="EN-US">
</expression><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="color:#1F497D;mso-fareast-language:RU" lang="EN-US">
</outbound><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="color:#1F497D;mso-fareast-language:RU" lang="EN-US">
</association><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="color:#1F497D;mso-fareast-language:RU" lang="EN-US">
</construction><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="color:#1F497D;mso-fareast-language:RU" lang="EN-US">
<order>1</order><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="color:#1F497D;mso-fareast-language:RU" lang="EN-US">
</inducement><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="color:#1F497D;mso-fareast-language:RU" lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span
style="color:#1F497D;mso-fareast-language:RU" lang="EN-US">This
is a new object type in my Resource schema handling:<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="color:#1F497D;mso-fareast-language:RU" lang="EN-US"><objectType><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="color:#1F497D;mso-fareast-language:RU" lang="EN-US">
<kind>entitlement</kind><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="color:#1F497D;mso-fareast-language:RU" lang="EN-US">
<intent>free_mail_all</intent><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="color:#1F497D;mso-fareast-language:RU" lang="EN-US">
<displayName>AD free_mail_all
Group</displayName><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="color:#1F497D;mso-fareast-language:RU" lang="EN-US">
<objectClass>ri:group</objectClass><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="color:#1F497D;mso-fareast-language:RU" lang="EN-US">
<attribute><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="color:#1F497D;mso-fareast-language:RU" lang="EN-US">
<c:ref>ri:dn</c:ref><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="color:#1F497D;mso-fareast-language:RU" lang="EN-US">
<matchingRule
xmlns:mr=<a class="moz-txt-link-rfc2396E" href="http://prism.evolveum.com/xml/ns/public/matching-rule-3">"http://prism.evolveum.com/xml/ns/public/matching-rule-3"</a>>mr:stringIgnoreCase</matchingRule><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="color:#1F497D;mso-fareast-language:RU" lang="EN-US">
<tolerant>true</tolerant><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="color:#1F497D;mso-fareast-language:RU" lang="EN-US">
<exclusiveStrong>false</exclusiveStrong><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="color:#1F497D;mso-fareast-language:RU" lang="EN-US">
<outbound><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="color:#1F497D;mso-fareast-language:RU" lang="EN-US">
<authoritative>false</authoritative><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="color:#1F497D;mso-fareast-language:RU" lang="EN-US">
<exclusive>false</exclusive><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="color:#1F497D;mso-fareast-language:RU" lang="EN-US">
<strength>normal</strength><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="color:#1F497D;mso-fareast-language:RU" lang="EN-US">
<expression><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="color:#1F497D;mso-fareast-language:RU" lang="EN-US">
<script><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="color:#1F497D;mso-fareast-language:RU" lang="EN-US">
<code><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="color:#1F497D;mso-fareast-language:RU" lang="EN-US">
'cn=Free_mail_all,ou=Groups,ou=City,DC=wso,DC=kz'<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="color:#1F497D;mso-fareast-language:RU" lang="EN-US">
</code><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="color:#1F497D;mso-fareast-language:RU" lang="EN-US">
</script><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="color:#1F497D;mso-fareast-language:RU" lang="EN-US">
</expression><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="color:#1F497D;mso-fareast-language:RU" lang="EN-US">
</outbound><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="color:#1F497D;mso-fareast-language:RU" lang="EN-US">
</attribute><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="color:#1F497D;mso-fareast-language:RU" lang="EN-US">
</objectType><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="color:#1F497D;mso-fareast-language:RU" lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span
style="color:#1F497D;mso-fareast-language:RU" lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span
style="color:#1F497D;mso-fareast-language:RU" lang="EN-US">This
is Association part for Account object in Resource xml:<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="color:#1F497D;mso-fareast-language:RU" lang="EN-US"><association><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="color:#1F497D;mso-fareast-language:RU" lang="EN-US">
<c:ref>ri:group</c:ref><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="color:#1F497D;mso-fareast-language:RU" lang="EN-US">
<displayName>AD Group Membership</displayName><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="color:#1F497D;mso-fareast-language:RU" lang="EN-US">
<kind>entitlement</kind><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="color:#1F497D;mso-fareast-language:RU" lang="EN-US">
<intent>group</intent><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="color:#1F497D;mso-fareast-language:RU" lang="EN-US">
<intent>free_mail_all</intent><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="color:#1F497D;mso-fareast-language:RU" lang="EN-US">
<direction>objectToSubject</direction><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="color:#1F497D;mso-fareast-language:RU" lang="EN-US">
<associationAttribute>ri:member</associationAttribute><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="color:#1F497D;mso-fareast-language:RU" lang="EN-US">
<valueAttribute>ri:dn</valueAttribute><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="color:#1F497D;mso-fareast-language:RU" lang="EN-US">
<shortcutAssociationAttribute>ri:memberOf</shortcutAssociationAttribute><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="color:#1F497D;mso-fareast-language:RU" lang="EN-US">
<shortcutValueAttribute>ri:dn</shortcutValueAttribute><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="color:#1F497D;mso-fareast-language:RU" lang="EN-US">
</association><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="color:#1F497D;mso-fareast-language:RU" lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span
style="color:#1F497D;mso-fareast-language:RU" lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span
style="color:#1F497D;mso-fareast-language:RU" lang="EN-US">Best
regards,<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="color:#1F497D;mso-fareast-language:RU" lang="EN-US">Saule
<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-family:"Times New
Roman","serif";mso-fareast-language:RU"
lang="EN-US"><a moz-do-not-send="true"
href="mailto:s.mamayeva@ktg.kz"><span
style="color:#0563C1">s.mamayeva@ktg.kz</span></a><o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
midPoint mailing list
<a class="moz-txt-link-abbreviated" href="mailto:midPoint@lists.evolveum.com">midPoint@lists.evolveum.com</a>
<a class="moz-txt-link-freetext" href="http://lists.evolveum.com/mailman/listinfo/midpoint">http://lists.evolveum.com/mailman/listinfo/midpoint</a>
</pre>
</blockquote>
<br>
<pre class="moz-signature" cols="72">--
Ivan Noris
Senior Identity Engineer
evolveum.com
</pre>
</body>
</html>