<html>
<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<p>Hi Tommy,<br>
</p>
<br>
<div class="moz-cite-prefix">On 04/20/2017 08:41 AM, Tommy Montegu
wrote:<br>
</div>
<blockquote cite="mid:048001d2b9a1$32f388e0$98da9aa0$@exodata.fr"
type="cite">
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta name="Generator" content="Microsoft Word 15 (filtered
medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri",sans-serif;
mso-fareast-language:EN-US;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:#0563C1;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:#954F72;
text-decoration:underline;}
span.EmailStyle17
{mso-style-type:personal-compose;
font-family:"Calibri",sans-serif;
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-family:"Calibri",sans-serif;
mso-fareast-language:EN-US;}
@page WordSection1
{size:612.0pt 792.0pt;
margin:70.85pt 70.85pt 70.85pt 70.85pt;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
<div class="WordSection1">
<p class="MsoNormal"><span lang="EN-US">Hello,<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">I have some difficulties
(because I’m French) to understand how to synchronize two
resource to a user.<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">This is my situation :<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">I have imported my
midPoint user from my AD. So I have my AD configured as a
resource, and I have my users which have one projections :
my AD resource.<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">I have configured my
Zimbra mail server as a resource, thanks to LDAP. My
resource is UP, and I saw all zimbraAccounts in my resource
> Accounts.<o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">So my question is : Is
it possible to take the zimbraAccount which the fullName or
DN (or every other attributes) match the DN (or everything
else) in my midpoint user, and to synchronize them ?</span></p>
</div>
</blockquote>
<br>
Yes of course; just like you did your synchronization for the AD
(initial import or whatever), you need to setup the synchronization
for Zimbra (LDAP). You need to specify which Zimbra account
attribute will be used to search for midPoint users and how.
Typically I can imagine that you take "uid" from Zimbra and search
midPoint users with the same name attribute. Or you can take DN,
parse the uid from there, and use that to search midPoint users with
the same name attribute.<br>
<br>
<blockquote cite="mid:048001d2b9a1$32f388e0$98da9aa0$@exodata.fr"
type="cite">
<div class="WordSection1">
<p class="MsoNormal"><span lang="EN-US"><o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">I would like to add the
account in zimbra as a projection, to the existent midpoint
user. But I have more zimbraAccount (because of galsync,
etc..) than user. And I would like to know if there are a
way (by configuring some synchronization with reaction) to
add automatically the mail account to the user in the
midpoint.</span></p>
</div>
</blockquote>
<br>
If you configure the synchronization in resource, you can then run
Reconciliation and it will match and link the users. Of course first
try with "dry run" setting in the reconciliation task.<br>
<br>
<blockquote cite="mid:048001d2b9a1$32f388e0$98da9aa0$@exodata.fr"
type="cite">
<div class="WordSection1">
<p class="MsoNormal"><span lang="EN-US"><o:p></o:p></span></p>
<p class="MsoNormal"><span lang="EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span lang="EN-US">I hope my explanation
are clear. I read a lot about projections and generic
synchronization in the wiki, but I don’t understand some
point. I hope someone can help me to configure, or just
explain me, what I have to do to add the corresponding mail
account, from my zimbra resource, to the corresponding users
in midPoint.<o:p></o:p></span></p>
</div>
</blockquote>
<br>
For now I think you don't need generic synchronization. If you are
synchronizing just accounts and users, things are much easier to do.<br>
Please try to lookup some samples for our LDAP resources, e.g. for
openldap. BTW I have just realized there is actually Zimbra resource
sample (but without synchronization) in
<a class="moz-txt-link-freetext" href="https://github.com/Evolveum/midpoint/blob/master/samples/resources/zimbra/ldap-zimbra.xml">https://github.com/Evolveum/midpoint/blob/master/samples/resources/zimbra/ldap-zimbra.xml</a><br>
<br>
Regards,<br>
Ivan<br>
<pre class="moz-signature" cols="72">--
Ivan Noris
Senior Identity Engineer
evolveum.com
</pre>
</body>
</html>