<div dir="ltr"><div class="gmail_quote"><br><div dir="ltr">hmm, can you please send me the file what you try to upload?<div>If I copy my sample, I can upload to same MP version without any error.</div><div><br></div><div>Best regards.</div><div><br></div><div>Gustav</div></div><div class="gmail_extra"><div><div class="h5"><br><div class="gmail_quote">2017-03-02 18:32 GMT+01:00 Peter Healy <span dir="ltr"><<a href="mailto:phealy3330@gmail.com" target="_blank">phealy3330@gmail.com</a>></span>:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr">Hi Gustav,<div>I have MP v 3.5</div><div>From About:</div><div><div>Version<span class="m_-4034159323725989025m_-988413900713584884gmail-Apple-tab-span" style="white-space:pre-wrap"> </span>3.5</div><div>Git describe<span class="m_-4034159323725989025m_-988413900713584884gmail-Apple-tab-span" style="white-space:pre-wrap"> </span>git-v3.5</div><div>Build at<span class="m_-4034159323725989025m_-988413900713584884gmail-Apple-tab-span" style="white-space:pre-wrap"> </span>Wed, 21 Dec 2016 14:01:34 +0000</div><div><br></div><div>When I use the import objects GUI I get:</div><div><div>Operation Import objects (Model)</div><div>Message XML parsing error: Illegal processing instruction target ("xml"); xml (case insensitive) is reserved by the specs. at [row,col {unknown-source}]: [2,5]</div><div>Parameters</div><div>options com.evolveum.midpoint.<wbr>xml.ns._public.common.api_type<wbr>s_3.ImportOptionsType@1f57ce1a<wbr>[overwrite=false,keepOid=<wbr>false,stopAfterErrors=<null>,<wbr>summarizeSucceses=true,summari<wbr>zeErrors=true,referentialInteg<wbr>rity=false,validateStaticSchem<wbr>a=false,validateDynamicSchema=<wbr>false,encryptProtectedValues=<wbr>true,fetchResourceSchema=<wbr>false,keepMetadata=<null>]</div><div>Error Illegal processing instruction target ("xml"); xml (case insensitive) is reserved by the specs. at [row,col {unknown-source}]: [2,5]</div></div><div><br></div><div>I took out the first line <?xml...> and got this error instead:</div><div><br></div><div><div>Schema violation: Item '{<a href="http://midpoint" target="_blank">http://midpoint</a>. <a href="http://evolveum.com/xml/ns/public/model/scripting/extension-3%7DexecuteScript" target="_blank">evolveum.com/xml/ns/public/mod<wbr>el/scripting/extension-3}execu<wbr>teScript</a>' without definition can't be saved.</div></div><div><br></div><div class="gmail_extra">-Peter</div><div class="gmail_extra"><br><div class="gmail_quote">On Thu, Mar 2, 2017 at 10:38 AM, <span dir="ltr"><<a href="mailto:midpoint-request@lists.evolveum.com" target="_blank">midpoint-request@lists.evolve<wbr>um.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">Send midPoint mailing list submissions to<br>
<a href="mailto:midpoint@lists.evolveum.com" target="_blank">midpoint@lists.evolveum.com</a><br>
<br>
To subscribe or unsubscribe via the World Wide Web, visit<br>
<a href="http://lists.evolveum.com/mailman/listinfo/midpoint" rel="noreferrer" target="_blank">http://lists.evolveum.com/mail<wbr>man/listinfo/midpoint</a><br>
or, via email, send a message with subject or body 'help' to<br>
<a href="mailto:midpoint-request@lists.evolveum.com" target="_blank">midpoint-request@lists.evolveu<wbr>m.com</a><br>
<br>
You can reach the person managing the list at<br>
<a href="mailto:midpoint-owner@lists.evolveum.com" target="_blank">midpoint-owner@lists.evolveum.<wbr>com</a><br>
<br>
When replying, please edit your Subject line so it is more specific<br>
than "Re: Contents of midPoint digest..."<br>
<br>
<br>
Today's Topics:<br>
<br>
1. Re: Push out existing password to newly added resource<br>
(Peter Healy)<br>
2. Re: Push out existing password to newly added resource<br>
(Pálos Gustáv)<br>
<br>
<br>
------------------------------<wbr>------------------------------<wbr>----------<br>
<br>
Message: 1<br>
Date: Thu, 2 Mar 2017 10:12:23 -0500<br>
From: Peter Healy <<a href="mailto:phealy3330@gmail.com" target="_blank">phealy3330@gmail.com</a>><br>
To: <a href="mailto:midpoint@lists.evolveum.com" target="_blank">midpoint@lists.evolveum.com</a><br>
Subject: Re: [midPoint] Push out existing password to newly added<br>
resource<br>
Message-ID:<br>
<CADnbc=xxsVkzp4aeEn=<a href="mailto:EQTUjFFtUzsnmOHC6-zzthdJPoYTTGg@mail.gmail.com" target="_blank">EQTUjFFtU<wbr>zsnmOHC6-zzthdJPoYTTGg@mail.gm<wbr>ail.com</a>><br>
Content-Type: text/plain; charset="utf-8"<br>
<br>
Hi Gustav,<br>
Thanks so much for your reply!<br>
I have another question though, I am very new to midpoint and am having<br>
trouble running your example. When I paste it into bulk actions I get:<br>
Provided text is not a bulk action object. An instance of<br>
{scripting-3}ScriptingExpressi<wbr>onType is expected; you have provided class<br>
com.evolveum.prism.xml.ns._pub<wbr>lic.types_3.RawType instead.<br>
<br>
It then occurred to me that since you've given me a whole xml object this<br>
is probably intended me to use an API call, so I tried this after changing<br>
to OID to my resource:<br>
<br>
curl -v administrator:$ADMIN_PASSWORD -H "Content-Type: application/xml" -X<br>
POST http://$MIDPOINT_URL:8080/midp<wbr>oint/model/rest/tasks -d @example.xml<br>
<br>
But I get:<br>
* Server auth using Basic with user 'administrator'<br>
> POST /midpoint/model/rest/tasks HTTP/1.1<br>
> User-Agent: curl/7.47.0<br>
> Accept: */*<br>
> Content-Type: application/xml<br>
> Content-Length: 2494<br>
> Expect: 100-continue<br>
><br>
< HTTP/1.1 100 Continue<br>
* We are completely uploaded and fine<br>
< HTTP/1.1 500<br>
< Date: Thu, 02 Mar 2017 14:32:43 GMT<br>
< Server: Apache/2.4.25 (Debian)<br>
[..omitted..]<br>
<br>
<div>Unexpected error occurred, if necessary please contact system<br>
administrator.</div><br>
</p><br>
<br>
[..omitted..]<br>
<br>
Based on <a href="https://wiki.evolveum.com/display/midPoint/REST+API" rel="noreferrer" target="_blank">https://wiki.evolveum.com/disp<wbr>lay/midPoint/REST+API</a> I also tried<br>
/ws/as the path instead<br>
<br>
curl -v administrator:$ADMIN_PASSWORD -H "Content-Type: application/xml" -X<br>
POST http://$MIDPOINT_URL:8080/midp<wbr>oint/ws/rest/tasks -d @example.xml<br>
<br>
But got the same 500 error<br>
<br>
How should I use this, "tasks" is the correct endpoint for this type of<br>
object correct?<br>
<br>
<br>
<br>
On Thu, Mar 2, 2017 at 6:00 AM, <<a href="mailto:midpoint-request@lists.evolveum.com" target="_blank">midpoint-request@lists.evolve<wbr>um.com</a>> wrote:<br>
<br>
> Send midPoint mailing list submissions to<br>
> <a href="mailto:midpoint@lists.evolveum.com" target="_blank">midpoint@lists.evolveum.com</a><br>
><br>
> To subscribe or unsubscribe via the World Wide Web, visit<br>
> <a href="http://lists.evolveum.com/mailman/listinfo/midpoint" rel="noreferrer" target="_blank">http://lists.evolveum.com/mai<wbr>lman/listinfo/midpoint</a><br>
> or, via email, send a message with subject or body 'help' to<br>
> <a href="mailto:midpoint-request@lists.evolveum.com" target="_blank">midpoint-request@lists.evolve<wbr>um.com</a><br>
><br>
> You can reach the person managing the list at<br>
> <a href="mailto:midpoint-owner@lists.evolveum.com" target="_blank">midpoint-owner@lists.evolveum<wbr>.com</a><br>
><br>
> When replying, please edit your Subject line so it is more specific<br>
> than "Re: Contents of midPoint digest..."<br>
><br>
><br>
> Today's Topics:<br>
><br>
> 1. Push out existing password to newly added resource (Peter Healy)<br>
> 2. Re: Push out existing password to newly added resource<br>
> (Pálos Gustáv)<br>
><br>
><br>
> ------------------------------<wbr>------------------------------<wbr>----------<br>
><br>
> Message: 1<br>
> Date: Wed, 1 Mar 2017 16:43:27 -0500<br>
> From: Peter Healy <<a href="mailto:phealy3330@gmail.com" target="_blank">phealy3330@gmail.com</a>><br>
> To: <a href="mailto:midpoint@lists.evolveum.com" target="_blank">midpoint@lists.evolveum.com</a><br>
> Subject: [midPoint] Push out existing password to newly added<br>
> resource<br>
> Message-ID:<br>
> <CADnbc=y3gm4Kc195s536fJ3vq4A<wbr>SD7d0HPvd-KDhOC574QfG4w@mail.<br>
> <a href="http://gmail.com" rel="noreferrer" target="_blank">gmail.com</a>><br>
> Content-Type: text/plain; charset="utf-8"<br>
><br>
> Hi All,<br>
> I currently have midpoint set up to manage one resource with the resource<br>
> shadows linked to a midpoint account for a number of users.<br>
><br>
> I am wondering how I can trigger an outbound password sync down to a second<br>
> resource I just added.<br>
> The new resource accounts have been linking automatically to the midpoint<br>
> accounts.<br>
><br>
> I am pretty sure that if I set a new password or re-set the same password<br>
> it will get pushed down into the linked accounts in the new resource but, I<br>
> need to do this for ~50 accounts and would like a better way to do this in<br>
> bulk and without having to do a lot of custom scripting.<br>
><br>
> What is the best mechanism to force a user's current password down to a<br>
> new resource?<br>
><br>
> Thanks,<br>
> Peter<br>
> -------------- next part --------------<br>
> An HTML attachment was scrubbed...<br>
> URL: <<a href="http://lists.evolveum.com/pipermail/midpoint/" rel="noreferrer" target="_blank">http://lists.evolveum.com/pip<wbr>ermail/midpoint/</a><br>
> attachments/20170301/66d2828a/<wbr>attachment-0001.html><br>
><br>
> ------------------------------<br>
><br>
> Message: 2<br>
> Date: Wed, 1 Mar 2017 23:43:30 +0100<br>
> From: Pálos Gustáv <<a href="mailto:gustav.palos@evolveum.com" target="_blank">gustav.palos@evolveum.com</a>><br>
> To: midPoint General Discussion <<a href="mailto:midpoint@lists.evolveum.com" target="_blank">midpoint@lists.evolveum.com</a>><br>
> Subject: Re: [midPoint] Push out existing password to newly added<br>
> resource<br>
> Message-ID:<br>
> <CAPXQVkf2S_eg1JKAQpAQi2QjB5D<wbr>M_RxXR6q4YqdM42Ni2vk=8g@mail.<br>
> <a href="http://gmail.com" rel="noreferrer" target="_blank">gmail.com</a>><br>
> Content-Type: text/plain; charset="utf-8"<br>
><br>
> Hi Peter,<br>
><br>
> you can do this over bulk task, next sample send password for all users who<br>
> has an account in resource with mentioned resourceOid<br>
><br>
> <?xml version="1.0" encoding="UTF-8"?><br>
><br>
> <objects xmlns="<a href="http://midpoint.evolveum.com/xml/ns/public/common/common-3" rel="noreferrer" target="_blank">http://midpoint.evolveu<wbr>m.com/xml/ns/public/common/com<wbr>mon-3</a><br>
> "<br>
> xmlns:c="<a href="http://midpoint.evolveum.com/xml/ns/public/common/common-3" rel="noreferrer" target="_blank">http://midpoint.evolv<wbr>eum.com/xml/ns/public/common/c<wbr>ommon-3</a>"<br>
> xmlns:q="<a href="http://prism.evolveum.com/xml/ns/public/query-3" rel="noreferrer" target="_blank">http://prism.evolveum<wbr>.com/xml/ns/public/query-3</a>" xmlns:t="<br>
> <a href="http://prism.evolveum.com/xml/ns/public/types-3" rel="noreferrer" target="_blank">http://prism.evolveum.com/xml/<wbr>ns/public/types-3</a>"<br>
> xmlns:ri="<a href="http://midpoint.evolveum.com/xml/ns/public/resource/instance-3" rel="noreferrer" target="_blank">http://midpoint.evol<wbr>veum.com/xml/ns/public/resourc<wbr>e/instance-3</a>"<br>
> xmlns:icfs="<a href="http://midpoint.evolveum.com/xml/ns/public/" rel="noreferrer" target="_blank">http://midpoint.ev<wbr>olveum.com/xml/ns/public/</a><br>
> connector/icf-1/resource-schem<wbr>a-3"<br>
> xmlns:xsi="<a href="http://www.w3.org/2001/XMLSchema-instance" rel="noreferrer" target="_blank">http://www.w3.org/2<wbr>001/XMLSchema-instance</a>" ><br>
><br>
><br>
> <task oid="6218c55d-0fee-4767-a1eb-d<wbr>b7d023441b5"><br>
> <name>Replace passwords on Resource - all users</name><br>
> <extension><br>
> <scext:executeScript xmlns:scext="<a href="http://midpoint" rel="noreferrer" target="_blank">http://midpoint</a>.<br>
> <a href="http://evolveum.com/xml/ns/public/model/scripting/extension-3" rel="noreferrer" target="_blank">evolveum.com/xml/ns/public/mod<wbr>el/scripting/extension-3</a>"><br>
> <s:search xmlns:s="<a href="http://midpoint.evolveum.com/xml/ns/public/" rel="noreferrer" target="_blank">http://midpoint.evolv<wbr>eum.com/xml/ns/public/</a><br>
> model/scripting-3"><br>
> <s:type>c:UserType</s:type><br>
> <s:action><br>
> <s:type>execute-script</s:type<wbr>><br>
> <s:parameter><br>
> <s:name>script</s:name><br>
> <c:value xsi:type="c:ScriptExpressionEv<wbr>aluatorType" xmlns:c="<br>
> <a href="http://midpoint.evolveum.com/xml/ns/public/common/common-3" rel="noreferrer" target="_blank">http://midpoint.evolveum.com/x<wbr>ml/ns/public/common/common-3</a>"><br>
> <c:code><br>
> import <a href="http://com.evolveum.midpoint.prism.de" target="_blank">com.evolveum.midpoint.prism.de</a><wbr>lta.builder.*<br>
> import com.evolveum.midpoint.xml.ns._<br>
> public.common.common_3.*<br>
> import com.evolveum.prism.xml.ns._pub<wbr>lic.types_3.*<br>
><br>
> def resourceOid = '3d566aa3-e9f2-4e8d-8218-72c0a<wbr>ad5273b'<br>
> // resource OID where you need to send pwd<br>
> def prismContext = midpoint.getPrismContext()<br>
><br>
> <a href="http://log.info" rel="noreferrer" target="_blank">log.info</a>('Processing user: {}', input)<br>
> input.linkRef<br>
> .findAll { midpoint.resolveReference(it)?<br>
> .resourceRef.oid<br>
> == resourceOid }<br>
> .each {<br>
> <a href="http://log.info" rel="noreferrer" target="_blank">log.info</a>(' - Processing shadow: {}', it)<br>
> def delta = DeltaBuilder.deltaFor(ShadowTy<wbr>pe.class, prismContext)<br>
> .item(ShadowType.F_CREDENTIAL<wbr>S, CredentialsType.F_PASSWORD,<br>
> PasswordType.F_VALUE)<br>
> .replace(<a href="http://input.credentials.pa" target="_blank">input.credentials.pa</a><wbr>ssword.value)<br>
> .asObjectDelta(it.oid)<br>
> <a href="http://log.info" rel="noreferrer" target="_blank">log.info</a>(' - delta: {}', delta.debugDump())<br>
> midpoint.modifyObject(delta, null)<br>
> }<br>
> </c:code><br>
> </c:value><br>
> </s:parameter><br>
> </s:action><br>
> </s:search><br>
> </scext:executeScript><br>
> </extension><br>
> <ownerRef oid="00000000-0000-0000-0000-0<wbr>00000000002" /><br>
> <executionStatus>suspended</ex<wbr>ecutionStatus><br>
><br>
> <category>BulkActions</categor<wbr>y><br>
> <handlerUri><a href="http://midpoint.evolveum.com/xml/ns/public/" rel="noreferrer" target="_blank">http://midpoint.ev<wbr>olveum.com/xml/ns/public/</a><br>
> model/scripting/handler-3</han<wbr>dlerUri><br>
> <recurrence>single</recurrence<wbr>><br>
> </task><br>
><br>
> </objects><br>
><br>
> Gustav<br>
><br>
><br>
><br>
> > 2017-03-01 22:43 GMT+01:00 Peter Healy <<a href="mailto:phealy3330@gmail.com" target="_blank">phealy3330@gmail.com</a>>:<br>
> ><br>
> >> Hi All,<br>
> >> I currently have midpoint set up to manage one resource with the<br>
> resource<br>
> >> shadows linked to a midpoint account for a number of users.<br>
> >><br>
> >> I am wondering how I can trigger an outbound password sync down to a<br>
> >> second resource I just added.<br>
> >> The new resource accounts have been linking automatically to the<br>
> midpoint<br>
> >> accounts.<br>
> >><br>
> >> I am pretty sure that if I set a new password or re-set the same<br>
> password<br>
> >> it will get pushed down into the linked accounts in the new resource<br>
> but, I<br>
> >> need to do this for ~50 accounts and would like a better way to do this<br>
> in<br>
> >> bulk and without having to do a lot of custom scripting.<br>
> >><br>
> >> What is the best mechanism to force a user's current password down to a<br>
> >> new resource?<br>
> >><br>
> >> Thanks,<br>
> >> Peter<br>
> >><br>
> >> ______________________________<wbr>_________________<br>
> >> midPoint mailing list<br>
> >> <a href="mailto:midPoint@lists.evolveum.com" target="_blank">midPoint@lists.evolveum.com</a><br>
> >> <a href="http://lists.evolveum.com/mailman/listinfo/midpoint" rel="noreferrer" target="_blank">http://lists.evolveum.com/mail<wbr>man/listinfo/midpoint</a><br>
> >><br>
> >><br>
> ><br>
> ><br>
> -------------- next part --------------<br>
> An HTML attachment was scrubbed...<br>
> URL: <<a href="http://lists.evolveum.com/pipermail/midpoint/" rel="noreferrer" target="_blank">http://lists.evolveum.com/pip<wbr>ermail/midpoint/</a><br>
> attachments/20170301/2ac87926/<wbr>attachment-0001.html><br>
><br>
> ------------------------------<br>
><br>
> Subject: Digest Footer<br>
><br>
> ______________________________<wbr>_________________<br>
> midPoint mailing list<br>
> <a href="mailto:midPoint@lists.evolveum.com" target="_blank">midPoint@lists.evolveum.com</a><br>
> <a href="http://lists.evolveum.com/mailman/listinfo/midpoint" rel="noreferrer" target="_blank">http://lists.evolveum.com/mail<wbr>man/listinfo/midpoint</a><br>
><br>
><br>
> ------------------------------<br>
><br>
> End of midPoint Digest, Vol 59, Issue 10<br>
> ******************************<wbr>**********<br>
><br>
-------------- next part --------------<br>
An HTML attachment was scrubbed...<br>
URL: <<a href="http://lists.evolveum.com/pipermail/midpoint/attachments/20170302/de826b0b/attachment-0001.html" rel="noreferrer" target="_blank">http://lists.evolveum.com/pip<wbr>ermail/midpoint/attachments/20<wbr>170302/de826b0b/attachment-000<wbr>1.html</a>><br>
<br>
------------------------------<br>
<br>
Message: 2<br>
Date: Thu, 2 Mar 2017 16:38:01 +0100<br>
From: Pálos Gustáv <<a href="mailto:gustav.palos@evolveum.com" target="_blank">gustav.palos@evolveum.com</a>><br>
To: midPoint General Discussion <<a href="mailto:midpoint@lists.evolveum.com" target="_blank">midpoint@lists.evolveum.com</a>><br>
Subject: Re: [midPoint] Push out existing password to newly added<br>
resource<br>
Message-ID:<br>
<CAPXQVkfTLUX9bmAv0xHzVWtyzSkD<wbr>dNfwxc_1QEHA=udhem+=<a href="mailto:bQ@mail.gmail.com" target="_blank">bQ@mail.gm<wbr>ail.com</a>><br>
Content-Type: text/plain; charset="utf-8"<br>
<br>
Hi Peter,<br>
<br>
what is your's MP version where you try to import?<br>
I tried it in 3.5 and it is working for me as I sent to you.<br>
execute-script feature is supported from MP v. 3.4.1:<br>
<a href="https://wiki.evolveum.com/display/midPoint/Bulk+actions" rel="noreferrer" target="_blank">https://wiki.evolveum.com/disp<wbr>lay/midPoint/Bulk+actions</a><br>
<br>
Do you try also over MP GUI Configuration-->Import objects?<br>
<br>
Best regards,<br>
<br>
Gustav<br>
<br>
<br>
2017-03-02 16:12 GMT+01:00 Peter Healy <<a href="mailto:phealy3330@gmail.com" target="_blank">phealy3330@gmail.com</a>>:<br>
<br>
> Hi Gustav,<br>
> Thanks so much for your reply!<br>
> I have another question though, I am very new to midpoint and am having<br>
> trouble running your example. When I paste it into bulk actions I get:<br>
> Provided text is not a bulk action object. An instance of {scripting-3}ScriptingExpressi<wbr>onType<br>
> is expected; you have provided class com.evolveum.prism.xml.ns._pub<wbr>lic.types_3.RawType<br>
> instead.<br>
><br>
> It then occurred to me that since you've given me a whole xml object this<br>
> is probably intended me to use an API call, so I tried this after changing<br>
> to OID to my resource:<br>
><br>
> curl -v administrator:$ADMIN_PASSWORD -H "Content-Type: application/xml"<br>
> -X POST http://$MIDPOINT_URL:8080/midp<wbr>oint/model/rest/tasks -d<br>
> @example.xml<br>
><br>
> But I get:<br>
> * Server auth using Basic with user 'administrator'<br>
> > POST /midpoint/model/rest/tasks HTTP/1.1<br>
> > User-Agent: curl/7.47.0<br>
> > Accept: */*<br>
> > Content-Type: application/xml<br>
> > Content-Length: 2494<br>
> > Expect: 100-continue<br>
> ><br>
> < HTTP/1.1 100 Continue<br>
> * We are completely uploaded and fine<br>
> < HTTP/1.1 500<br>
> < Date: Thu, 02 Mar 2017 14:32:43 GMT<br>
> < Server: Apache/2.4.25 (Debian)<br>
> [..omitted..]<br>
><br>
> <div>Unexpected error occurred, if necessary please contact system<br>
> administrator.</div><br>
> </p><br>
><br>
> [..omitted..]<br>
><br>
> Based on <a href="https://wiki.evolveum.com/display/midPoint/REST+API" rel="noreferrer" target="_blank">https://wiki.evolveum.com/disp<wbr>lay/midPoint/REST+API</a> I also tried<br>
> /ws/as the path instead<br>
><br>
> curl -v administrator:$ADMIN_PASSWORD -H "Content-Type: application/xml"<br>
> -X POST http://$MIDPOINT_URL:8080/midp<wbr>oint/ws/rest/tasks -d @example.xml<br>
><br>
> But got the same 500 error<br>
><br>
> How should I use this, "tasks" is the correct endpoint for this type of<br>
> object correct?<br>
><br>
><br>
><br>
> On Thu, Mar 2, 2017 at 6:00 AM, <<a href="mailto:midpoint-request@lists.evolveum.com" target="_blank">midpoint-request@lists.evolve<wbr>um.com</a>><br>
> wrote:<br>
><br>
>> Send midPoint mailing list submissions to<br>
>> <a href="mailto:midpoint@lists.evolveum.com" target="_blank">midpoint@lists.evolveum.com</a><br>
>><br>
>> To subscribe or unsubscribe via the World Wide Web, visit<br>
>> <a href="http://lists.evolveum.com/mailman/listinfo/midpoint" rel="noreferrer" target="_blank">http://lists.evolveum.com/mai<wbr>lman/listinfo/midpoint</a><br>
>> or, via email, send a message with subject or body 'help' to<br>
>> <a href="mailto:midpoint-request@lists.evolveum.com" target="_blank">midpoint-request@lists.evolve<wbr>um.com</a><br>
>><br>
>> You can reach the person managing the list at<br>
>> <a href="mailto:midpoint-owner@lists.evolveum.com" target="_blank">midpoint-owner@lists.evolveum<wbr>.com</a><br>
>><br>
>> When replying, please edit your Subject line so it is more specific<br>
>> than "Re: Contents of midPoint digest..."<br>
>><br>
>><br>
>> Today's Topics:<br>
>><br>
>> 1. Push out existing password to newly added resource (Peter Healy)<br>
>> 2. Re: Push out existing password to newly added resource<br>
>> (Pálos Gustáv)<br>
>><br>
>><br>
>> ------------------------------<wbr>------------------------------<wbr>----------<br>
>><br>
>> Message: 1<br>
>> Date: Wed, 1 Mar 2017 16:43:27 -0500<br>
>> From: Peter Healy <<a href="mailto:phealy3330@gmail.com" target="_blank">phealy3330@gmail.com</a>><br>
>> To: <a href="mailto:midpoint@lists.evolveum.com" target="_blank">midpoint@lists.evolveum.com</a><br>
>> Subject: [midPoint] Push out existing password to newly added<br>
>> resource<br>
>> Message-ID:<br>
>> <CADnbc=<a href="mailto:y3gm4Kc195s536fJ3vq4ASD7d0HPvd-KDhOC574QfG4w@mail.gm" target="_blank">y3gm4Kc195s536fJ3vq4A<wbr>SD7d0HPvd-KDhOC574QfG4w@mail.g<wbr>m</a><br>
>> <a href="http://ail.com" rel="noreferrer" target="_blank">ail.com</a>><br>
>> Content-Type: text/plain; charset="utf-8"<br>
>><br>
>> Hi All,<br>
>> I currently have midpoint set up to manage one resource with the resource<br>
>> shadows linked to a midpoint account for a number of users.<br>
>><br>
>> I am wondering how I can trigger an outbound password sync down to a<br>
>> second<br>
>> resource I just added.<br>
>> The new resource accounts have been linking automatically to the midpoint<br>
>> accounts.<br>
>><br>
>> I am pretty sure that if I set a new password or re-set the same password<br>
>> it will get pushed down into the linked accounts in the new resource but,<br>
>> I<br>
>> need to do this for ~50 accounts and would like a better way to do this in<br>
>> bulk and without having to do a lot of custom scripting.<br>
>><br>
>> What is the best mechanism to force a user's current password down to a<br>
>> new resource?<br>
>><br>
>> Thanks,<br>
>> Peter<br>
>> -------------- next part --------------<br>
>> An HTML attachment was scrubbed...<br>
>> URL: <<a href="http://lists.evolveum.com/pipermail/midpoint/attachments/" rel="noreferrer" target="_blank">http://lists.evolveum.com/pip<wbr>ermail/midpoint/attachments/</a><br>
>> 20170301/66d2828a/attachment-0<wbr>001.html><br>
>><br>
>> ------------------------------<br>
>><br>
>> Message: 2<br>
>> Date: Wed, 1 Mar 2017 23:43:30 +0100<br>
>> From: Pálos Gustáv <<a href="mailto:gustav.palos@evolveum.com" target="_blank">gustav.palos@evolveum.com</a>><br>
>> To: midPoint General Discussion <<a href="mailto:midpoint@lists.evolveum.com" target="_blank">midpoint@lists.evolveum.com</a>><br>
>> Subject: Re: [midPoint] Push out existing password to newly added<br>
>> resource<br>
>> Message-ID:<br>
>> <CAPXQVkf2S_eg1JKAQpAQi2QjB5D<wbr>M_RxXR6q4YqdM42Ni2vk=<a href="mailto:8g@mail.gm" target="_blank">8g@mail.g<wbr>m</a><br>
>> <a href="http://ail.com" rel="noreferrer" target="_blank">ail.com</a>><br>
>> Content-Type: text/plain; charset="utf-8"<br>
>><br>
>><br>
>> Hi Peter,<br>
>><br>
>> you can do this over bulk task, next sample send password for all users<br>
>> who<br>
>> has an account in resource with mentioned resourceOid<br>
>><br>
>> <?xml version="1.0" encoding="UTF-8"?><br>
>><br>
>> <objects xmlns="<a href="http://midpoint.evolveum.com/xml/ns/public/common/" rel="noreferrer" target="_blank">http://midpoint.evolveu<wbr>m.com/xml/ns/public/common/</a><br>
>> common-3"<br>
>> xmlns:c="<a href="http://midpoint.evolveum.com/xml/ns/public/common/common-3" rel="noreferrer" target="_blank">http://midpoint.evolv<wbr>eum.com/xml/ns/public/common/c<wbr>ommon-3</a>"<br>
>> xmlns:q="<a href="http://prism.evolveum.com/xml/ns/public/query-3" rel="noreferrer" target="_blank">http://prism.evolveum<wbr>.com/xml/ns/public/query-3</a>" xmlns:t="<br>
>> <a href="http://prism.evolveum.com/xml/ns/public/types-3" rel="noreferrer" target="_blank">http://prism.evolveum.com/xml/<wbr>ns/public/types-3</a>"<br>
>> xmlns:ri="<a href="http://midpoint.evolveum.com/xml/ns/public/resource/instance-3" rel="noreferrer" target="_blank">http://midpoint.evol<wbr>veum.com/xml/ns/public/resourc<wbr>e/instance-3</a>"<br>
>> xmlns:icfs="<a href="http://midpoint.evolveum.com/xml/ns/public/" rel="noreferrer" target="_blank">http://midpoint.ev<wbr>olveum.com/xml/ns/public/</a><br>
>> connector/icf-1/resource-schem<wbr>a-3"<br>
>> xmlns:xsi="<a href="http://www.w3.org/2001/XMLSchema-instance" rel="noreferrer" target="_blank">http://www.w3.org/2<wbr>001/XMLSchema-instance</a>" ><br>
>><br>
>><br>
>> <task oid="6218c55d-0fee-4767-a1eb-d<wbr>b7d023441b5"><br>
>> <name>Replace passwords on Resource - all users</name><br>
>> <extension><br>
>> <scext:executeScript xmlns:scext="<a href="http://midpoint" rel="noreferrer" target="_blank">http://midpoint</a>.<br>
>> <a href="http://evolveum.com/xml/ns/public/model/scripting/extension-3" rel="noreferrer" target="_blank">evolveum.com/xml/ns/public/mod<wbr>el/scripting/extension-3</a>"><br>
>> <s:search xmlns:s="<a href="http://midpoint.evolveum.com/xml/ns/public/" rel="noreferrer" target="_blank">http://midpoint.evolv<wbr>eum.com/xml/ns/public/</a><br>
>> model/scripting-3"><br>
>> <s:type>c:UserType</s:type><br>
>> <s:action><br>
>> <s:type>execute-script</s:type<wbr>><br>
>> <s:parameter><br>
>> <s:name>script</s:name><br>
>> <c:value xsi:type="c:ScriptExpressionEv<wbr>aluatorType" xmlns:c="<br>
>> <a href="http://midpoint.evolveum.com/xml/ns/public/common/common-3" rel="noreferrer" target="_blank">http://midpoint.evolveum.com/x<wbr>ml/ns/public/common/common-3</a>"><br>
>> <c:code><br>
>> import <a href="http://com.evolveum.midpoint.prism.de" target="_blank">com.evolveum.midpoint.prism.de</a><wbr>lta.builder.*<br>
>> import com.evolveum.midpoint.xml.ns._<br>
>> public.common.common_3.*<br>
>> import com.evolveum.prism.xml.ns._pub<wbr>lic.types_3.*<br>
>><br>
>> def resourceOid = '3d566aa3-e9f2-4e8d-8218-72c0a<wbr>ad5273b'<br>
>> // resource OID where you need to send pwd<br>
>> def prismContext = midpoint.getPrismContext()<br>
>><br>
>> <a href="http://log.info" rel="noreferrer" target="_blank">log.info</a>('Processing user: {}', input)<br>
>> input.linkRef<br>
>> .findAll { midpoint.resolveReference(it)?<br>
>> .resourceRef.oid<br>
>> == resourceOid }<br>
>> .each {<br>
>> <a href="http://log.info" rel="noreferrer" target="_blank">log.info</a>(' - Processing shadow: {}', it)<br>
>> def delta = DeltaBuilder.deltaFor(ShadowTy<wbr>pe.class, prismContext)<br>
>> .item(ShadowType.F_CREDENTIAL<wbr>S, CredentialsType.F_PASSWORD,<br>
>> PasswordType.F_VALUE)<br>
>> .replace(<a href="http://input.credentials.pa" target="_blank">input.credentials.pa</a><wbr>ssword.value)<br>
>> .asObjectDelta(it.oid)<br>
>> <a href="http://log.info" rel="noreferrer" target="_blank">log.info</a>(' - delta: {}', delta.debugDump())<br>
>> midpoint.modifyObject(delta, null)<br>
>> }<br>
>> </c:code><br>
>> </c:value><br>
>> </s:parameter><br>
>> </s:action><br>
>> </s:search><br>
>> </scext:executeScript><br>
>> </extension><br>
>> <ownerRef oid="00000000-0000-0000-0000-0<wbr>00000000002" /><br>
>> <executionStatus>suspended</ex<wbr>ecutionStatus><br>
>><br>
>> <category>BulkActions</categor<wbr>y><br>
>> <handlerUri><a href="http://midpoint.evolveum.com/xml/ns/public/" rel="noreferrer" target="_blank">http://midpoint.ev<wbr>olveum.com/xml/ns/public/</a><br>
>> model/scripting/handler-3</han<wbr>dlerUri><br>
>> <recurrence>single</recurrence<wbr>><br>
>> </task><br>
>><br>
>> </objects><br>
>><br>
>> Gustav<br>
>><br>
>><br>
>><br>
>> > 2017-03-01 22:43 GMT+01:00 Peter Healy <<a href="mailto:phealy3330@gmail.com" target="_blank">phealy3330@gmail.com</a>>:<br>
>> ><br>
>> >> Hi All,<br>
>> >> I currently have midpoint set up to manage one resource with the<br>
>> resource<br>
>> >> shadows linked to a midpoint account for a number of users.<br>
>> >><br>
>> >> I am wondering how I can trigger an outbound password sync down to a<br>
>> >> second resource I just added.<br>
>> >> The new resource accounts have been linking automatically to the<br>
>> midpoint<br>
>> >> accounts.<br>
>> >><br>
>> >> I am pretty sure that if I set a new password or re-set the same<br>
>> password<br>
>> >> it will get pushed down into the linked accounts in the new resource<br>
>> but, I<br>
>> >> need to do this for ~50 accounts and would like a better way to do<br>
>> this in<br>
>> >> bulk and without having to do a lot of custom scripting.<br>
>> >><br>
>> >> What is the best mechanism to force a user's current password down to<br>
>> a<br>
>> >> new resource?<br>
>> >><br>
>> >> Thanks,<br>
>> >> Peter<br>
>> >><br>
>> >> ______________________________<wbr>_________________<br>
>> >> midPoint mailing list<br>
>> >> <a href="mailto:midPoint@lists.evolveum.com" target="_blank">midPoint@lists.evolveum.com</a><br>
>> >> <a href="http://lists.evolveum.com/mailman/listinfo/midpoint" rel="noreferrer" target="_blank">http://lists.evolveum.com/mail<wbr>man/listinfo/midpoint</a><br>
>> >><br>
>> >><br>
>> ><br>
>> ><br>
>> -------------- next part --------------<br>
>> An HTML attachment was scrubbed...<br>
>> URL: <<a href="http://lists.evolveum.com/pipermail/midpoint/attachments/" rel="noreferrer" target="_blank">http://lists.evolveum.com/pip<wbr>ermail/midpoint/attachments/</a><br>
>> 20170301/2ac87926/attachment-0<wbr>001.html><br>
>><br>
>> ------------------------------<br>
>><br>
>> Subject: Digest Footer<br>
>><br>
>> ______________________________<wbr>_________________<br>
>> midPoint mailing list<br>
>> <a href="mailto:midPoint@lists.evolveum.com" target="_blank">midPoint@lists.evolveum.com</a><br>
>> <a href="http://lists.evolveum.com/mailman/listinfo/midpoint" rel="noreferrer" target="_blank">http://lists.evolveum.com/mail<wbr>man/listinfo/midpoint</a><br>
>><br>
>><br>
>> ------------------------------<br>
>><br>
>> End of midPoint Digest, Vol 59, Issue 10<br>
>> ******************************<wbr>**********<br>
>><br>
><br>
><br>
> ______________________________<wbr>_________________<br>
> midPoint mailing list<br>
> <a href="mailto:midPoint@lists.evolveum.com" target="_blank">midPoint@lists.evolveum.com</a><br>
> <a href="http://lists.evolveum.com/mailman/listinfo/midpoint" rel="noreferrer" target="_blank">http://lists.evolveum.com/mail<wbr>man/listinfo/midpoint</a><br>
><br>
><br>
<br>
<br>
--<br>
Gustáv Pálos<br>
Identity Engineer<br>
<a href="http://evolveum.com" rel="noreferrer" target="_blank">evolveum.com</a><br>
-------------- next part --------------<br>
An HTML attachment was scrubbed...<br>
URL: <<a href="http://lists.evolveum.com/pipermail/midpoint/attachments/20170302/e42d7d52/attachment.html" rel="noreferrer" target="_blank">http://lists.evolveum.com/pip<wbr>ermail/midpoint/attachments/20<wbr>170302/e42d7d52/attachment.htm<wbr>l</a>><br>
<br>
------------------------------<br>
<br>
Subject: Digest Footer<br>
<br>
______________________________<wbr>_________________<br>
midPoint mailing list<br>
<a href="mailto:midPoint@lists.evolveum.com" target="_blank">midPoint@lists.evolveum.com</a><br>
<a href="http://lists.evolveum.com/mailman/listinfo/midpoint" rel="noreferrer" target="_blank">http://lists.evolveum.com/mail<wbr>man/listinfo/midpoint</a><br>
<br>
<br>
------------------------------<br>
<br>
End of midPoint Digest, Vol 59, Issue 12<br>
******************************<wbr>**********<br>
</blockquote></div><br></div></div></div>
<br>______________________________<wbr>_________________<br>
midPoint mailing list<br>
<a href="mailto:midPoint@lists.evolveum.com" target="_blank">midPoint@lists.evolveum.com</a><br>
<a href="http://lists.evolveum.com/mailman/listinfo/midpoint" rel="noreferrer" target="_blank">http://lists.evolveum.com/mail<wbr>man/listinfo/midpoint</a><br>
<br></blockquote></div><br><br clear="all"><div><br></div>-- <br></div></div><div class="m_-4034159323725989025gmail_signature" data-smartmail="gmail_signature">s pozdravom<span class="HOEnZb"><font color="#888888"><div><br></div><div>Gustáv Pálos</div></font></span></div>
</div>
</div><br><br clear="all"><div><br></div>-- <br><div class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"><div>Gustáv Pálos</div><div>Identity Engineer</div><a href="http://evolveum.com/" rel="noreferrer" style="color:rgb(17,85,204);font-size:12.8px" target="_blank">evolveum.com</a><br></div></div>
</div>