<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<p>Hi,</p>
<p>first of all, to have more than one accounts for the same user on
the same resource, you need to use multiple intents. One intent
will be for standard accounts and the other one (e.g. named
"admin") will be for admin accounts. All intents need to have
separate schema handling configuration, in the same resouce. This
also implies that the naming conventions must be different.</p>
<p>You can start with
<a class="moz-txt-link-freetext" href="https://wiki.evolveum.com/display/midPoint/Kind%2C+Intent+and+ObjectClass">https://wiki.evolveum.com/display/midPoint/Kind%2C+Intent+and+ObjectClass</a></p>
<p>I can't find a sample with configuration of two account intents
right now, but I'm sure there is something. We are also teaching
this during the midPoint training.<br>
</p>
<p>Regarding the NPE you should post information from idm.log with
the stack trace to the list.</p>
<p>Best regards,</p>
<p>Ivan<br>
</p>
<br>
<div class="moz-cite-prefix">On 18.12.2017 05:29, Jan Kaspar wrote:<br>
</div>
<blockquote type="cite"
cite="mid:4dY.vC1.3%7Bt3OKCZoVN.1QDqGW@seznam.cz">Hi all,
<div><br>
</div>
<div>I have a questions about admin accounts. I have a user
populated from HR system to MidPoint and to AD.</div>
<div><br>
</div>
<div>I would liket o to create for him admin account on some unix
systems. Basicaly it works with __NAME__.</div>
<div><br>
</div>
<div>i need to change his logon name in unix, because of naming
convention for admin accounts. It have to be in </div>
<div>format admin.lastname.</div>
<div><br>
</div>
<div>I tryed to build short script:</div>
<div><br>
</div>
<div>
<div> $oldName = name.toString()</div>
<div> $adminPrefix = "admin"</div>
<div> $adminName =
$oldName.substring($oldName.lastIndexOf(".")+1)</div>
<div> $outName = $adminPrefix + '.' + $adminName</div>
<div> return $outName </div>
</div>
<div><br>
</div>
<div>It return correct values but during provisioning i get error:</div>
<div><br>
</div>
<div>
<div
style="box-sizing:border-box;color:rgb(255,255,255);padding:10px;border-radius:0px
3px 3px 0px;background:rgb(221,75,57);font-family:'Source Sans
Pro','Helvetica
Neue',Helvetica,Arial,sans-serif;font-size:14px"><span
style="box-sizing:border-box;display:inline-block;font-variant-numeric:normal;font-variant-east-asian:normal;font-stretch:normal;line-height:1;font-family:FontAwesome;font-size:18px;text-rendering:auto;margin:0px
10px 0px 0px"></span> <a
style="box-sizing:border-box;background-color:transparent;color:rgb(255,255,255);text-decoration-line:none;display:inline-block;margin:0px;line-height:1"
moz-do-not-send="true"><span
style="box-sizing:border-box;font-weight:700;display:inline-block;margin:0px;line-height:1">Add
object failed</span></a>
<div
style="box-sizing:border-box;float:right;right:10px;top:5px"><a
style="box-sizing:border-box;background:transparent;color:rgb(255,255,255);text-decoration-line:none;display:inline-block;padding:5px;margin-bottom:0px;font-size:12px;line-height:1.42857;text-align:center;white-space:nowrap;vertical-align:middle;touch-action:manipulation;user-select:none;border:0px;border-radius:3px;box-shadow:none"
moz-do-not-send="true"><span
style="box-sizing:border-box;display:inline-block;font-variant-numeric:normal;font-variant-east-asian:normal;font-stretch:normal;line-height:1;font-family:FontAwesome;font-size:inherit;text-rendering:auto"></span></a> <a
style="box-sizing:border-box;background:transparent;color:rgb(255,255,255);text-decoration-line:none;display:inline-block;padding:5px;margin-bottom:0px;font-size:12px;line-height:1.42857;text-align:center;white-space:nowrap;vertical-align:middle;touch-action:manipulation;user-select:none;border:0px;border-radius:3px;box-shadow:none"
href="http://192.168.2.103:8080/midpoint/admin/user/265b6984-20de-4698-be59-e00b7f1e1ab0?45-1.ILinkListener-feedbackContainer-feedback-list-0-message-detailsBox-details-type-subresults-0-subresult-detailsBox-details-type-subresults-1-subresult-detailsBox-details-type-subresults-2-subresult-detailsBox-details-type-subresults-0-subresult-detailsBox-details-type-subresults-2-subresult-detailsBox-details-type-subresults-0-subresult-detailsBox-details-type-subresults-2-subresult-detailsBox-downloadXml"
moz-do-not-send="true"><span
style="box-sizing:border-box;display:inline-block;font-variant-numeric:normal;font-variant-east-asian:normal;font-stretch:normal;line-height:1;font-family:FontAwesome;font-size:inherit;text-rendering:auto"></span></a> <a
style="box-sizing:border-box;background:transparent;color:rgb(255,255,255);text-decoration-line:none;display:inline-block;padding:5px;margin-bottom:0px;font-size:12px;line-height:1.42857;text-align:center;white-space:nowrap;vertical-align:middle;touch-action:manipulation;user-select:none;border:0px;border-radius:3px;box-shadow:none"
moz-do-not-send="true"><span
style="box-sizing:border-box;display:inline-block;font-variant-numeric:normal;font-variant-east-asian:normal;font-stretch:normal;line-height:1;font-family:FontAwesome;font-size:inherit;text-rendering:auto"></span></a></div>
</div>
<div style="box-sizing:border-box;border-radius:0px 0px 3px
3px;padding:5px 0px 0px
10px;color:rgb(51,51,51);font-family:'Source Sans
Pro','Helvetica
Neue',Helvetica,Arial,sans-serif;font-size:14px">
<div style="box-sizing:border-box">
<dl style="box-sizing:border-box;margin-bottom:20px">
<dt
style="box-sizing:border-box;line-height:1.42857;font-weight:700;float:left;width:100px;overflow:hidden;clear:left;text-align:right;text-overflow:ellipsis;white-space:nowrap">Operation</dt>
<dd
style="box-sizing:border-box;line-height:1.42857;margin-left:130px;word-break:break-word"><span
style="box-sizing:border-box;font-weight:700">Add
object (Ucf)</span></dd>
<dt
style="box-sizing:border-box;line-height:1.42857;font-weight:700;float:left;width:100px;overflow:hidden;clear:left;text-align:right;text-overflow:ellipsis;white-space:nowrap">Message</dt>
<dd
style="box-sizing:border-box;line-height:1.42857;margin-left:130px;word-break:break-word">Add
object failed</dd>
<dt
style="box-sizing:border-box;line-height:1.42857;font-weight:700;float:left;width:100px;overflow:hidden;clear:left;text-align:right;text-overflow:ellipsis;white-space:nowrap">Parameters</dt>
<dd
style="box-sizing:border-box;line-height:1.42857;margin-left:130px;word-break:break-word">
<table
style="box-sizing:border-box;border-spacing:0px;border-collapse:collapse;background-color:transparent;border:0px">
<tbody style="box-sizing:border-box">
<tr style="box-sizing:border-box">
<th
style="box-sizing:border-box;padding:0px;text-align:left;vertical-align:top">additionalOperations</th>
<td style="box-sizing:border-box;padding:0px 20px 0px 5px;white-space:pre-wrap;word-break:break-all">[[
]]</td>
</tr>
<tr style="box-sizing:border-box">
<th
style="box-sizing:border-box;padding:0px;text-align:left;vertical-align:top">resourceObject</th>
<td style="box-sizing:border-box;padding:0px 20px 0px 5px;white-space:pre-wrap;word-break:break-all">[shadow:null(null)]</td>
</tr>
</tbody>
</table>
</dd>
<dd
style="box-sizing:border-box;line-height:1.42857;margin-left:130px;word-break:break-word">
<table
style="box-sizing:border-box;border-spacing:0px;border-collapse:collapse;background-color:transparent;border:0px">
</table>
</dd>
<dd
style="box-sizing:border-box;line-height:1.42857;margin-left:130px;word-break:break-word"><br>
</dd>
</dl>
<div style="box-sizing:border-box">
<div style="box-sizing:border-box">
<div
style="box-sizing:border-box;border-radius:3px;background-image:initial;background-position:initial;background-size:initial;background-repeat:initial;background-attachment:initial;background-origin:initial;background-clip:initial;border-width:0px
0px 0px
3px;border-top-style:initial;border-top-color:initial;margin-bottom:20px;width:1538px;box-shadow:rgba(0,0,0,0.1)0px
0px
0px;word-break:inherit;border-right-style:initial;border-bottom-style:initial;border-left-style:solid;border-right-color:initial;border-bottom-color:initial;border-left-color:rgb(221,75,57);border-image:initial">
<div
style="box-sizing:border-box;color:rgb(255,255,255);padding:10px;border-radius:0px
3px 3px 0px;background:rgb(221,75,57)"><span
style="box-sizing:border-box;display:inline-block;font-variant-numeric:normal;font-variant-east-asian:normal;font-stretch:normal;line-height:1;font-family:FontAwesome;font-size:18px;text-rendering:auto;margin:0px
10px 0px 0px"></span> <a
style="box-sizing:border-box;background-color:transparent;color:rgb(255,255,255);text-decoration-line:none;display:inline-block;margin:0px;line-height:1"
moz-do-not-send="true"><span
style="box-sizing:border-box;font-weight:700;display:inline-block;margin:0px;line-height:1">Create
(Icf)</span></a>
<div
style="box-sizing:border-box;float:right;right:10px;top:5px"><a
style="box-sizing:border-box;background:transparent;color:rgb(255,255,255);text-decoration-line:none;display:inline-block;padding:5px;margin-bottom:0px;font-size:12px;line-height:1.42857;text-align:center;white-space:nowrap;vertical-align:middle;touch-action:manipulation;user-select:none;border:0px;border-radius:3px;box-shadow:none"
moz-do-not-send="true"><span
style="box-sizing:border-box;display:inline-block;font-variant-numeric:normal;font-variant-east-asian:normal;font-stretch:normal;line-height:1;font-family:FontAwesome;font-size:inherit;text-rendering:auto"></span></a> <a
style="box-sizing:border-box;background:transparent;color:rgb(255,255,255);text-decoration-line:none;display:inline-block;padding:5px;margin-bottom:0px;font-size:12px;line-height:1.42857;text-align:center;white-space:nowrap;vertical-align:middle;touch-action:manipulation;user-select:none;border:0px;border-radius:3px;box-shadow:none"
href="http://192.168.2.103:8080/midpoint/admin/user/265b6984-20de-4698-be59-e00b7f1e1ab0?45-1.ILinkListener-feedbackContainer-feedback-list-0-message-detailsBox-details-type-subresults-0-subresult-detailsBox-details-type-subresults-1-subresult-detailsBox-details-type-subresults-2-subresult-detailsBox-details-type-subresults-0-subresult-detailsBox-details-type-subresults-2-subresult-detailsBox-details-type-subresults-0-subresult-detailsBox-details-type-subresults-2-subresult-detailsBox-details-type-subresults-0-subresult-detailsBox-downloadXml"
moz-do-not-send="true"><span
style="box-sizing:border-box;display:inline-block;font-variant-numeric:normal;font-variant-east-asian:normal;font-stretch:normal;line-height:1;font-family:FontAwesome;font-size:inherit;text-rendering:auto"></span></a> <a
style="box-sizing:border-box;background:transparent;color:rgb(255,255,255);text-decoration-line:none;display:inline-block;padding:5px;margin-bottom:0px;font-size:12px;line-height:1.42857;text-align:center;white-space:nowrap;vertical-align:middle;touch-action:manipulation;user-select:none;border:0px;border-radius:3px;box-shadow:none"
moz-do-not-send="true"><span
style="box-sizing:border-box;display:inline-block;font-variant-numeric:normal;font-variant-east-asian:normal;font-stretch:normal;line-height:1;font-family:FontAwesome;font-size:inherit;text-rendering:auto"></span></a></div>
</div>
<div style="box-sizing:border-box;border-radius:0px
0px 3px 3px;padding:5px 0px 0px 10px">
<div style="box-sizing:border-box">
<dl
style="box-sizing:border-box;margin-bottom:20px">
<dt
style="box-sizing:border-box;line-height:1.42857;font-weight:700;float:left;width:100px;overflow:hidden;clear:left;text-align:right;text-overflow:ellipsis;white-space:nowrap">Operation</dt>
<dd
style="box-sizing:border-box;line-height:1.42857;margin-left:130px;word-break:break-word"><span
style="box-sizing:border-box;font-weight:700">Create (Icf)</span></dd>
<dt
style="box-sizing:border-box;line-height:1.42857;font-weight:700;float:left;width:100px;overflow:hidden;clear:left;text-align:right;text-overflow:ellipsis;white-space:nowrap">Parameters</dt>
<dd
style="box-sizing:border-box;line-height:1.42857;margin-left:130px;word-break:break-word">
<table
style="box-sizing:border-box;border-spacing:0px;border-collapse:collapse;background-color:transparent;border:0px">
<tbody style="box-sizing:border-box">
<tr style="box-sizing:border-box">
<th
style="box-sizing:border-box;padding:0px;text-align:left;vertical-align:top">objectClass</th>
<td style="box-sizing:border-box;padding:0px 20px 0px 5px;white-space:pre-wrap;word-break:break-all">[ObjectClass: __ACCOUNT__]</td>
</tr>
<tr style="box-sizing:border-box">
<th
style="box-sizing:border-box;padding:0px;text-align:left;vertical-align:top">options</th>
<td style="box-sizing:border-box;padding:0px 20px 0px 5px;white-space:pre-wrap;word-break:break-all">[OperationOptions: {}]</td>
</tr>
<tr style="box-sizing:border-box">
<th
style="box-sizing:border-box;padding:0px;text-align:left;vertical-align:top">attributes</th>
<td style="box-sizing:border-box;padding:0px 20px 0px 5px;white-space:pre-wrap;word-break:break-all">[Attribute: {Name=uid, Value=[16]}, Attribute: {Name=__PASSWORD__, Value=[org.identityconnectors.common.security.GuardedString@e71c9d98]}, Attribute: {Name=homeDir, Value=[/home/admin.wright]}, Attribute: {Name=shell, Value=[/bin/bash]}, Attribute: {Name=__NAME__, Value=[admin.wright]}, Attribute: {Name=comment, Value=[Hector Wright]}, Attribute: {Name=__ENABLE__, Value=[true]}]</td>
</tr>
<tr style="box-sizing:border-box">
<th
style="box-sizing:border-box;padding:0px;text-align:left;vertical-align:top">auxiliaryObjectClasses</th>
<td style="box-sizing:border-box;padding:0px 20px 0px 5px;white-space:pre-wrap;word-break:break-all">[]</td>
</tr>
</tbody>
</table>
</dd>
<dt
style="box-sizing:border-box;line-height:1.42857;font-weight:700;float:left;width:100px;overflow:hidden;clear:left;text-align:right;text-overflow:ellipsis;white-space:nowrap">Context</dt>
<dd
style="box-sizing:border-box;line-height:1.42857;margin-left:130px;word-break:break-word">
<table
style="box-sizing:border-box;border-spacing:0px;border-collapse:collapse;background-color:transparent;border:0px">
<tbody style="box-sizing:border-box">
<tr style="box-sizing:border-box">
<th
style="box-sizing:border-box;padding:0px;text-align:left;vertical-align:top">connector</th>
<td style="box-sizing:border-box;padding:0px 20px 0px 5px;white-space:pre-wrap;word-break:break-all">[class org.identityconnectors.framework.impl.api.local.LocalConnectorFacadeImpl]</td>
</tr>
</tbody>
</table>
</dd>
<dt
style="box-sizing:border-box;line-height:1.42857;font-weight:700;float:left;width:100px;overflow:hidden;clear:left;text-align:right;text-overflow:ellipsis;white-space:nowrap">Error</dt>
<dd
style="box-sizing:border-box;line-height:1.42857;margin-left:130px;word-break:break-word"><br>
</dd>
<dd
style="box-sizing:border-box;line-height:1.42857;margin-left:130px;word-break:break-word"><a
style="box-sizing:border-box;background-color:transparent;color:rgb(60,141,188);text-decoration-line:none"
moz-do-not-send="true">show</a></dd>
<dd style="box-sizing:border-box;line-height:1.42857;margin-left:130px;font-family:monospace;white-space:pre-wrap;font-size:11px;word-break:break-word">java.lang.NullPointerException</dd>
</dl>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
</div>
<div><br>
</div>
<div><br>
</div>
<div><br>
</div>
<div><br>
</div>
<div>
<div> <objectType id="2"></div>
<div> <kind>account</kind></div>
<div> <displayName>Normal
Account</displayName></div>
<div> <default>true</default></div>
<div>
<objectClass>ri:AccountObjectClass</objectClass></div>
<div> <attribute id="4"></div>
<div> <c:ref>icfs:name</c:ref></div>
<div> <displayName>Distinguished
Name</displayName></div>
<div> <limitations></div>
<div> <minOccurs>0</minOccurs></div>
<div> <access></div>
<div> <read>true</read></div>
<div> <add>true</add></div>
<div> <modify>true</modify></div>
<div> </access></div>
<div> </limitations></div>
<div> <tolerant>false</tolerant></div>
<div>
<exclusiveStrong>false</exclusiveStrong></div>
<div> <outbound></div>
<div>
<authoritative>false</authoritative></div>
<div> <exclusive>false</exclusive></div>
<div> <strength>normal</strength></div>
<div> <source></div>
<div> <c:path>$user/name</c:path></div>
<div> </source></div>
<div> <expression></div>
<div> <script
xmlns:xsi=<a class="moz-txt-link-rfc2396E" href="http://www.w3.org/2001/XMLSchema-instance">"http://www.w3.org/2001/XMLSchema-instance"</a></div>
<div>
xsi:type="c:ScriptExpressionEvaluatorType"></div>
<div> <code></div>
<div> $oldName = name.toString()</div>
<div> $adminPrefix = "admin"</div>
<div> $adminName =
$oldName.substring($oldName.lastIndexOf(".")+1)</div>
<div> $outName = $adminPrefix + '.' + $adminName</div>
<div> return $outName </div>
<div> </code></div>
<div> </script></div>
<div> </expression></div>
<div> </outbound></div>
<div> </attribute></div>
<div> <attribute id="5"></div>
<div> <c:ref>icfs:uid</c:ref></div>
<div> <displayName>Entry
UUID</displayName></div>
<div> <limitations></div>
<div> <access></div>
<div> <read>true</read></div>
<div> <add>false</add></div>
<div> <modify>true</modify></div>
<div> </access></div>
<div> </limitations></div>
<div> </attribute></div>
<div> <attribute id="6"></div>
<div> <c:ref>ri:comment</c:ref></div>
<div> <displayName>Comment</displayName></div>
<div> <tolerant>false</tolerant></div>
<div>
<exclusiveStrong>false</exclusiveStrong></div>
<div> <outbound></div>
<div> <source></div>
<div> <c:path>fullName</c:path></div>
<div> </source></div>
<div> </outbound></div>
<div> </attribute></div>
<div> <attribute id="7"></div>
<div> <c:ref>ri:homeDir</c:ref></div>
<div> <displayName>Home
directory</displayName></div>
<div> <tolerant>false</tolerant></div>
<div>
<exclusiveStrong>false</exclusiveStrong></div>
<div> <outbound></div>
<div>
<authoritative>false</authoritative></div>
<div> <exclusive>false</exclusive></div>
<div> <strength>normal</strength></div>
<div> <source></div>
<div> <c:path>name</c:path></div>
<div> </source></div>
<div> <expression></div>
<div> <script
xmlns:xsi=<a class="moz-txt-link-rfc2396E" href="http://www.w3.org/2001/XMLSchema-instance">"http://www.w3.org/2001/XMLSchema-instance"</a></div>
<div>
xsi:type="c:ScriptExpressionEvaluatorType"></div>
<div> <code></div>
<div> $oldName = name.toString()</div>
<div> $adminPrefix = "admin"</div>
<div> $adminName =
$oldName.substring($oldName.lastIndexOf(".")+1)</div>
<div> return '/home/' + $adminPrefix + '.' + $adminName
</div>
<div> </code></div>
<div> </script></div>
<div> </expression></div>
<div> </outbound></div>
<div> </attribute></div>
<div> <attribute id="8"></div>
<div> <c:ref>ri:uid</c:ref></div>
<div> <displayName>Unix UID</displayName></div>
<div> <outbound></div>
<div> <source></div>
<div>
<c:path>employeeNumber</c:path></div>
<div> </source></div>
<div> </outbound></div>
<div> </attribute></div>
<div> <attribute id="9"></div>
<div> <c:ref>ri:shell</c:ref></div>
<div> <displayName>Shell</displayName></div>
<div> <outbound></div>
<div> <expression></div>
<div> <value>/bin/bash</value></div>
<div> </expression></div>
<div> </outbound></div>
<div> </attribute></div>
<div> <association id="10"></div>
<div> <c:ref>ri:unixGroup</c:ref></div>
<div> <displayName>LDAP Group
Membership</displayName></div>
<div> <kind>entitlement</kind></div>
<div> <intent>unixGroup</intent></div>
<div>
<direction>subjectToObject</direction></div>
<div>
<associationAttribute>ri:groups</associationAttribute></div>
<div>
<valueAttribute>icfs:name</valueAttribute></div>
<div> </association></div>
<div> <protected></div>
<div> <icfs:name>midpoint</icfs:name></div>
<div> </protected></div>
<div> <protected></div>
<div> <icfs:name>root</icfs:name></div>
<div> </protected></div>
<div> <activation></div>
<div> <administrativeStatus></div>
<div> <outbound id="11"></div>
<div> <expression></div>
<div> <asIs
xmlns:xsi=<a class="moz-txt-link-rfc2396E" href="http://www.w3.org/2001/XMLSchema-instance">"http://www.w3.org/2001/XMLSchema-instance"</a></div>
<div>
xsi:type="c:AsIsExpressionEvaluatorType"/></div>
<div> </expression></div>
<div> </outbound></div>
<div> </administrativeStatus></div>
<div> </activation></div>
<div> <credentials></div>
<div> <password
xmlns:xsi=<a class="moz-txt-link-rfc2396E" href="http://www.w3.org/2001/XMLSchema-instance">"http://www.w3.org/2001/XMLSchema-instance"</a></div>
<div>
xsi:type="c:ResourcePasswordDefinitionType"></div>
<div> <outbound></div>
<div> <expression></div>
<div> <asIs
xsi:type="c:AsIsExpressionEvaluatorType"/></div>
<div> </expression></div>
<div> </outbound></div>
<div> </password></div>
<div> </credentials></div>
<div> </objectType></div>
</div>
<div><br>
</div>
<div>Following question is if i am able to create two accounts to
one resource. Reason is the same. User has his personall account
and also admin account.</div>
<div>it will be driven by assigned role. </div>
<div><br>
</div>
<div>Thanks </div>
<div><br>
</div>
<div>Jan</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
midPoint mailing list
<a class="moz-txt-link-abbreviated" href="mailto:midPoint@lists.evolveum.com">midPoint@lists.evolveum.com</a>
<a class="moz-txt-link-freetext" href="http://lists.evolveum.com/mailman/listinfo/midpoint">http://lists.evolveum.com/mailman/listinfo/midpoint</a>
</pre>
</blockquote>
<br>
<pre class="moz-signature" cols="72">--
Ivan Noris
Senior Identity Engineer
evolveum.com
</pre>
</body>
</html>