<html><body><div style="font-family: times new roman, new york, times, serif; font-size: 12pt; color: #000000"><div>Hi Carlos,</div><div><br></div><div>as Oskar mentioned, there can be a case that some of the attributes are generated e.g. by using objectTemplate. But even if you don't use object template to generate values for attributes, there are some attributes which are added/generated by midPoint (e.g activation/effectiveStatus, activation/enableTimestamp, iteration, iterationToken and metadata for the user). You can either configure this attributes to be allowed (none of mentioned attributes are shown in GUI) or you can split authorizations to two different phases such as allow named fields for request phase and allow to create all attributes in execution phase. Bellow are examples for both cases:</div><div>1. List of allowed attributes to add/modify (without phase defined)</div><div><br></div><div><p style="margin: 0px;" data-mce-style="margin: 0px;"><role xmlns="http://midpoint.evolveum.com/xml/ns/public/common/common-3"<br> xmlns:q="http://prism.evolveum.com/xml/ns/public/query-3"<br> xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3"<br> xmlns:t="http://prism.evolveum.com/xml/ns/public/types-3"<br> xmlns:icfs="http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/resource-schema-3"<br> xmlns:ri="http://midpoint.evolveum.com/xml/ns/public/resource/instance-3"<br> oid="f076552f-b782-4e1d-86b5-1b02d9df6bfa"<br> version="47"><br>     <name>Allow create</name><br>     <description>Role authorizing a special user on creating another users</description><br>     <metadata><br>         <createTimestamp>2016-08-22T19:41:47.977-03:00</createTimestamp><br>         <createChannel>http://midpoint.evolveum.com/xml/ns/public/gui/channels-3#init</createChannel><br>     </metadata><br>     <activation><br>         <effectiveStatus>enabled</effectiveStatus><br>         <enableTimestamp>2016-08-22T19:41:47.782-03:00</enableTimestamp><br>     </activation><br>     <iteration>0</iteration><br>     <iterationToken/><br>     <authorization id="1"><br>         <name>Allow creation of users</name><br>         <description>Allow creation of users.</description><br>         <decision>allow</decision>    <br>         <action>http://midpoint.evolveum.com/xml/ns/public/security/authorization-ui-3#user</action><br>         <action>http://midpoint.evolveum.com/xml/ns/public/security/authorization-ui-3#users</action><br>     </authorization><br>     <authorization id="2"><br>         <action>http://midpoint.evolveum.com/xml/ns/public/security/authorization-model-3#add</action><br>         <object><br>             <type>UserType</type><br>         </object><br>         <c:item>name</c:item><br>         <c:item>givenName</c:item><br>         <c:item>familyName</c:item><br>         <c:item>fullName</c:item><br>         <c:item>employeeType</c:item><br>         <c:item>employeeNumber</c:item></p><p style="margin: 0px;" data-mce-style="margin: 0px;">        <strong><c:item>activation/effectiveStatus</c:item></strong><br><strong>         <c:item>metadata</c:item></strong><br><strong>         <c:item>iterationToken</c:item></strong><br><strong>         <c:item>iteration</c:item></strong><br><strong>         <c:item>activation/enableTimestamp</c:item></strong></p><p style="margin: 0px;" data-mce-style="margin: 0px;">    </authorization><br>     <roleType>system</roleType><br></role></p><p style="margin: 0px;" data-mce-style="margin: 0px;"><br></p><p style="margin: 0px;" data-mce-style="margin: 0px;">Unfortunatelly, while I was testing this setting, I found out that there is probably bug with processing authorizations for "containers". I created Jira issue for it <a href="https://jira.evolveum.com/browse/MID-3461" target="_blank" data-mce-href="https://jira.evolveum.com/browse/MID-3461">https://jira.evolveum.com/browse/MID-3461</a> . Temporal workaround for this bug is to allow the whole container - in your case you'll need to allow the whole activation (but I can understand that you probably don't want to show activation) <br></p><p style="margin: 0px;" data-mce-style="margin: 0px;"><br></p><p style="margin: 0px;" data-mce-style="margin: 0px;">2. Split request and response phase</p><p style="margin: 0px;" data-mce-style="margin: 0px;"><role xmlns="http://midpoint.evolveum.com/xml/ns/public/common/common-3"<br>xmlns:q="http://prism.evolveum.com/xml/ns/public/query-3"<br>xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3"<br>xmlns:t="http://prism.evolveum.com/xml/ns/public/types-3"<br>xmlns:icfs="http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/resource-schema-3"<br>xmlns:ri="http://midpoint.evolveum.com/xml/ns/public/resource/instance-3"<br>oid="f076552f-b782-4e1d-86b5-1b02d9df6bfa"<br>version="47"><br>    <name>Allow create</name><br>    <description>Role authorizing a special user on creating another users</description><br>    <metadata><br>        <createTimestamp>2016-08-22T19:41:47.977-03:00</createTimestamp><br>        <createChannel>http://midpoint.evolveum.com/xml/ns/public/gui/channels-3#init</createChannel><br>    </metadata><br>    <activation><br>        <effectiveStatus>enabled</effectiveStatus><br>        <enableTimestamp>2016-08-22T19:41:47.782-03:00</enableTimestamp><br>    </activation><br>    <iteration>0</iteration><br>    <iterationToken/><br>    <authorization id="1"><br>        <name>Allow creation of users</name><br>        <description>Allow creation of users.</description><br>        <decision>allow</decision>    <br>        <action>http://midpoint.evolveum.com/xml/ns/public/security/authorization-ui-3#user</action><br>        <action>http://midpoint.evolveum.com/xml/ns/public/security/authorization-ui-3#users</action><br>    </authorization><br>    <authorization id="2"></p><p style="margin: 0px;" data-mce-style="margin: 0px;">       <strong> <phase>request</phase></strong><br>        <action>http://midpoint.evolveum.com/xml/ns/public/security/authorization-model-3#add</action><br>        <object><br>            <type>UserType</type><br>        </object><br>        <c:item>name</c:item><br>        <c:item>givenName</c:item><br>        <c:item>familyName</c:item><br>        <c:item>fullName</c:item><br>        <c:item>employeeType</c:item><br>        <c:item>employeeNumber</c:item></p><p style="margin: 0px;" data-mce-style="margin: 0px;">    </authorization></p><p style="margin: 0px;" data-mce-style="margin: 0px;">    <authorization id="2"></p><p style="margin: 0px;" data-mce-style="margin: 0px;"><strong>        <phase>execution<span style="font-size: 12pt;" data-mce-style="font-size: 12pt;"></phase></span></strong></p><p style="margin: 0px;" data-mce-style="margin: 0px;">        <action>http://midpoint.evolveum.com/xml/ns/public/security/authorization-model-3#add</action><br>        <object><br>            <type>UserType</type><br>        </object><br></p><p style="margin: 0px;" data-mce-style="margin: 0px;">    </authorization></p><p style="margin: 0px;" data-mce-style="margin: 0px;"><br>    <roleType>system</roleType><br></role></p><p style="margin: 0px;" data-mce-style="margin: 0px;"><br></p><p style="margin: 0px;" data-mce-style="margin: 0px;"><br></p></div><div><span></span>Best regards,<br><div><br></div>Katarina Valalikova<br>Java Developer<br>evolveum.com<span></span><br></div><div><br></div><hr id="zwchr"><div style="color:#000;font-weight:normal;font-style:normal;text-decoration:none;font-family:Helvetica,Arial,sans-serif;font-size:12pt;" data-mce-style="color: #000; font-weight: normal; font-style: normal; text-decoration: none; font-family: Helvetica,Arial,sans-serif; font-size: 12pt;"><b>From: </b>"Oskar Butovič - AMI Praha a.s." <oskar.butovic@ami.cz><br><b>To: </b>"midPoint General Discussion" <midpoint@lists.evolveum.com><br><b>Sent: </b>Wednesday, October 12, 2016 10:20:48 AM<br><b>Subject: </b>Re: [midPoint] Assign role which allows creation of users<br><div><br></div><div dir="ltr">Hi Carlos,<div><br></div><div>if you generate some user attributes you have to allow their adding as well. At least in execution phase. Might that be the case?</div></div><div class="gmail_extra"><br><div class="gmail_quote">2016-10-11 21:22 GMT+02:00 Carlos Ferreira <span dir="ltr"><<a href="mailto:carlos18619@gmail.com" target="_blank" data-mce-href="mailto:carlos18619@gmail.com">carlos18619@gmail.com</a>></span>:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex" data-mce-style="margin: 0 0 0 .8ex; border-left: 1px #ccc solid; padding-left: 1ex;"><div dir="ltr">One thing else:<br><div><br></div><br><div>If the "xml" is as follows, all user attributes are shown and i CAN create the users (with no error messages):<br></div><div><span class=""><br><role xmlns="<a href="http://midpoint.evolveum.com/xml/ns/public/common/common-3" target="_blank" data-mce-href="http://midpoint.evolveum.com/xml/ns/public/common/common-3">http://midpoint.evolveum.com/xml/ns/public/common/common-3</a>"<br>      xmlns:q="<a href="http://prism.evolveum.com/xml/ns/public/query-3" target="_blank" data-mce-href="http://prism.evolveum.com/xml/ns/public/query-3">http://prism.evolveum.com/xml/ns/public/query-3</a>"<br>      xmlns:c="<a href="http://midpoint.evolveum.com/xml/ns/public/common/common-3" target="_blank" data-mce-href="http://midpoint.evolveum.com/xml/ns/public/common/common-3">http://midpoint.evolveum.com/xml/ns/public/common/common-3</a>"<br>      xmlns:t="<a href="http://prism.evolveum.com/xml/ns/public/types-3" target="_blank" data-mce-href="http://prism.evolveum.com/xml/ns/public/types-3">http://prism.evolveum.com/xml/ns/public/types-3</a>"<br>      xmlns:icfs="<a href="http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/resource-schema-3" target="_blank" data-mce-href="http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/resource-schema-3">http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/resource-schema-3</a>"<br>      xmlns:ri="<a href="http://midpoint.evolveum.com/xml/ns/public/resource/instance-3" target="_blank" data-mce-href="http://midpoint.evolveum.com/xml/ns/public/resource/instance-3">http://midpoint.evolveum.com/xml/ns/public/resource/instance-3</a>"<br>      oid="f076552f-b782-4e1d-86b5-1b02d9df6bfa"<br></span>      version="48"><br>   <name>Allow create</name><br>   <description>Role authorizing end users to log in, change their passwords and review assigned accounts.</description><span class=""><br>   <metadata><br>      <createTimestamp>2016-08-22T19:41:47.977-03:00</createTimestamp><br>      <createChannel><a href="http://midpoint.evolveum.com/xml/ns/public/gui/channels-3#init" target="_blank" data-mce-href="http://midpoint.evolveum.com/xml/ns/public/gui/channels-3#init">http://midpoint.evolveum.com/xml/ns/public/gui/channels-3#init</a></createChannel><br>   </metadata><br>   <activation><br>      <effectiveStatus>enabled</effectiveStatus><br>      <enableTimestamp>2016-08-22T19:41:47.782-03:00</enableTimestamp><br>   </activation><br>   <iteration>0</iteration><br>   <iterationToken/><br>   <authorization id="1"><br>      <name>Allow creation of users</name><br>      <description><br>            Allow creation of users.<br>        </description><br>      <decision>allow</decision><br>      <action><a href="http://midpoint.evolveum.com/xml/ns/public/security/authorization-ui-3#user" target="_blank" data-mce-href="http://midpoint.evolveum.com/xml/ns/public/security/authorization-ui-3#user">http://midpoint.evolveum.com/xml/ns/public/security/authorization-ui-3#user</a></action><br>      <action><a href="http://midpoint.evolveum.com/xml/ns/public/security/authorization-ui-3#users" target="_blank" data-mce-href="http://midpoint.evolveum.com/xml/ns/public/security/authorization-ui-3#users">http://midpoint.evolveum.com/xml/ns/public/security/authorization-ui-3#users</a></action><br>   </authorization><br>   <authorization id="2"><br>      <action><a href="http://midpoint.evolveum.com/xml/ns/public/security/authorization-model-3#add" target="_blank" data-mce-href="http://midpoint.evolveum.com/xml/ns/public/security/authorization-model-3#add">http://midpoint.evolveum.com/xml/ns/public/security/authorization-model-3#add</a></action><br></span><span class="">   </authorization><br>   <roleType>system</roleType><br></role><br></span></div></div><div class="HOEnZb"><div class="h5"><div class="gmail_extra"><br><div class="gmail_quote">2016-10-11 16:17 GMT-03:00 Carlos Ferreira <span dir="ltr"><<a href="mailto:carlos18619@gmail.com" target="_blank" data-mce-href="mailto:carlos18619@gmail.com">carlos18619@gmail.com</a>></span>:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex" data-mce-style="margin: 0 0 0 .8ex; border-left: 1px #ccc solid; padding-left: 1ex;"><div dir="ltr"><div>Hi,<br><div><br></div></div><div>My necessity is as follows:<br><div><br></div></div><div>1. I have a kind of 'special' user. I want to assign him a role to authorize the creation of another users (only this);<br></div><div>2. I do not want this user to access the other admin menu options (resources, roles, etc);<br></div><div>3. To accomplish that, I've create a role, which "xml" is as follows:<br></div><br><div><div><br><div><br></div><role xmlns="<a href="http://midpoint.evolveum.com/xml/ns/public/common/common-3" target="_blank" data-mce-href="http://midpoint.evolveum.com/xml/ns/public/common/common-3">http://midpoint.evolveum.com/xml/ns/public/common/common-3</a>"<br>      xmlns:q="<a href="http://prism.evolveum.com/xml/ns/public/query-3" target="_blank" data-mce-href="http://prism.evolveum.com/xml/ns/public/query-3">http://prism.evolveum.com/xml/ns/public/query-3</a>"<br>      xmlns:c="<a href="http://midpoint.evolveum.com/xml/ns/public/common/common-3" target="_blank" data-mce-href="http://midpoint.evolveum.com/xml/ns/public/common/common-3">http://midpoint.evolveum.com/xml/ns/public/common/common-3</a>"<br>      xmlns:t="<a href="http://prism.evolveum.com/xml/ns/public/types-3" target="_blank" data-mce-href="http://prism.evolveum.com/xml/ns/public/types-3">http://prism.evolveum.com/xml/ns/public/types-3</a>"<br>      xmlns:icfs="<a href="http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/resource-schema-3" target="_blank" data-mce-href="http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/resource-schema-3">http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/resource-schema-3</a>"<br>      xmlns:ri="<a href="http://midpoint.evolveum.com/xml/ns/public/resource/instance-3" target="_blank" data-mce-href="http://midpoint.evolveum.com/xml/ns/public/resource/instance-3">http://midpoint.evolveum.com/xml/ns/public/resource/instance-3</a>"<br>      oid="f076552f-b782-4e1d-86b5-1b02d9df6bfa"<br>      version="47"><br>   <name>Allow create</name><br>   <description>Role authorizing a special user on creating another users</description><br>   <metadata><br>      <createTimestamp>2016-08-22T19:41:47.977-03:00</createTimestamp><br>      <createChannel><a href="http://midpoint.evolveum.com/xml/ns/public/gui/channels-3#init" target="_blank" data-mce-href="http://midpoint.evolveum.com/xml/ns/public/gui/channels-3#init">http://midpoint.evolveum.com/xml/ns/public/gui/channels-3#init</a></createChannel><br>   </metadata><br>   <activation><br>      <effectiveStatus>enabled</effectiveStatus><br>      <enableTimestamp>2016-08-22T19:41:47.782-03:00</enableTimestamp><br>   </activation><br>   <iteration>0</iteration><br>   <iterationToken/><br>   <authorization id="1"><br>      <name>Allow creation of users</name><br>      <description><br>            Allow creation of users.<br>        </description><br>      <decision>allow</decision><br>      <action><a href="http://midpoint.evolveum.com/xml/ns/public/security/authorization-ui-3#user" target="_blank" data-mce-href="http://midpoint.evolveum.com/xml/ns/public/security/authorization-ui-3#user">http://midpoint.evolveum.com/xml/ns/public/security/authorization-ui-3#user</a></action><br>      <action><a href="http://midpoint.evolveum.com/xml/ns/public/security/authorization-ui-3#users" target="_blank" data-mce-href="http://midpoint.evolveum.com/xml/ns/public/security/authorization-ui-3#users">http://midpoint.evolveum.com/xml/ns/public/security/authorization-ui-3#users</a></action><br>   </authorization><br>   <authorization id="2"><br>      <action><a href="http://midpoint.evolveum.com/xml/ns/public/security/authorization-model-3#add" target="_blank" data-mce-href="http://midpoint.evolveum.com/xml/ns/public/security/authorization-model-3#add">http://midpoint.evolveum.com/xml/ns/public/security/authorization-model-3#add</a></action><br>      <object><br>         <type>UserType</type><br>      </object><br>      <c:item>name</c:item><br>      <c:item>givenName</c:item><br>      <c:item>familyName</c:item><br>      <c:item>fullName</c:item><br>      <c:item>employeeType</c:item><br>      <c:item>employeeNumber</c:item><br>   </authorization><br>   <roleType>system</roleType><br></role><br><div><br></div></div><div>4. Doing so, on acessing "<a href="http://localhost:8080/midpoint/admin/users?3" target="_blank" data-mce-href="http://localhost:8080/midpoint/admin/users?3">http://localhost:8080/midpoint/admin/users?3</a>" and selecting the "New User" option, I have the specified attributes (name, givenname, etc) presented on the screen;<br><div><br></div></div><div>5. Nevertheless, after filling them and pressing the "save" button, the following error message is shown:<br><div><br></div><a id="m_6638186763092639592m_5361664820264126773gmail-ida4" class="m_6638186763092639592m_5361664820264126773gmail-box-title mceItemAnchor"></a> <b id="m_6638186763092639592m_5361664820264126773gmail-idaa" class="m_6638186763092639592m_5361664820264126773gmail-box-title">User ''specialuser'' not authorized for operation http://midpoint.evolveum.com/xml/ns/public/security/authorization-model-3#add on user:null(a)</b> <br><div><br></div></div><div><br><div><br></div></div></div></div></blockquote></div><br></div></div></div><br>_______________________________________________<br> midPoint mailing list<br> <a href="mailto:midPoint@lists.evolveum.com" target="_blank" data-mce-href="mailto:midPoint@lists.evolveum.com">midPoint@lists.evolveum.com</a><br> <a href="http://lists.evolveum.com/mailman/listinfo/midpoint" rel="noreferrer" target="_blank" data-mce-href="http://lists.evolveum.com/mailman/listinfo/midpoint">http://lists.evolveum.com/mailman/listinfo/midpoint</a><br> <br></blockquote></div><br><br clear="all"><div><br></div>-- <br><div class="gmail_signature"><div dir="ltr"><div><div dir="ltr"><div><div dir="ltr"><div dir="ltr"><table style="font-family:Verdana,Arial,Helvetica,sans-serif;border-collapse:collapse;padding:0px;margin:0px;border-width:0px!important;border-style:solid!important;width:482px!important" class="mceItemTable" data-mce-style="font-family: Verdana,Arial,Helvetica,sans-serif; border-collapse: collapse; padding: 0px; margin: 0px; border-width: 0px!important; border-style: solid!important; width: 482px!important;"><tbody><tr style="padding:0px;margin:0px;border:0px solid gray!important" data-mce-style="padding: 0px; margin: 0px; border: 0px solid gray!important;"><td style="color:rgb(0,0,0);font-family:Arial,sans-serif;font-size:11px;width:160px;vertical-align:bottom;padding:0px;border:0px solid gray!important" data-mce-style="color: #000000; font-family: Arial,sans-serif; font-size: 11px; width: 160px; vertical-align: bottom; padding: 0px; border: 0px solid gray!important;"><p><span style="font-size:14px;font-weight:bold" data-mce-style="font-size: 14px; font-weight: bold;">Oskar Butovič</span><br>solution architect<br></p><div><br></div><p>gsm: [+420] 774 480 101<br>e-mail: <a href="mailto:oskar.butovic@ami.cz" target="_blank" data-mce-href="mailto:oskar.butovic@ami.cz">oskar.butovic@ami.cz</a></p></td><td style="color:rgb(0,0,0);font-family:Verdana,Arial,Helvetica,sans-serif;font-size:10px;border-right-width:1px;border-right-style:solid;border-right-color:rgb(204,204,204);padding:0px;border-top-width:0px!important;border-bottom-width:0px!important;border-left-width:0px!important;border-top-style:solid!important;border-bottom-style:solid!important;border-left-style:solid!important;border-top-color:gray!important;border-bottom-color:gray!important;border-left-color:gray!important" data-mce-style="color: #000000; font-family: Verdana,Arial,Helvetica,sans-serif; font-size: 10px; border-right-width: 1px; border-right-style: solid; border-right-color: #cccccc; padding: 0px; border-top-width: 0px!important; border-bottom-width: 0px!important; border-left-width: 0px!important; border-top-style: solid!important; border-bottom-style: solid!important; border-left-style: solid!important; border-top-color: gray!important; border-bottom-color: gray!important; border-left-color: gray!important;">   </td><td style="color:rgb(0,0,0);font-family:Verdana,Arial,Helvetica,sans-serif;font-size:10px;padding:0px;border:0px solid gray!important" data-mce-style="color: #000000; font-family: Verdana,Arial,Helvetica,sans-serif; font-size: 10px; padding: 0px; border: 0px solid gray!important;">   </td><td style="color:rgb(0,0,0);font-family:Arial,sans-serif;font-size:11px;vertical-align:bottom;padding:0px;width:123px;border:0px solid gray!important" data-mce-style="color: #000000; font-family: Arial,sans-serif; font-size: 11px; vertical-align: bottom; padding: 0px; width: 123px; border: 0px solid gray!important;"><p>AMI Praha a.s.<br>Pláničkova 11<br>162 00 Praha 6<br>tel.: [+420] 274 783 239<br>web: <a href="http://www.ami.cz/" target="_blank" data-mce-href="http://www.ami.cz/">www.ami.cz</a></p></td><td style="color:rgb(0,0,0);font-family:Verdana,Arial,Helvetica,sans-serif;font-size:10px;border-right-width:1px;border-right-style:solid;border-right-color:rgb(204,204,204);padding:0px;border-top-width:0px!important;border-bottom-width:0px!important;border-left-width:0px!important;border-top-style:solid!important;border-bottom-style:solid!important;border-left-style:solid!important;border-top-color:gray!important;border-bottom-color:gray!important;border-left-color:gray!important" data-mce-style="color: #000000; font-family: Verdana,Arial,Helvetica,sans-serif; font-size: 10px; border-right-width: 1px; border-right-style: solid; border-right-color: #cccccc; padding: 0px; border-top-width: 0px!important; border-bottom-width: 0px!important; border-left-width: 0px!important; border-top-style: solid!important; border-bottom-style: solid!important; border-left-style: solid!important; border-top-color: gray!important; border-bottom-color: gray!important; border-left-color: gray!important;">   </td><td style="color:rgb(0,0,0);font-family:Verdana,Arial,Helvetica,sans-serif;font-size:10px;padding:0px;border:0px solid gray!important" data-mce-style="color: #000000; font-family: Verdana,Arial,Helvetica,sans-serif; font-size: 10px; padding: 0px; border: 0px solid gray!important;">   </td><td style="color:rgb(0,0,0);font-family:Arial,sans-serif;font-size:11px;margin:8px;border:0px solid gray!important;width:116px" data-mce-style="color: #000000; font-family: Arial,sans-serif; font-size: 11px; margin: 8px; border: 0px solid gray!important; width: 116px;"><p><img alt="AMI Praha a.s." style="border:0px" src="http://www.ami.cz/images/podpis/ami_logo.gif" data-mce-style="border: 0px;"></p></td></tr><tr style="padding:0px;margin:0px;border:0px solid gray!important" data-mce-style="padding: 0px; margin: 0px; border: 0px solid gray!important;"><td colspan="7" style="color:rgb(0,0,0);font-family:Verdana,Arial,Helvetica,sans-serif;font-size:10px;padding:0px;width:480px;border:0px solid gray!important" data-mce-style="color: #000000; font-family: Verdana,Arial,Helvetica,sans-serif; font-size: 10px; padding: 0px; width: 480px; border: 0px solid gray!important;"><br><a href="http://www.ami.cz/reseni-a-sluzby/bezpecnost-dat/identity-management" target="_blank" data-mce-href="http://www.ami.cz/reseni-a-sluzby/bezpecnost-dat/identity-management"><img alt="AMI Praha a.s." style="border:0px;width:480px!important;height:82px!important" src="http://www.ami.cz/images/podpis/AMI-podpis-IdM_1.png" data-mce-style="border: 0px; width: 480px!important; height: 82px!important;"></a></td></tr><tr style="padding:0px;margin:0px;border:0px solid gray!important" data-mce-style="padding: 0px; margin: 0px; border: 0px solid gray!important;"><td colspan="7" style="color:rgb(128,128,128);font-family:Arial,sans-serif;font-size:11px;padding:0px;border:0px solid gray!important" data-mce-style="color: #808080; font-family: Arial,sans-serif; font-size: 11px; padding: 0px; border: 0px solid gray!important;"><br>Textem tohoto e-mailu podepisující neslibuje uzavřít ani neuzavírá za společnost AMI Praha a.s.<br>jakoukoliv smlouvu. Každá smlouva, pokud bude uzavřena, musí mít výhradně písemnou formu.<br><div><br></div></td></tr></tbody></table></div></div></div></div></div></div></div></div><br>_______________________________________________<br>midPoint mailing list<br>midPoint@lists.evolveum.com<br>http://lists.evolveum.com/mailman/listinfo/midpoint<br></div><div><br></div></div></body></html>