<div dir="ltr">Hi Gustav,<div>Thanks so much for your reply!</div><div>I have another question though, I am very new to midpoint and am having trouble running your example. When I paste it into bulk actions I get:</div><div><span style="color:rgb(51,51,51);font-family:"source sans pro","helvetica neue",helvetica,arial,sans-serif;font-size:14px">Provided text is not a bulk action object. An instance of {scripting-3}ScriptingExpressionType is expected; you have provided class com.evolveum.prism.xml.ns._public.types_3.RawType instead.</span></div><div><font color="#333333" face="source sans pro, helvetica neue, helvetica, arial, sans-serif"><span style="font-size:14px"><br></span></font></div><div><font color="#333333" face="source sans pro, helvetica neue, helvetica, arial, sans-serif"><span style="font-size:14px">It then occurred to me that since you've given me a whole xml object this is probably intended me to use an API call, so I tried this after changing to OID to my resource:</span></font></div><div><font color="#333333" face="source sans pro, helvetica neue, helvetica, arial, sans-serif"><span style="font-size:14px"><br></span></font></div><div><font color="#333333" face="source sans pro, helvetica neue, helvetica, arial, sans-serif"><div><span style="font-size:14px">curl -v administrator:$ADMIN_PASSWORD -H "Content-Type: application/xml" -X POST http://$MIDPOINT_URL:8080/midpoint/model/rest/tasks -d @example.xml</span></div><div><span style="font-size:14px"><br></span></div><div>But I get:</div><div><span style="font-size:14px">* Server auth using Basic with user 'administrator'</span></div><div><span style="font-size:14px">> POST /midpoint/model/rest/tasks HTTP/1.1</span></div><div><span style="font-size:14px">> User-Agent: curl/7.47.0</span></div><div><span style="font-size:14px">> Accept: */*</span></div><div><span style="font-size:14px">> Content-Type: application/xml</span></div><div><span style="font-size:14px">> Content-Length: 2494</span></div><div><span style="font-size:14px">> Expect: 100-continue</span></div><div><span style="font-size:14px">> </span></div><div><span style="font-size:14px">< HTTP/1.1 100 Continue</span></div><div><span style="font-size:14px">* We are completely uploaded and fine</span></div><div><span style="font-size:14px">< HTTP/1.1 500 </span></div><div><span style="font-size:14px">< Date: Thu, 02 Mar 2017 14:32:43 GMT</span></div><div><span style="font-size:14px">< Server: Apache/2.4.25 (Debian)</span></div><div><span style="font-size:14px">[..omitted..]</span></div><div><span style="font-size:14px"> </span></div><div><span style="font-size:14px"><span class="gmail-Apple-tab-span" style="white-space:pre"> </span><div>Unexpected error occurred, if necessary please contact system administrator.</div></span></div><div><span style="font-size:14px"><span class="gmail-Apple-tab-span" style="white-space:pre"> </span></p></span></div><div><span style="font-size:14px"><br></span></div><div><span style="font-size:14px">[..omitted..]</span></div><div><span style="font-size:14px"><br></span></div><div><span style="font-size:14px">Based on <a href="https://wiki.evolveum.com/display/midPoint/REST+API">https://wiki.evolveum.com/display/midPoint/REST+API</a> I also tried /ws/as the path instead</span></div><div><span style="font-size:14px"><br></span></div><div><span style="font-size:14px">curl -v administrator:$ADMIN_PASSWORD -H "Content-Type: application/xml" -X POST http://$MIDPOINT_URL:8080/midpoint/ws/rest/tasks -d @example.xml</span></div><div><span style="font-size:14px"><br></span></div><div><span style="font-size:14px">But got the same 500 error </span></div><div><span style="font-size:14px"><br></span></div><div><span style="font-size:14px">How should I use this, "tasks" is the correct endpoint for this type of object correct? </span></div><div><span style="font-size:14px"><br></span></div><div><span style="font-size:14px"><br></span></div></font><div class="gmail_extra"><br><div class="gmail_quote">On Thu, Mar 2, 2017 at 6:00 AM, <span dir="ltr"><<a href="mailto:midpoint-request@lists.evolveum.com" target="_blank">midpoint-request@lists.evolveum.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">Send midPoint mailing list submissions to<br>
<a href="mailto:midpoint@lists.evolveum.com">midpoint@lists.evolveum.com</a><br>
<br>
To subscribe or unsubscribe via the World Wide Web, visit<br>
<a href="http://lists.evolveum.com/mailman/listinfo/midpoint" rel="noreferrer" target="_blank">http://lists.evolveum.com/<wbr>mailman/listinfo/midpoint</a><br>
or, via email, send a message with subject or body 'help' to<br>
<a href="mailto:midpoint-request@lists.evolveum.com">midpoint-request@lists.<wbr>evolveum.com</a><br>
<br>
You can reach the person managing the list at<br>
<a href="mailto:midpoint-owner@lists.evolveum.com">midpoint-owner@lists.evolveum.<wbr>com</a><br>
<br>
When replying, please edit your Subject line so it is more specific<br>
than "Re: Contents of midPoint digest..."<br>
<br>
<br>
Today's Topics:<br>
<br>
1. Push out existing password to newly added resource (Peter Healy)<br>
2. Re: Push out existing password to newly added resource<br>
(Pálos Gustáv)<br>
<br>
<br>
------------------------------<wbr>------------------------------<wbr>----------<br>
<br>
Message: 1<br>
Date: Wed, 1 Mar 2017 16:43:27 -0500<br>
From: Peter Healy <<a href="mailto:phealy3330@gmail.com">phealy3330@gmail.com</a>><br>
To: <a href="mailto:midpoint@lists.evolveum.com">midpoint@lists.evolveum.com</a><br>
Subject: [midPoint] Push out existing password to newly added<br>
resource<br>
Message-ID:<br>
<CADnbc=<a href="mailto:y3gm4Kc195s536fJ3vq4ASD7d0HPvd-KDhOC574QfG4w@mail.gmail.com">y3gm4Kc195s536fJ3vq4AS<wbr>D7d0HPvd-KDhOC574QfG4w@mail.<wbr>gmail.com</a>><br>
Content-Type: text/plain; charset="utf-8"<br>
<br>
Hi All,<br>
I currently have midpoint set up to manage one resource with the resource<br>
shadows linked to a midpoint account for a number of users.<br>
<br>
I am wondering how I can trigger an outbound password sync down to a second<br>
resource I just added.<br>
The new resource accounts have been linking automatically to the midpoint<br>
accounts.<br>
<br>
I am pretty sure that if I set a new password or re-set the same password<br>
it will get pushed down into the linked accounts in the new resource but, I<br>
need to do this for ~50 accounts and would like a better way to do this in<br>
bulk and without having to do a lot of custom scripting.<br>
<br>
What is the best mechanism to force a user's current password down to a<br>
new resource?<br>
<br>
Thanks,<br>
Peter<br>
-------------- next part --------------<br>
An HTML attachment was scrubbed...<br>
URL: <<a href="http://lists.evolveum.com/pipermail/midpoint/attachments/20170301/66d2828a/attachment-0001.html" rel="noreferrer" target="_blank">http://lists.evolveum.com/<wbr>pipermail/midpoint/<wbr>attachments/20170301/66d2828a/<wbr>attachment-0001.html</a>><br>
<br>
------------------------------<br>
<br>
Message: 2<br>
Date: Wed, 1 Mar 2017 23:43:30 +0100<br>
From: Pálos Gustáv <<a href="mailto:gustav.palos@evolveum.com">gustav.palos@evolveum.com</a>><br>
To: midPoint General Discussion <<a href="mailto:midpoint@lists.evolveum.com">midpoint@lists.evolveum.com</a>><br>
Subject: Re: [midPoint] Push out existing password to newly added<br>
resource<br>
Message-ID:<br>
<CAPXQVkf2S_<wbr>eg1JKAQpAQi2QjB5DM_<wbr>RxXR6q4YqdM42Ni2vk=<a href="mailto:8g@mail.gmail.com">8g@mail.<wbr>gmail.com</a>><br>
Content-Type: text/plain; charset="utf-8"<br>
<br>
Hi Peter,<br>
<br>
you can do this over bulk task, next sample send password for all users who<br>
has an account in resource with mentioned resourceOid<br>
<br>
<?xml version="1.0" encoding="UTF-8"?><br>
<br>
<objects xmlns="<a href="http://midpoint.evolveum.com/xml/ns/public/common/common-3" rel="noreferrer" target="_blank">http://midpoint.<wbr>evolveum.com/xml/ns/public/<wbr>common/common-3</a>"<br>
xmlns:c="<a href="http://midpoint.evolveum.com/xml/ns/public/common/common-3" rel="noreferrer" target="_blank">http://midpoint.<wbr>evolveum.com/xml/ns/public/<wbr>common/common-3</a>"<br>
xmlns:q="<a href="http://prism.evolveum.com/xml/ns/public/query-3" rel="noreferrer" target="_blank">http://prism.<wbr>evolveum.com/xml/ns/public/<wbr>query-3</a>" xmlns:t="<br>
<a href="http://prism.evolveum.com/xml/ns/public/types-3" rel="noreferrer" target="_blank">http://prism.evolveum.com/xml/<wbr>ns/public/types-3</a>"<br>
xmlns:ri="<a href="http://midpoint.evolveum.com/xml/ns/public/resource/instance-3" rel="noreferrer" target="_blank">http://midpoint.<wbr>evolveum.com/xml/ns/public/<wbr>resource/instance-3</a>"<br>
xmlns:icfs="<a href="http://midpoint.evolveum.com/xml/ns/public/" rel="noreferrer" target="_blank">http://midpoint.<wbr>evolveum.com/xml/ns/public/</a><br>
connector/icf-1/resource-<wbr>schema-3"<br>
xmlns:xsi="<a href="http://www.w3.org/2001/XMLSchema-instance" rel="noreferrer" target="_blank">http://www.w3.org/<wbr>2001/XMLSchema-instance</a>" ><br>
<br>
<br>
<task oid="6218c55d-0fee-4767-a1eb-<wbr>db7d023441b5"><br>
<name>Replace passwords on Resource - all users</name><br>
<extension><br>
<scext:executeScript xmlns:scext="<a href="http://midpoint" rel="noreferrer" target="_blank">http://midpoint</a>.<br>
<a href="http://evolveum.com/xml/ns/public/model/scripting/extension-3" rel="noreferrer" target="_blank">evolveum.com/xml/ns/public/<wbr>model/scripting/extension-3</a>"><br>
<s:search xmlns:s="<a href="http://midpoint.evolveum.com/xml/ns/public/" rel="noreferrer" target="_blank">http://midpoint.<wbr>evolveum.com/xml/ns/public/</a><br>
model/scripting-3"><br>
<s:type>c:UserType</s:type><br>
<s:action><br>
<s:type>execute-script</s:<wbr>type><br>
<s:parameter><br>
<s:name>script</s:name><br>
<c:value xsi:type="c:<wbr>ScriptExpressionEvaluatorType" xmlns:c="<br>
<a href="http://midpoint.evolveum.com/xml/ns/public/common/common-3" rel="noreferrer" target="_blank">http://midpoint.evolveum.com/<wbr>xml/ns/public/common/common-3</a>"<wbr>><br>
<c:code><br>
import com.evolveum.midpoint.prism.<wbr>delta.builder.*<br>
import com.evolveum.midpoint.xml.ns._<br>
public.common.common_3.*<br>
import com.evolveum.prism.xml.ns._<wbr>public.types_3.*<br>
<br>
def resourceOid = '3d566aa3-e9f2-4e8d-8218-<wbr>72c0aad5273b'<br>
// resource OID where you need to send pwd<br>
def prismContext = midpoint.getPrismContext()<br>
<br>
<a href="http://log.info" rel="noreferrer" target="_blank">log.info</a>('Processing user: {}', input)<br>
input.linkRef<br>
.findAll { midpoint.resolveReference(it)?<wbr>.resourceRef.oid<br>
== resourceOid }<br>
.each {<br>
<a href="http://log.info" rel="noreferrer" target="_blank">log.info</a>(' - Processing shadow: {}', it)<br>
def delta = DeltaBuilder.deltaFor(<wbr>ShadowType.class, prismContext)<br>
.item(ShadowType.F_<wbr>CREDENTIALS, CredentialsType.F_PASSWORD,<br>
PasswordType.F_VALUE)<br>
.replace(input.credentials.<wbr>password.value)<br>
.asObjectDelta(it.oid)<br>
<a href="http://log.info" rel="noreferrer" target="_blank">log.info</a>(' - delta: {}', delta.debugDump())<br>
midpoint.modifyObject(delta, null)<br>
}<br>
</c:code><br>
</c:value><br>
</s:parameter><br>
</s:action><br>
</s:search><br>
</scext:executeScript><br>
</extension><br>
<ownerRef oid="00000000-0000-0000-0000-<wbr>000000000002" /><br>
<executionStatus>suspended</<wbr>executionStatus><br>
<br>
<category>BulkActions</<wbr>category><br>
<handlerUri><a href="http://midpoint.evolveum.com/xml/ns/public/" rel="noreferrer" target="_blank">http://midpoint.<wbr>evolveum.com/xml/ns/public/</a><br>
model/scripting/handler-3</<wbr>handlerUri><br>
<recurrence>single</<wbr>recurrence><br>
</task><br>
<br>
</objects><br>
<br>
Gustav<br>
<br>
<br>
<br>
> 2017-03-01 22:43 GMT+01:00 Peter Healy <<a href="mailto:phealy3330@gmail.com">phealy3330@gmail.com</a>>:<br>
><br>
>> Hi All,<br>
>> I currently have midpoint set up to manage one resource with the resource<br>
>> shadows linked to a midpoint account for a number of users.<br>
>><br>
>> I am wondering how I can trigger an outbound password sync down to a<br>
>> second resource I just added.<br>
>> The new resource accounts have been linking automatically to the midpoint<br>
>> accounts.<br>
>><br>
>> I am pretty sure that if I set a new password or re-set the same password<br>
>> it will get pushed down into the linked accounts in the new resource but, I<br>
>> need to do this for ~50 accounts and would like a better way to do this in<br>
>> bulk and without having to do a lot of custom scripting.<br>
>><br>
>> What is the best mechanism to force a user's current password down to a<br>
>> new resource?<br>
>><br>
>> Thanks,<br>
>> Peter<br>
>><br>
>> ______________________________<wbr>_________________<br>
>> midPoint mailing list<br>
>> <a href="mailto:midPoint@lists.evolveum.com">midPoint@lists.evolveum.com</a><br>
>> <a href="http://lists.evolveum.com/mailman/listinfo/midpoint" rel="noreferrer" target="_blank">http://lists.evolveum.com/<wbr>mailman/listinfo/midpoint</a><br>
>><br>
>><br>
><br>
><br>
-------------- next part --------------<br>
An HTML attachment was scrubbed...<br>
URL: <<a href="http://lists.evolveum.com/pipermail/midpoint/attachments/20170301/2ac87926/attachment-0001.html" rel="noreferrer" target="_blank">http://lists.evolveum.com/<wbr>pipermail/midpoint/<wbr>attachments/20170301/2ac87926/<wbr>attachment-0001.html</a>><br>
<br>
------------------------------<br>
<br>
Subject: Digest Footer<br>
<br>
______________________________<wbr>_________________<br>
midPoint mailing list<br>
<a href="mailto:midPoint@lists.evolveum.com">midPoint@lists.evolveum.com</a><br>
<a href="http://lists.evolveum.com/mailman/listinfo/midpoint" rel="noreferrer" target="_blank">http://lists.evolveum.com/<wbr>mailman/listinfo/midpoint</a><br>
<br>
<br>
------------------------------<br>
<br>
End of midPoint Digest, Vol 59, Issue 10<br>
******************************<wbr>**********<br>
</blockquote></div><br></div></div></div>