<div dir="ltr"><div dir="ltr"><div dir="ltr"><div>Hi, Martin</div><div>Thank you for response and solution. I will save it for future use<br></div><div></div><div>I have found more simple solution via bulk task</div><div><br></div><div> <task><br> <name>Assign role to users</name><br> <extension><br> <scext:executeScript xmlns:scext="<a href="http://midpoint.evolveum.com/xml/ns/public/model/scripting/extension-3">http://midpoint.evolveum.com/xml/ns/public/model/scripting/extension-3</a>"><br> <s:search xmlns:s="<a href="http://midpoint.evolveum.com/xml/ns/public/model/scripting-3">http://midpoint.evolveum.com/xml/ns/public/model/scripting-3</a>"><br> <s:type>c:UserType</s:type><br> <s:searchFilter><br> <q:or><br> <q:equal><br> <q:matching>strictIgnoreCase</q:matching><br> <q:path>name</q:path><br> <q:value>TESTUSER1</q:value><br> </q:equal><br> <q:equal><br> <q:matching>strictIgnoreCase</q:matching><br> <q:path>name</q:path> <br> <q:value>TESTUSER2</q:value><br> </q:equal><br> </q:or> <br> </s:searchFilter><br> <s:action><br> <s:type>assign</s:type><br> <s:parameter><br> <s:name>role</s:name><br> <c:value xsi:type="q:SearchFilterType"><br> <q:equal> <br> <q:matching>strictIgnoreCase</q:matching><br> <q:path>name</q:path><br> <q:value>ROLE1</q:value><br> </q:equal><br> </c:value><br> </s:parameter><br> </s:action><br> </s:search><br> </scext:executeScript> <br> </extension> <br> <ownerRef oid="00000000-0000-0000-0000-000000000002"/><br> <executionStatus>runnable</executionStatus><br> <category>BulkActions</category><br> <handlerUri><a href="http://midpoint.evolveum.com/xml/ns/public/model/scripting/handler-3">http://midpoint.evolveum.com/xml/ns/public/model/scripting/handler-3</a></handlerUri><br> <recurrence>single</recurrence><br> </task><br></div><div><br></div><div><br></div></div></div></div><br><div class="gmail_quote"><div dir="ltr">On Mon, 5 Nov 2018 at 22:03, Martin Lízner - AMI Praha a.s. <<a href="mailto:martin.lizner@ami.cz">martin.lizner@ami.cz</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div dir="ltr">You cant. You need to do it in a script. Like this:<div><br></div><div><div><s:pipeline></div><div><span style="white-space:pre-wrap"> </span><expression xsiType='SearchExpressionType'></div><div><span style="white-space:pre-wrap"> </span><type>UserType</type></div><div><span style="white-space:pre-wrap"> </span><searchFilter></div><div><span style="white-space:pre-wrap"> </span><equal></div><div><span style="white-space:pre-wrap"> </span><path>name</path></div><div><span style="white-space:pre-wrap"> </span><value>Fantomas</value></div><div><span style="white-space:pre-wrap"> </span></equal></div><div><span style="white-space:pre-wrap"> </span></searchFilter></div><div><span style="white-space:pre-wrap"> </span></expression></div><div><span style="white-space:pre-wrap"> </span><expression xsiType="ActionExpressionType"></div><div><span style="white-space:pre-wrap"> </span><s:type>execute-script</s:type></div><div><span style="white-space:pre-wrap"> </span><s:parameter></div><div><span style="white-space:pre-wrap"> </span><s:name>script</s:name></div><div><span style="white-space:pre-wrap"> </span><c:value></div><div><span style="white-space:pre-wrap"> </span><c:code></div><div><span style="white-space:pre-wrap"> </span>import com.evolveum.midpoint.xml.ns._public.common.common_3.*</div><div><span style="white-space:pre-wrap"> </span>import com.evolveum.midpoint.prism.delta.builder.*</div><div><span style="white-space:pre-wrap"> </span>import com.evolveum.midpoint.model.api.*</div><div><span style="white-space:pre-wrap"> </span></div><div><span style="white-space:pre-wrap"> </span>roleName = "YOUR ROLE NAME";</div><div><span style="white-space:pre-wrap"> </span></div><div><span style="white-space:pre-wrap"> </span>addAssignment = new AssignmentType()<span style="white-space:pre-wrap"> </span></div><div><span style="white-space:pre-wrap"> </span>addAssignment.target = midpoint.searchObjectByName(RoleType.class, roleName)</div><div><span style="white-space:pre-wrap"> </span></div><div><span style="white-space:pre-wrap"> </span>if (addAssignment.target != null) {</div><div><span style="white-space:pre-wrap"> </span>delta = DeltaBuilder.deltaFor(FocusType.class, prismContext)</div><div><span style="white-space:pre-wrap"> </span>.item(FocusType.F_ASSIGNMENT).add(addAssignment.asPrismContainerValue())</div><div><span style="white-space:pre-wrap"> </span>.asObjectDelta(input.oid)</div><div><span style="white-space:pre-wrap"> </span></div><div><span style="white-space:pre-wrap"> </span>midpoint.modifyObject(delta, ModelExecuteOptions.createRaw())</div><div><span style="white-space:pre-wrap"> </span>} else {</div><div><span style="white-space:pre-wrap"> </span>throw new Exception("Role not found: "+roleName);</div><div><span style="white-space:pre-wrap"> </span>}</div><div><span style="white-space:pre-wrap"> </span></c:code></div><div><span style="white-space:pre-wrap"> </span></c:value></div><div><span style="white-space:pre-wrap"> </span></s:parameter></div><div><span style="white-space:pre-wrap"> </span></expression><span style="white-space:pre-wrap"> </span></div><div><span style="white-space:pre-wrap"> </span></s:pipeline></div></div><div><br></div><div>M.<br clear="all"><div><div dir="ltr" class="m_2563428469818712600gmail_signature"><div dir="ltr"><div><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><p style="color:rgb(0,0,0);font-family:Verdana,Arial,Helvetica,sans-serif;font-size:10px"><span style="font-family:Arial,sans-serif;font-size:11px"><strong><span style="font-size:13px">Martin Lízner</span></strong><br><span style="color:rgb(128,128,128)">chief solution architect</span></span></p><p style="color:rgb(0,0,0);font-family:Verdana,Arial,Helvetica,sans-serif;font-size:10px">gsm: [+420] 737 745 571<br>e‑mail: <a href="mailto:martin.lizner@ami.cz" target="_blank">martin.lizner@ami.cz</a></p><p style="color:rgb(0,0,0);font-family:Verdana,Arial,Helvetica,sans-serif;font-size:10px"><strong>AMI Praha a.s.</strong><br>Pláničkova 11, 162 00 Praha 6</p><p style="color:rgb(0,0,0);font-family:Verdana,Arial,Helvetica,sans-serif;font-size:10px">tel.: [+420] 274 783 239 | web: <a href="http://dtp.ami.cz/www.ami.cz" target="_blank">www.ami.cz</a></p><p style="color:rgb(0,0,0);font-family:Verdana,Arial,Helvetica,sans-serif;font-size:10px;margin-top:20px"><img src="http://www.ami.cz/images/podpis/ami_logo.gif" alt="AMI Praha a.s." style="border:0px"></p><p style="color:rgb(0,0,0);font-family:Verdana,Arial,Helvetica,sans-serif;font-size:10px"><span style="color:rgb(170,170,170)">Textem tohoto e‑mailu podepisující neslibuje uzavřít ani neuzavírá za společnost AMI Praha a.s.<br>jakoukoliv smlouvu. Každá smlouva, pokud bude uzavřena, musí mít výhradně písemnou formu.<br><span style="font-size:6px"> </span><br>Tento e‑mail je určen výhradně pro potřeby jeho adresáta/ů a může obsahovat důvěrné nebo osobní<br>informace. Nejste‑li zamýšleným příjemcem, je zakázáno jakékoliv zveřejňování, zprostředkování<br>nebo jiné použití těchto informací. Pokud jste obdrželi e‑mail neoprávněně, informujte o tom prosím<br>odesílatele a vymažte neprodleně všechny kopie tohoto e‑mailu včetně všech jeho příloh. Nakládáním<br>s neoprávněně získanými informacemi se vystavujete riziku právního postihu.</span></p></div></div></div></div></div></div></div></div></div><br></div></div></div><br><div class="gmail_quote"><div dir="ltr">po 29. 10. 2018 v 15:24 odesílatel Oleksandr Nekriach <<a href="mailto:o.nekriach@dynatech.lv" target="_blank">o.nekriach@dynatech.lv</a>> napsal:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div></div>Hi guys,<br>Need a solution to bulk assign role to users by role name, please help.<br>Can't find an example how to do this by role name. There are many examples of how to do this by OID (see below) but I need by role name.<br>I will be very appreciated for help.<div><br></div><div><s:search xmlns:s="<a href="http://midpoint.evolveum.com/xml/ns/public/model/scripting-3" class="m_2563428469818712600m_-5001583465838506798external-link" rel="nofollow" target="_blank">http://midpoint.evolveum.com/xml/ns/public/model/scripting-3</a>"<br> xmlns:c="<a href="http://midpoint.evolveum.com/xml/ns/public/common/common-3" class="m_2563428469818712600m_-5001583465838506798external-link" rel="nofollow" target="_blank">http://midpoint.evolveum.com/xml/ns/public/common/common-3</a>"<br> xmlns:t="<a href="http://prism.evolveum.com/xml/ns/public/types-3" class="m_2563428469818712600m_-5001583465838506798external-link" rel="nofollow" target="_blank">http://prism.evolveum.com/xml/ns/public/types-3</a>"<br> xmlns:q="<a href="http://prism.evolveum.com/xml/ns/public/query-3" class="m_2563428469818712600m_-5001583465838506798external-link" rel="nofollow" target="_blank">http://prism.evolveum.com/xml/ns/public/query-3</a>"<br> xmlns:xsi="<a href="http://www.w3.org/2001/XMLSchema-instance" class="m_2563428469818712600m_-5001583465838506798external-link" rel="nofollow" target="_blank">http://www.w3.org/2001/XMLSchema-instance</a>"<br> xmlns:xsd="<a href="http://www.w3.org/2001/XMLSchema" class="m_2563428469818712600m_-5001583465838506798external-link" rel="nofollow" target="_blank">http://www.w3.org/2001/XMLSchema</a>"><br> <s:type>c:UserType</s:type><br> <s:searchFilter><br> <q:or><br> <q:equal><br> <q:path>name</q:path><br> <q:value xmlns:xsi="<a href="http://www.w3.org/2001/XMLSchema-instance" class="m_2563428469818712600m_-5001583465838506798external-link" rel="nofollow" target="_blank">http://www.w3.org/2001/XMLSchema-instance</a>"<br> xsi:type="t:PolyStringType">testuser</q:value><br> </q:equal><br> <q:equal><br> <q:path>name</q:path><br> <q:value xmlns:xsi="<a href="http://www.w3.org/2001/XMLSchema-instance" class="m_2563428469818712600m_-5001583465838506798external-link" rel="nofollow" target="_blank">http://www.w3.org/2001/XMLSchema-instance</a>"<br> xsi:type="t:PolyStringType">testuser2</q:value><br> </q:equal><br> </q:or> <br> </s:searchFilter><br> <s:action><br> <s:type>assign</s:type><br> <s:parameter><br> <s:name>role</s:name><br> <c:value xsi:type="xsd:string">6f1559e0-030a-4f40-a118-66c252af0001</c:value><br> </s:parameter><br> </s:action><br></s:search></div><div><br></div><div><br></div><div>-- <br><div dir="ltr" class="m_2563428469818712600m_-5001583465838506798gmail_signature"><div dir="ltr"><div><div dir="ltr"><span style="color:rgb(76,76,76)">Best regards, <br><br><img src="cid:o.nekriach@dynatech.lv1520941785292-7770"> <br><br>Oleksandr Nekriach | Identity and access management engineer <br><br>Dynatech, <a href="https://www.google.com/maps/place/DYNATECH/@56.9575205,24.1107235,17z/data=!3m1!4b1!4m5!3m4!1s0x46eecf5753e42351:0x23b120b9745cae62!8m2!3d56.9575205!4d24.1129122" target="_blank">Jeruzalemes iela 1, Rīga, LV-1010, Latvia</a><br><br><div style="display:inline-block"><a href="tel:+371%2025%20314%20685" value="+37125314685" target="_blank">+37125314685</a></div>, <div style="display:inline-block"><a href="mailto:o.nekriach@dynatech.lv" target="_blank">o.nekriach@dynatech.lv</a></div> | <div style="display:inline-block"><a href="http://www.dynatech.lv" target="_blank">www.dynatech.lv</a></div> <br><br>Stay connected: <br><div style="display:inline-block;margin:5px 5px 0px 0px"><a href="https://www.facebook.com/DynatechLatvia/?ref=br_rs" target="_blank"><img src="cid:o.nekriach@dynatech.lv1520941785292-7771"></a></div><div style="display:inline-block;margin:5px 0px 0px"><a href="https://www.linkedin.com/company-beta/17893047/" target="_blank"><img src="cid:o.nekriach@dynatech.lv1520941785292-7772"></a></div><br><br><span style="font-size:11px;color:rgb(161,161,161)">Confidentiality
Notice: This message contains confidential information and is intended
only for the named recipient(s). If you are not the addressee you may
not copy, distribute or perform any other activities with this
information. If you have received this transmission in error, please
notify us by e-mail immediately. E-mail transmission cannot be
guaranteed to be secure or error-free as information could be
intercepted, corrupted, lost, destroyed, arrive late or incomplete, or
contain viruses.</span></span></div></div></div></div></div></div></div></div></div>
_______________________________________________<br>
midPoint mailing list<br>
<a href="mailto:midPoint@lists.evolveum.com" target="_blank">midPoint@lists.evolveum.com</a><br>
<a href="http://lists.evolveum.com/mailman/listinfo/midpoint" rel="noreferrer" target="_blank">http://lists.evolveum.com/mailman/listinfo/midpoint</a><br>
</blockquote></div>
_______________________________________________<br>
midPoint mailing list<br>
<a href="mailto:midPoint@lists.evolveum.com" target="_blank">midPoint@lists.evolveum.com</a><br>
<a href="http://lists.evolveum.com/mailman/listinfo/midpoint" rel="noreferrer" target="_blank">http://lists.evolveum.com/mailman/listinfo/midpoint</a><br>
</blockquote></div><br clear="all"><br>-- <br><div dir="ltr" class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"><div><div dir="ltr"><span style="color:rgb(76,76,76)">Best regards, <br><br><img src="cid:o.nekriach@dynatech.lv1520941785292-7770"> <br><br>Oleksandr Nekriach | Identity and access management engineer <br><br>Dynatech, <a href="https://www.google.com/maps/place/DYNATECH/@56.9575205,24.1107235,17z/data=!3m1!4b1!4m5!3m4!1s0x46eecf5753e42351:0x23b120b9745cae62!8m2!3d56.9575205!4d24.1129122" target="_blank">Jeruzalemes iela 1, Rīga, LV-1010, Latvia</a><br><br><div style="display:inline-block"><a href="tel:+371%2025%20314%20685" value="+37125314685" target="_blank">+37125314685</a></div>, <div style="display:inline-block"><a href="mailto:o.nekriach@dynatech.lv" target="_blank">o.nekriach@dynatech.lv</a></div> | <div style="display:inline-block"><a href="http://www.dynatech.lv" target="_blank">www.dynatech.lv</a></div> <br><br>Stay connected: <br><div style="display:inline-block;margin:5px 5px 0px 0px"><a href="https://www.facebook.com/DynatechLatvia/?ref=br_rs" target="_blank"><img src="cid:o.nekriach@dynatech.lv1520941785292-7771"></a></div><div style="display:inline-block;margin:5px 0px 0px"><a href="https://www.linkedin.com/company-beta/17893047/" target="_blank"><img src="cid:o.nekriach@dynatech.lv1520941785292-7772"></a></div><br><br><span style="font-size:11px;color:rgb(161,161,161)">Confidentiality
Notice: This message contains confidential information and is intended
only for the named recipient(s). If you are not the addressee you may
not copy, distribute or perform any other activities with this
information. If you have received this transmission in error, please
notify us by e-mail immediately. E-mail transmission cannot be
guaranteed to be secure or error-free as information could be
intercepted, corrupted, lost, destroyed, arrive late or incomplete, or
contain viruses.</span></span></div></div></div></div>