<div dir="ltr">Hi Peter,<div><br></div><div>what is your's MP version where you try to import? </div><div>I tried it in 3.5 and it is working for me as I sent to you.</div><div><span style="color:rgb(51,51,51);font-family:arial,sans-serif;font-size:14px">execute-script </span>feature is supported from MP v. 3.4.1:</div><div><a href="https://wiki.evolveum.com/display/midPoint/Bulk+actions">https://wiki.evolveum.com/display/midPoint/Bulk+actions</a><br></div><div><br></div><div>Do you try also over MP GUI Configuration-->Import objects?</div><div><br></div><div>Best regards,</div><div><br></div><div>Gustav</div><div><br><div class="gmail_extra"><br><div class="gmail_quote">2017-03-02 16:12 GMT+01:00 Peter Healy <span dir="ltr"><<a href="mailto:phealy3330@gmail.com">phealy3330@gmail.com</a>></span>:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr">Hi Gustav,<div>Thanks so much for your reply!</div><div>I have another question though, I am very new to midpoint and am having trouble running your example. When I paste it into bulk actions I get:</div><div><span style="color:rgb(51,51,51);font-family:"source sans pro","helvetica neue",helvetica,arial,sans-serif;font-size:14px">Provided text is not a bulk action object. An instance of {scripting-3}<wbr>ScriptingExpressionType is expected; you have provided class com.evolveum.prism.xml.ns._<wbr>public.types_3.RawType instead.</span></div><div><font color="#333333" face="source sans pro, helvetica neue, helvetica, arial, sans-serif"><span style="font-size:14px"><br></span></font></div><div><font color="#333333" face="source sans pro, helvetica neue, helvetica, arial, sans-serif"><span style="font-size:14px">It then occurred to me that since you've given me a whole xml object this is probably intended me to use an API call, so I tried this after changing to OID to my resource:</span></font></div><div><font color="#333333" face="source sans pro, helvetica neue, helvetica, arial, sans-serif"><span style="font-size:14px"><br></span></font></div><div><font color="#333333" face="source sans pro, helvetica neue, helvetica, arial, sans-serif"><div><span style="font-size:14px">curl -v administrator:$ADMIN_PASSWORD -H "Content-Type: application/xml" -X POST http://$MIDPOINT_URL:8080/<wbr>midpoint/model/rest/tasks -d @example.xml</span></div><div><span style="font-size:14px"><br></span></div><div>But I get:</div><div><span style="font-size:14px">* Server auth using Basic with user 'administrator'</span></div><div><span style="font-size:14px">> POST /midpoint/model/rest/tasks HTTP/1.1</span></div><div><span style="font-size:14px">> User-Agent: curl/7.47.0</span></div><div><span style="font-size:14px">> Accept: */*</span></div><div><span style="font-size:14px">> Content-Type: application/xml</span></div><div><span style="font-size:14px">> Content-Length: 2494</span></div><div><span style="font-size:14px">> Expect: 100-continue</span></div><div><span style="font-size:14px">> </span></div><div><span style="font-size:14px">< HTTP/1.1 100 Continue</span></div><div><span style="font-size:14px">* We are completely uploaded and fine</span></div><div><span style="font-size:14px">< HTTP/1.1 500 </span></div><div><span style="font-size:14px">< Date: Thu, 02 Mar 2017 14:32:43 GMT</span></div><div><span style="font-size:14px">< Server: Apache/2.4.25 (Debian)</span></div><div><span style="font-size:14px">[..omitted..]</span></div><div><span style="font-size:14px"> </span></div><div><span style="font-size:14px"><span class="gmail-m_-3401681269378788984gmail-Apple-tab-span" style="white-space:pre-wrap"> </span><div>Unexpected error occurred, if necessary please contact system administrator.</div></span></div><div><span style="font-size:14px"><span class="gmail-m_-3401681269378788984gmail-Apple-tab-span" style="white-space:pre-wrap"> </span></p></span></div><div><span style="font-size:14px"><br></span></div><div><span style="font-size:14px">[..omitted..]</span></div><div><span style="font-size:14px"><br></span></div><div><span style="font-size:14px">Based on <a href="https://wiki.evolveum.com/display/midPoint/REST+API">https://wiki.evolveum.com/<wbr>display/midPoint/REST+API</a> I also tried /ws/as the path instead</span></div><div><span style="font-size:14px"><br></span></div><div><span style="font-size:14px">curl -v administrator:$ADMIN_PASSWORD -H "Content-Type: application/xml" -X POST http://$MIDPOINT_URL:8080/<wbr>midpoint/ws/rest/tasks -d @example.xml</span></div><div><span style="font-size:14px"><br></span></div><div><span style="font-size:14px">But got the same 500 error </span></div><div><span style="font-size:14px"><br></span></div><div><span style="font-size:14px">How should I use this, "tasks" is the correct endpoint for this type of object correct? </span></div><div><span style="font-size:14px"><br></span></div><div><span style="font-size:14px"><br></span></div></font><div class="gmail_extra"><br><div class="gmail_quote">On Thu, Mar 2, 2017 at 6:00 AM, <span dir="ltr"><<a href="mailto:midpoint-request@lists.evolveum.com">midpoint-request@lists.<wbr>evolveum.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">Send midPoint mailing list submissions to<br>
<a href="mailto:midpoint@lists.evolveum.com">midpoint@lists.evolveum.com</a><br>
<br>
To subscribe or unsubscribe via the World Wide Web, visit<br>
<a href="http://lists.evolveum.com/mailman/listinfo/midpoint" rel="noreferrer">http://lists.evolveum.com/mail<wbr>man/listinfo/midpoint</a><br>
or, via email, send a message with subject or body 'help' to<br>
<a href="mailto:midpoint-request@lists.evolveum.com">midpoint-request@lists.evolveu<wbr>m.com</a><br>
<br>
You can reach the person managing the list at<br>
<a href="mailto:midpoint-owner@lists.evolveum.com">midpoint-owner@lists.evolveum.<wbr>com</a><br>
<br>
When replying, please edit your Subject line so it is more specific<br>
than "Re: Contents of midPoint digest..."<br>
<br>
<br>
Today's Topics:<br>
<br>
1. Push out existing password to newly added resource (Peter Healy)<br>
2. Re: Push out existing password to newly added resource<br>
(Pálos Gustáv)<br>
<br>
<br>
------------------------------<wbr>------------------------------<wbr>----------<br>
<br>
Message: 1<br>
Date: Wed, 1 Mar 2017 16:43:27 -0500<br>
From: Peter Healy <<a href="mailto:phealy3330@gmail.com">phealy3330@gmail.com</a>><br>
To: <a href="mailto:midpoint@lists.evolveum.com">midpoint@lists.evolveum.com</a><br>
Subject: [midPoint] Push out existing password to newly added<br>
resource<br>
Message-ID:<br>
<CADnbc=<a href="mailto:y3gm4Kc195s536fJ3vq4ASD7d0HPvd-KDhOC574QfG4w@mail.gmail.com">y3gm4Kc195s536fJ3vq4AS<wbr>D7d0HPvd-KDhOC574QfG4w@mail.gm<wbr>ail.com</a>><br>
Content-Type: text/plain; charset="utf-8"<span class="gmail-"><br>
<br>
Hi All,<br>
I currently have midpoint set up to manage one resource with the resource<br>
shadows linked to a midpoint account for a number of users.<br>
<br>
I am wondering how I can trigger an outbound password sync down to a second<br>
resource I just added.<br>
The new resource accounts have been linking automatically to the midpoint<br>
accounts.<br>
<br>
I am pretty sure that if I set a new password or re-set the same password<br>
it will get pushed down into the linked accounts in the new resource but, I<br>
need to do this for ~50 accounts and would like a better way to do this in<br>
bulk and without having to do a lot of custom scripting.<br>
<br>
What is the best mechanism to force a user's current password down to a<br>
new resource?<br>
<br>
Thanks,<br>
Peter<br></span>
-------------- next part --------------<br>
An HTML attachment was scrubbed...<br>
URL: <<a href="http://lists.evolveum.com/pipermail/midpoint/attachments/20170301/66d2828a/attachment-0001.html" rel="noreferrer">http://lists.evolveum.com/pip<wbr>ermail/midpoint/attachments/<wbr>20170301/66d2828a/attachment-<wbr>0001.html</a>><br>
<br>
------------------------------<br>
<br>
Message: 2<br>
Date: Wed, 1 Mar 2017 23:43:30 +0100<br>
From: Pálos Gustáv <<a href="mailto:gustav.palos@evolveum.com">gustav.palos@evolveum.com</a>><br>
To: midPoint General Discussion <<a href="mailto:midpoint@lists.evolveum.com">midpoint@lists.evolveum.com</a>><br>
Subject: Re: [midPoint] Push out existing password to newly added<br>
resource<br>
Message-ID:<br>
<CAPXQVkf2S_eg1JKAQpAQi2QjB5DM<wbr>_RxXR6q4YqdM42Ni2vk=<a href="mailto:8g@mail.gmail.com">8g@mail.gm<wbr>ail.com</a>><br>
Content-Type: text/plain; charset="utf-8"<div><div class="gmail-h5"><br>
<br>
Hi Peter,<br>
<br>
you can do this over bulk task, next sample send password for all users who<br>
has an account in resource with mentioned resourceOid<br>
<br>
<?xml version="1.0" encoding="UTF-8"?><br>
<br>
<objects xmlns="<a href="http://midpoint.evolveum.com/xml/ns/public/common/common-3" rel="noreferrer">http://midpoint.evolveu<wbr>m.com/xml/ns/public/common/<wbr>common-3</a>"<br>
xmlns:c="<a href="http://midpoint.evolveum.com/xml/ns/public/common/common-3" rel="noreferrer">http://midpoint.evolv<wbr>eum.com/xml/ns/public/common/<wbr>common-3</a>"<br>
xmlns:q="<a href="http://prism.evolveum.com/xml/ns/public/query-3" rel="noreferrer">http://prism.evolveum<wbr>.com/xml/ns/public/query-3</a>" xmlns:t="<br>
<a href="http://prism.evolveum.com/xml/ns/public/types-3" rel="noreferrer">http://prism.evolveum.com/xml/<wbr>ns/public/types-3</a>"<br>
xmlns:ri="<a href="http://midpoint.evolveum.com/xml/ns/public/resource/instance-3" rel="noreferrer">http://midpoint.evol<wbr>veum.com/xml/ns/public/resourc<wbr>e/instance-3</a>"<br>
xmlns:icfs="<a href="http://midpoint.evolveum.com/xml/ns/public/" rel="noreferrer">http://midpoint.ev<wbr>olveum.com/xml/ns/public/</a><br>
connector/icf-1/resource-schem<wbr>a-3"<br>
xmlns:xsi="<a href="http://www.w3.org/2001/XMLSchema-instance" rel="noreferrer">http://www.w3.org/2<wbr>001/XMLSchema-instance</a>" ><br>
<br>
<br>
<task oid="6218c55d-0fee-4767-a1eb-d<wbr>b7d023441b5"><br>
<name>Replace passwords on Resource - all users</name><br>
<extension><br>
<scext:executeScript xmlns:scext="<a href="http://midpoint" rel="noreferrer">http://midpoint</a>.<br>
<a href="http://evolveum.com/xml/ns/public/model/scripting/extension-3" rel="noreferrer">evolveum.com/xml/ns/public/mod<wbr>el/scripting/extension-3</a>"><br>
<s:search xmlns:s="<a href="http://midpoint.evolveum.com/xml/ns/public/" rel="noreferrer">http://midpoint.evolv<wbr>eum.com/xml/ns/public/</a><br>
model/scripting-3"><br>
<s:type>c:UserType</s:type><br>
<s:action><br>
<s:type>execute-script</s:type<wbr>><br>
<s:parameter><br>
<s:name>script</s:name><br>
<c:value xsi:type="c:ScriptExpressionEv<wbr>aluatorType" xmlns:c="<br>
<a href="http://midpoint.evolveum.com/xml/ns/public/common/common-3" rel="noreferrer">http://midpoint.evolveum.com/x<wbr>ml/ns/public/common/common-3</a>"><br>
<c:code><br>
import <a href="http://com.evolveum.midpoint.prism.de">com.evolveum.midpoint.prism.de</a><wbr>lta.builder.*<br>
import com.evolveum.midpoint.xml.ns._<br>
public.common.common_3.*<br>
import com.evolveum.prism.xml.ns._pub<wbr>lic.types_3.*<br>
<br>
def resourceOid = '3d566aa3-e9f2-4e8d-8218-72c0a<wbr>ad5273b'<br>
// resource OID where you need to send pwd<br>
def prismContext = midpoint.getPrismContext()<br>
<br>
<a href="http://log.info" rel="noreferrer">log.info</a>('Processing user: {}', input)<br>
input.linkRef<br>
.findAll { midpoint.resolveReference(it)?<wbr>.resourceRef.oid<br>
== resourceOid }<br>
.each {<br>
<a href="http://log.info" rel="noreferrer">log.info</a>(' - Processing shadow: {}', it)<br>
def delta = DeltaBuilder.deltaFor(ShadowTy<wbr>pe.class, prismContext)<br>
.item(ShadowType.F_CREDENTIALS<wbr>, CredentialsType.F_PASSWORD,<br>
PasswordType.F_VALUE)<br>
.replace(input.credentials.pas<wbr>sword.value)<br>
.asObjectDelta(it.oid)<br>
<a href="http://log.info" rel="noreferrer">log.info</a>(' - delta: {}', delta.debugDump())<br>
midpoint.modifyObject(delta, null)<br>
}<br>
</c:code><br>
</c:value><br>
</s:parameter><br>
</s:action><br>
</s:search><br>
</scext:executeScript><br>
</extension><br>
<ownerRef oid="00000000-0000-0000-0000-0<wbr>00000000002" /><br>
<executionStatus>suspended</ex<wbr>ecutionStatus><br>
<br>
<category>BulkActions</categor<wbr>y><br>
<handlerUri><a href="http://midpoint.evolveum.com/xml/ns/public/" rel="noreferrer">http://midpoint.ev<wbr>olveum.com/xml/ns/public/</a><br>
model/scripting/handler-3</han<wbr>dlerUri><br>
<recurrence>single</recurrence<wbr>><br>
</task><br>
<br>
</objects><br>
<br>
Gustav<br>
<br>
<br>
<br>
> 2017-03-01 22:43 GMT+01:00 Peter Healy <<a href="mailto:phealy3330@gmail.com">phealy3330@gmail.com</a>>:<br>
><br>
>> Hi All,<br>
>> I currently have midpoint set up to manage one resource with the resource<br>
>> shadows linked to a midpoint account for a number of users.<br>
>><br>
>> I am wondering how I can trigger an outbound password sync down to a<br>
>> second resource I just added.<br>
>> The new resource accounts have been linking automatically to the midpoint<br>
>> accounts.<br>
>><br>
>> I am pretty sure that if I set a new password or re-set the same password<br>
>> it will get pushed down into the linked accounts in the new resource but, I<br>
>> need to do this for ~50 accounts and would like a better way to do this in<br>
>> bulk and without having to do a lot of custom scripting.<br>
>><br>
>> What is the best mechanism to force a user's current password down to a<br>
>> new resource?<br>
>><br>
>> Thanks,<br>
>> Peter<br>
>><br>
>> ______________________________<wbr>_________________<br>
>> midPoint mailing list<br>
>> <a href="mailto:midPoint@lists.evolveum.com">midPoint@lists.evolveum.com</a><br>
>> <a href="http://lists.evolveum.com/mailman/listinfo/midpoint" rel="noreferrer">http://lists.evolveum.com/mail<wbr>man/listinfo/midpoint</a><br>
>><br>
>><br>
><br>
><br></div></div>
-------------- next part --------------<br>
An HTML attachment was scrubbed...<br>
URL: <<a href="http://lists.evolveum.com/pipermail/midpoint/attachments/20170301/2ac87926/attachment-0001.html" rel="noreferrer">http://lists.evolveum.com/pip<wbr>ermail/midpoint/attachments/<wbr>20170301/2ac87926/attachment-<wbr>0001.html</a>><br>
<br>
------------------------------<br>
<br>
Subject: Digest Footer<span class="gmail-"><br>
<br>
______________________________<wbr>_________________<br>
midPoint mailing list<br>
<a href="mailto:midPoint@lists.evolveum.com">midPoint@lists.evolveum.com</a><br>
<a href="http://lists.evolveum.com/mailman/listinfo/midpoint" rel="noreferrer">http://lists.evolveum.com/mail<wbr>man/listinfo/midpoint</a><br>
<br>
<br></span>
------------------------------<br>
<br>
End of midPoint Digest, Vol 59, Issue 10<br>
******************************<wbr>**********<br>
</blockquote></div><br></div></div></div>
<br>______________________________<wbr>_________________<br>
midPoint mailing list<br>
<a href="mailto:midPoint@lists.evolveum.com">midPoint@lists.evolveum.com</a><br>
<a href="http://lists.evolveum.com/mailman/listinfo/midpoint" rel="noreferrer">http://lists.evolveum.com/<wbr>mailman/listinfo/midpoint</a><br>
<br></blockquote></div><br><br clear="all"><div><br></div>-- <br><div class="gmail_signature"><div dir="ltr"><div>Gustáv Pálos</div><div>Identity Engineer</div><a href="http://evolveum.com/" rel="noreferrer" style="color:rgb(17,85,204);font-size:12.8px">evolveum.com</a><br></div></div>
</div></div></div>