<div dir="ltr"><div dir="ltr"><div>Hello list,</div><div><br></div><div>We tried updating our test server from 3.8 to 3.9. The update seemed OK, but we were unable to login using AD/LDAP authentication. The logs would alert that our user objects were invalid, because they have an assignment with targetRef.type with value "ObjectType", which resulted in a parse object exception.</div><div><pre>2019-03-11 09:02:24,273 [REPOSITORY] [main] ERROR (com.evolveum.midpoint.repo.sql.helpers.ObjectRetriever): Couldn't parse object UserType e934a8e4-fea1-4518-9d93-503bf4ee950a: com.evolveum.midpoint.util.exception.SchemaException: Target type specified in reference {<a href="http://midpoint.evolveum.com/xml/ns/public/common/common-3}targetRef">http://midpoint.evolveum.com/xml/ns/public/common/common-3}targetRef</a> ({<a href="http://midpoint.evolveum.com/xml/ns/public/common/common-3}ObjectType">http://midpoint.evolveum.com/xml/ns/public/common/common-3}ObjectType</a>) does not match target type in schema ({<a href="http://midpoint.evolveum.com/xml/ns/public/common/common-3}FocusType">http://midpoint.evolveum.com/xml/ns/public/common/common-3}FocusType</a>)
</pre></div><div><br></div><div>So we disabled ldap authentication and logged in with the administrator account. Looking at the users xml object, we see the faulty assignment:</div><div><br></div><div><pre> <assignment id="2">
<metadata>
<requestTimestamp>2018-06-19T16:54:51.349-03:00</requestTimestamp>
<requestorRef oid="00000000-0000-0000-0000-000000000002"
relation="org:default"
type="c:UserType"/>
<createTimestamp>2018-06-19T16:54:56.253-03:00</createTimestamp>
<creatorRef oid="00000000-0000-0000-0000-000000000002"
relation="org:default"
type="c:UserType"/>
<createChannel><a href="http://midpoint.evolveum.com/xml/ns/public/provisioning/channels-3#import">http://midpoint.evolveum.com/xml/ns/public/provisioning/channels-3#import</a></createChannel>
<createTaskRef oid="5251c97d-8be4-46b1-bbb7-f5fc9f4d0213"
relation="org:default"
type="c:TaskType"/>
<originMappingName>User template mapping</originMappingName>
</metadata>
<targetRef oid="24a5f2be-aed1-49e2-b3f6-9a13ed397342"
relation="org:default"
<b>type="c:ObjectType"</b>/>
<activation>
<effectiveStatus>enabled</effectiveStatus>
</activation>
</assignment><br><br></pre><pre>These assignments were created by a user template mapping, using version 3.7. <br>Maybe it was a bug, I don't know, but they are everywhere.<br></pre><pre>So we reverted to 3.8 and tried a bulk task with some script in order to rewrite this value. <br>It didn't work, it actually erased all assignments and rewrote only the corrected one. <br>I guess I need some helping with these delta scripts, can anyone assist me, please?<br><br>The task definition is below:<br><br><scext:executeScript<br> xmlns:scext="<a href="http://midpoint.evolveum.com/xml/ns/public/model/scripting/extension-3">http://midpoint.evolveum.com/xml/ns/public/model/scripting/extension-3</a>"<br> xmlns:s="<a href="http://midpoint.evolveum.com/xml/ns/public/model/scripting-3">http://midpoint.evolveum.com/xml/ns/public/model/scripting-3</a>"<br> xmlns:c="<a href="http://midpoint.evolveum.com/xml/ns/public/common/common-3">http://midpoint.evolveum.com/xml/ns/public/common/common-3</a>"<br> xmlns:q="<a href="http://prism.evolveum.com/xml/ns/public/query-3">http://prism.evolveum.com/xml/ns/public/query-3</a>"<br> xmlns:xsi="<a href="http://www.w3.org/2001/XMLSchema-instance">http://www.w3.org/2001/XMLSchema-instance</a>"><br> <s:search xmlns:s="<a href="http://midpoint.evolveum.com/xml/ns/public/model/scripting-3">http://midpoint.evolveum.com/xml/ns/public/model/scripting-3</a>"><br> <s:type>c:UserType</s:type><br> <s:action><br> <s:type>execute-script</s:type><br> <s:parameter><br> <s:name>script</s:name><br> <c:value xsi:type="c:ScriptExpressionEvaluatorType"><br> <c:code><br> import com.evolveum.midpoint.xml.ns._public.common.common_3.UserType;<br> import com.evolveum.midpoint.xml.ns._public.common.common_3.RoleType;<br> import com.evolveum.midpoint.xml.ns._public.common.common_3.AssignmentType;<br> import com.evolveum.midpoint.prism.delta.ObjectDelta;<br> import com.evolveum.midpoint.model.api.ModelExecuteOptions;<br> <br> userDelta = null;<br> allAssignments = input?.getAssignment();<br> allAssignments?.each {<br> if(it.getTargetRef()?.getType().getLocalPart() == "ObjectType") {<br> AssignmentType a = it.clone();<br> a.getTargetRef().setType(new QName('<a href="http://midpoint.evolveum.com/xml/ns/public/common/common-3">http://midpoint.evolveum.com/xml/ns/public/common/common-3</a>', 'RoleType')); <br> if (userDelta == null){<br> userDelta = ObjectDelta.createModificationReplaceContainer(UserType.class, input?.getOid(), UserType.F_ASSIGNMENT, midpoint.getPrismContext(), a);<br> } else {<br> userDelta.addModificationReplaceContainer(UserType.F_ASSIGNMENT, a);<br> }<br> <br> }<br> }<br> <br> if (userDelta != null){<br> midpoint.executeChanges([ userDelta ], ModelExecuteOptions.createRaw());<br> }<br> </c:code><br> </c:value><br> </s:parameter><br> </s:action><br> </s:search><br> <options><br> <continueOnAnyError>true</continueOnAnyError><br> </options><br></scext:executeScript><br><br><br></pre><pre><br></pre></div><div><br></div><div><br></div></div></div>