<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<p>Hi Rod,</p>
<p>as Chris said, weak would be ok. But I think also normal should
not attempt to change the password. Normal means, there is a
change.</p>
<p>Are the passwords being changed in midpoint as well during the
import? (E.g. are they generated in HR resource inbounds or object
template?)</p>
<p>Ivan<br>
</p>
<div class="moz-cite-prefix">On 9. 6. 2019 17:49, Rod Holman wrote:<br>
</div>
<blockquote type="cite"
cite="mid:DM6PR20MB252162FEB900A181B91A5E11A5120@DM6PR20MB2521.namprd20.prod.outlook.com">
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta name="Generator" content="Microsoft Word 15 (filtered
medium)">
<!--[if !mso]><style>v\:* {behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}
</style><![endif]-->
<style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;}
@font-face
{font-family:Verdana;
panose-1:2 11 6 4 3 5 4 4 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman",serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
p
{mso-style-priority:99;
mso-margin-top-alt:auto;
margin-right:0in;
mso-margin-bottom-alt:auto;
margin-left:0in;
font-size:12.0pt;
font-family:"Times New Roman",serif;}
p.msonormal0, li.msonormal0, div.msonormal0
{mso-style-name:msonormal;
mso-margin-top-alt:auto;
margin-right:0in;
mso-margin-bottom-alt:auto;
margin-left:0in;
font-size:12.0pt;
font-family:"Times New Roman",serif;}
p.xmsonormal, li.xmsonormal, div.xmsonormal
{mso-style-name:x_msonormal;
mso-margin-top-alt:auto;
margin-right:0in;
mso-margin-bottom-alt:auto;
margin-left:0in;
font-size:12.0pt;
font-family:"Times New Roman",serif;}
p.xmsonormal0, li.xmsonormal0, div.xmsonormal0
{mso-style-name:x_msonormal0;
mso-margin-top-alt:auto;
margin-right:0in;
mso-margin-bottom-alt:auto;
margin-left:0in;
font-size:12.0pt;
font-family:"Times New Roman",serif;}
p.xmsochpdefault, li.xmsochpdefault, div.xmsochpdefault
{mso-style-name:x_msochpdefault;
mso-margin-top-alt:auto;
margin-right:0in;
mso-margin-bottom-alt:auto;
margin-left:0in;
font-size:12.0pt;
font-family:"Times New Roman",serif;}
span.xmsohyperlink
{mso-style-name:x_msohyperlink;}
span.xmsohyperlinkfollowed
{mso-style-name:x_msohyperlinkfollowed;}
span.xemailstyle20
{mso-style-name:x_emailstyle20;}
p.xmsonormal1, li.xmsonormal1, div.xmsonormal1
{mso-style-name:x_msonormal1;
margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman",serif;}
span.xmsohyperlink1
{mso-style-name:x_msohyperlink1;
color:blue;
text-decoration:underline;}
span.xmsohyperlinkfollowed1
{mso-style-name:x_msohyperlinkfollowed1;
color:purple;
text-decoration:underline;}
p.xmsonormal01, li.xmsonormal01, div.xmsonormal01
{mso-style-name:x_msonormal01;
margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman",serif;}
span.xemailstyle201
{mso-style-name:x_emailstyle201;
font-family:"Calibri",sans-serif;
color:#1F497D;}
p.xmsochpdefault1, li.xmsochpdefault1, div.xmsochpdefault1
{mso-style-name:x_msochpdefault1;
margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Calibri",sans-serif;}
span.EmailStyle32
{mso-style-type:personal-reply;
font-family:"Calibri",sans-serif;
color:#1F497D;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
<div class="WordSection1">
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D">Hi
Chris,<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D">The
strength was set to Normal. I will try it with it set to
weak. Would it also work if the credentials configuration
or password were temporarily disabled in capabilities?<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D">Thanks,<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D"><o:p> </o:p></span></p>
<div>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D">--Rod<o:p></o:p></span></p>
</div>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D"><o:p> </o:p></span></p>
<div>
<div style="border:none;border-top:solid #E1E1E1
1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif">From:</span></b><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif">
midPoint <a class="moz-txt-link-rfc2396E" href="mailto:midpoint-bounces@lists.evolveum.com"><midpoint-bounces@lists.evolveum.com></a>
<b>On Behalf Of </b>Chris Woods<br>
<b>Sent:</b> Sunday, June 9, 2019 10:48 AM<br>
<b>To:</b> midPoint General Discussion
<a class="moz-txt-link-rfc2396E" href="mailto:midpoint@lists.evolveum.com"><midpoint@lists.evolveum.com></a><br>
<b>Subject:</b> Re: [midPoint] Link current HR account
to existing AD account<o:p></o:p></span></p>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<div>
<div>
<p class="MsoNormal">Hi Rod, <o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<div>
<p class="MsoNormal">what is the strength setting set to for
the outbound credentials mapping? I would set it to weak. <o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<div>
<p class="MsoNormal">Regards, <o:p></o:p></p>
</div>
<div>
<p class="MsoNormal">Chris<o:p></o:p></p>
</div>
<div id="aqm-original">
<div>
<div>
<p class="MsoNormal"
style="mso-margin-top-alt:8.0pt;margin-right:0in;margin-bottom:8.0pt;margin-left:0in"><span
style="font-size:10.0pt;font-family:"Arial",sans-serif;color:black">Am
9. Juni 2019 16:09:41 schrieb Rod Holman <<a
href="mailto:rholman@oaisd.org"
moz-do-not-send="true">rholman@oaisd.org</a>>:<o:p></o:p></span></p>
<blockquote style="border:none;border-left:solid gray
1.0pt;padding:0in 0in 0in
5.0pt;margin-left:4.5pt;margin-right:0in">
<div id="divtagdefaultwrapper">
<p class="MsoNormal"><span style="color:black">Hi
All,<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:black"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="color:black">Since
this is related I thought I'd post my question
on this stream. When we imported hr accounts in
an attempt to link them with existing Active
Directory accounts some (not all) of the Active
Directory passwords changed. We do not want any
Active Directory passwords to change during the
import, but still want the users to be added to
Active Directory groups if applicable. What do
we have to set to insure that all Active
Directory accounts maintain their passwords on
this type of import?<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:black"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="color:black">Thanks,<o:p></o:p></span></p>
<p class="MsoNormal"><span style="color:black">--Rod<o:p></o:p></span></p>
</div>
<div class="MsoNormal" style="text-align:center"
align="center"><span style="color:black">
<hr width="98%" size="3" align="center">
</span></div>
<div id="divRplyFwdMsg">
<p class="MsoNormal"><b><span
style="font-family:"Calibri",sans-serif;color:black">From:</span></b><span
style="font-family:"Calibri",sans-serif;color:black"> midPoint
<<a
href="mailto:midpoint-bounces@lists.evolveum.com"
moz-do-not-send="true">midpoint-bounces@lists.evolveum.com</a>>
on behalf of Rod Holman <<a
href="mailto:rholman@oaisd.org"
moz-do-not-send="true">rholman@oaisd.org</a>><br>
<b>Sent:</b> Friday, March 15, 2019 1:28:46 PM<br>
<b>To:</b> midPoint General Discussion<br>
<b>Subject:</b> Re: [midPoint] Link current HR
account to existing AD account</span><span
style="color:black">
<o:p></o:p></span></p>
<div>
<p class="MsoNormal"><span style="color:black"> <o:p></o:p></span></p>
</div>
</div>
<div>
<div>
<p class="xmsonormal1"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D">Thanks
Arnost. I guess that’s the question I should
have asked Jason, should we also import from
AD? After I set up the import from AD and
imported the user everything synced. </span><span
style="color:black"><o:p></o:p></span></p>
<p class="xmsonormal1"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D"> </span><span
style="color:black"><o:p></o:p></span></p>
<p class="xmsonormal1"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D">Thanks
to all who pitched in to help!</span><span
style="color:black"><o:p></o:p></span></p>
<p class="xmsonormal1"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D"> </span><span
style="color:black"><o:p></o:p></span></p>
<p class="xmsonormal1"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D">--Rod</span><span
style="color:black"><o:p></o:p></span></p>
<p class="xmsonormal1"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D"> </span><span
style="color:black"><o:p></o:p></span></p>
<p class="xmsonormal1"><b><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:black">From:</span></b><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:black">
midPoint <<a
href="mailto:midpoint-bounces@lists.evolveum.com"
moz-do-not-send="true">midpoint-bounces@lists.evolveum.com</a>>
<b>On Behalf Of </b>Arnošt Starosta - AMI
Praha a.s.<br>
<b>Sent:</b> Friday, March 15, 2019 1:01 PM<br>
<b>To:</b> midPoint General Discussion <<a
href="mailto:midpoint@lists.evolveum.com"
moz-do-not-send="true">midpoint@lists.evolveum.com</a>><br>
<b>Subject:</b> Re: [midPoint] Link current HR
account to existing AD account</span><span
style="color:black"><o:p></o:p></span></p>
<p class="xmsonormal1"><span style="color:black"> <o:p></o:p></span></p>
<div>
<p class="xmsonormal1"><span style="color:black">Hi
Rod,<o:p></o:p></span></p>
<div>
<p class="xmsonormal1"><span
style="color:black"> <o:p></o:p></span></p>
</div>
<div>
<p class="xmsonormal1"><span
style="color:black">as Jason pointed out
you should first import or reconcile your
AD accounts. Does your problem happen when
importing from or reconciling AD resource?
If your correlation rule is ok, midpoint
should find the corresponding identities
and link the existing AD accounts.<o:p></o:p></span></p>
</div>
<div>
<p class="xmsonormal1"><span
style="color:black"> <o:p></o:p></span></p>
</div>
<div>
<p class="xmsonormal1"><span
style="color:black">Also reaction
unmatched -> addFocus in your config
seems to be wrong - you don't want to
create identities from AD accounts but
from HR accounts, right?<o:p></o:p></span></p>
</div>
<div>
<p class="xmsonormal1"><span
style="color:black"> <o:p></o:p></span></p>
</div>
<div>
<p class="xmsonormal1"><span
style="color:black">arnost<o:p></o:p></span></p>
</div>
</div>
<p class="xmsonormal1"><span style="color:black"> <o:p></o:p></span></p>
<div>
<div>
<p class="xmsonormal1"><span
style="color:black">pá 15. 3. 2019 v 17:16
odesílatel Rod Holman <<a
href="mailto:rholman@oaisd.org"
moz-do-not-send="true">rholman@oaisd.org</a>>
napsal:<o:p></o:p></span></p>
</div>
<blockquote style="border:none;border-left:solid
#CCCCCC 1.0pt;padding:0in 0in 0in
6.0pt;margin-left:4.8pt;margin-top:5.0pt;margin-right:0in;margin-bottom:5.0pt">
<div>
<div>
<p class="xmsonormal1"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D">Thanks
for the quick response, but that
didn’t work. In my previous post I
stated we are adding the AD resource
to the user via inducement. I meant
projection.</span><span
style="color:black"><o:p></o:p></span></p>
<p class="xmsonormal1"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D"> </span><span
style="color:black"><o:p></o:p></span></p>
<p class="xmsonormal1"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D">By
the way, we are already successfully
importing (in test) new HR users and
they are being added to AD. That
works great! It’s just this initial
synchronization of current users.</span><span
style="color:black"><o:p></o:p></span></p>
<p class="xmsonormal1"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D"> </span><span
style="color:black"><o:p></o:p></span></p>
<div>
<p class="xmsonormal1"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D">--Rod</span><span
style="color:black"><o:p></o:p></span></p>
</div>
<p class="xmsonormal1"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D"> </span><span
style="color:black"><o:p></o:p></span></p>
<div>
<div style="border:none;border-top:solid
#E1E1E1 1.0pt;padding:3.0pt 0in 0in
0in">
<p class="xmsonormal1"><b><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:black">From:</span></b><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:black">
midPoint <<a
href="mailto:midpoint-bounces@lists.evolveum.com"
target="_blank"
moz-do-not-send="true">midpoint-bounces@lists.evolveum.com</a>>
<b>On Behalf Of </b>Gruber,
Michael<br>
<b>Sent:</b> Friday, March 15,
2019 12:02 PM<br>
<b>To:</b> midPoint General
Discussion <<a
href="mailto:midpoint@lists.evolveum.com"
target="_blank"
moz-do-not-send="true">midpoint@lists.evolveum.com</a>><br>
<b>Subject:</b> Re: [midPoint]
Link current HR account to
existing AD account</span><span
style="color:black"><o:p></o:p></span></p>
</div>
</div>
<p class="xmsonormal1"><span
style="color:black"> <o:p></o:p></span></p>
<p class="xmsonormal1"><span
style="font-size:11.0pt;font-family:"Arial",sans-serif;color:#1F497D"
lang="EN-GB">Maybe you have to add a
matching rule</span><span
style="color:black"><o:p></o:p></span></p>
<p class="xmsonormal1"><span
style="font-size:11.0pt;font-family:"Arial",sans-serif;color:#1F497D"
lang="EN-GB"> </span><span
style="color:black"><o:p></o:p></span></p>
<p class="xmsonormal1"><span
style="font-size:11.0pt;font-family:"Arial",sans-serif;color:#1F497D"
lang="EN-GB"><q:equal></span><span
style="color:black"><o:p></o:p></span></p>
<p class="xmsonormal1"><span
style="font-size:11.0pt;font-family:"Arial",sans-serif;color:#1F497D"
lang="EN-GB">
<q:matching><a
href="http://prism.evolveum.com/xml/ns/public/matching-rule-3#polyStringNorm%3C/q:matching"
target="_blank"
moz-do-not-send="true">http://prism.evolveum.com/xml/ns/public/matching-rule-3#polyStringNorm</q:matching</a>></span><span
style="color:black"><o:p></o:p></span></p>
<p class="xmsonormal1"><span
style="font-size:11.0pt;font-family:"Arial",sans-serif;color:#1F497D"
lang="EN-GB">
<q:path>c:name</q:path></span><span
style="color:black"><o:p></o:p></span></p>
<p class="xmsonormal1"><span
style="font-size:11.0pt;font-family:"Arial",sans-serif;color:#1F497D"
lang="EN-GB"> [..]</span><span
style="color:black"><o:p></o:p></span></p>
<p class="xmsonormal1"><span
style="font-size:11.0pt;font-family:"Arial",sans-serif;color:#1F497D"
lang="EN-GB"> </span><span
style="color:black"><o:p></o:p></span></p>
<div>
<div style="border:none;border-top:solid
#B5C4DF 1.0pt;padding:3.0pt 0in 0in
0in">
<p class="xmsonormal1"><b><span
style="font-size:10.0pt;font-family:"Tahoma",sans-serif;color:black"
lang="DE">Von:</span></b><span
style="font-size:10.0pt;font-family:"Tahoma",sans-serif;color:black"
lang="DE"> midPoint [<a
href="mailto:midpoint-bounces@lists.evolveum.com"
target="_blank"
moz-do-not-send="true">mailto:midpoint-bounces@lists.evolveum.com</a>]
<b>Im Auftrag von </b>Rod Holman<br>
<b>Gesendet:</b> Freitag, 15. März
2019 16:33<br>
<b>An:</b> midPoint General
Discussion<br>
<b>Betreff:</b> Re: [midPoint]
Link current HR account to
existing AD account</span><span
style="color:black"><o:p></o:p></span></p>
</div>
</div>
<p class="xmsonormal1"><span
style="color:black" lang="DE"> </span><span
style="color:black"><o:p></o:p></span></p>
<p class="xmsonormal1"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D">We
are only working with one user until
successful then will add the rest. We
imported the HR user into Midpoint and
are now trying to sync by adding
Medusa Active Directory to that user
via inducement. We do not have the AD
resource set up for importing. The HR
resource name value is the same as the
samaccountname value for that user in
AD.</span><span style="color:black"><o:p></o:p></span></p>
<p class="xmsonormal1"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D"> </span><span
style="color:black"><o:p></o:p></span></p>
<p class="xmsonormal1"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D">--Rod</span><span
style="color:black"><o:p></o:p></span></p>
<p class="xmsonormal1"><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D"> </span><span
style="color:black"><o:p></o:p></span></p>
<p class="xmsonormal1"><b><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:black">From:</span></b><span
style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:black">
midPoint <<a
href="mailto:midpoint-bounces@lists.evolveum.com"
target="_blank"
moz-do-not-send="true">midpoint-bounces@lists.evolveum.com</a>>
<b>On Behalf Of </b>Jason Everling<br>
<b>Sent:</b> Friday, March 15, 2019
11:16 AM<br>
<b>To:</b> midPoint General Discussion
<<a
href="mailto:midpoint@lists.evolveum.com"
target="_blank"
moz-do-not-send="true">midpoint@lists.evolveum.com</a>><br>
<b>Subject:</b> Re: [midPoint] Link
current HR account to existing AD
account</span><span
style="color:black"><o:p></o:p></span></p>
<p class="xmsonormal1"><span
style="color:black"> <o:p></o:p></span></p>
<div>
<p class="xmsonormal1"><span
style="color:black">So you imported
all your AD users into midpoint
already and then trying to
import/link the HR users? Or you
imported the HR users and trying to
import/link the AD users? What does
the resource contain for name and/or
dn ?<o:p></o:p></span></p>
<div>
<p class="xmsonormal1"><span
style="color:black"><br
clear="all">
<o:p></o:p></span></p>
<div>
<div>
<div>
<p class="xmsonormal1"><span
style="color:black"> <o:p></o:p></span></p>
</div>
</div>
</div>
</div>
</div>
<p class="xmsonormal1"><span
style="color:black"> <o:p></o:p></span></p>
<div>
<div>
<p class="xmsonormal1"><span
style="color:black">On Fri, Mar
15, 2019 at 8:52 AM Rod Holman
<<a
href="mailto:rholman@oaisd.org"
target="_blank"
moz-do-not-send="true">rholman@oaisd.org</a>>
wrote:<o:p></o:p></span></p>
</div>
<blockquote
style="border:none;border-left:solid
#CCCCCC 1.0pt;padding:0in 0in 0in
6.0pt;margin-left:4.8pt;margin-top:5.0pt;margin-right:0in;margin-bottom:5.0pt">
<div>
<div>
<p class="xmsonormal1"><span
style="color:black">Hi All,<o:p></o:p></span></p>
<p class="xmsonormal1"><span
style="color:black"> <o:p></o:p></span></p>
<p class="xmsonormal1"><span
style="color:black">For our
initial implementation of
Midpoint we want to link
existing accounts from our HR
input to their existing
accounts in active directory.
After they are synced we want
to have Midpoint add/sync
users from HR to AD. As a
test we are trying to link an
existing HR account to an
existing AD account. When we
do this an attempt is made to
add the account to AD no
matter what we try causing an
AlreadyExistsException error.
Below is our object
synchronization for the
account. Is it possible that
the correlation is never
matching the two accounts? We
tried both $account and
$shadow in the correlation
path. We know that the “Name”
attribute in the HR account is
the same as sAMAccountName in
AD. Is there something we’re
doing wrong here?<o:p></o:p></span></p>
<p class="xmsonormal1"><span
style="color:black"> <o:p></o:p></span></p>
<p class="xmsonormal1"><span
style="color:black"><objectSynchronization><o:p></o:p></span></p>
<p class="xmsonormal1"><span
style="color:black">
<name>Account
sync</name><o:p></o:p></span></p>
<p class="xmsonormal1"><span
style="color:black">
<objectClass>ri:user</objectClass><o:p></o:p></span></p>
<p class="xmsonormal1"><span
style="color:black">
<kind>account</kind><o:p></o:p></span></p>
<p class="xmsonormal1"><span
style="color:black">
<intent>default</intent><o:p></o:p></span></p>
<p class="xmsonormal1"><span
style="color:black">
<enabled>true</enabled><o:p></o:p></span></p>
<p class="xmsonormal1"><span
style="color:black">
<correlation><o:p></o:p></span></p>
<p class="xmsonormal1"><span
style="color:black">
<q:equal><o:p></o:p></span></p>
<p class="xmsonormal1"><span
style="color:black">
<q:path>c:name</q:path><o:p></o:p></span></p>
<p class="xmsonormal1"><span
style="color:black">
<expression xmlns=""><o:p></o:p></span></p>
<p class="xmsonormal1"><span
style="color:black">
<path>$account/attributes/ri:sAMAccountName</path><o:p></o:p></span></p>
<p class="xmsonormal1"><span
style="color:black">
</expression><o:p></o:p></span></p>
<p class="xmsonormal1"><span
style="color:black">
</q:equal><o:p></o:p></span></p>
<p class="xmsonormal1"><span
style="color:black">
</correlation><o:p></o:p></span></p>
<p class="xmsonormal1"><span
style="color:black">
<reconcile>false</reconcile><o:p></o:p></span></p>
<p class="xmsonormal1"><span
style="color:black">
<reaction><o:p></o:p></span></p>
<p class="xmsonormal1"><span
style="color:black">
<situation>linked</situation><o:p></o:p></span></p>
<p class="xmsonormal1"><span
style="color:black">
<synchronize>true</synchronize><o:p></o:p></span></p>
<p class="xmsonormal1"><span
style="color:black">
<reconcile>false</reconcile><o:p></o:p></span></p>
<p class="xmsonormal1"><span
style="color:black">
</reaction><o:p></o:p></span></p>
<p class="xmsonormal1"><span
style="color:black">
<reaction><o:p></o:p></span></p>
<p class="xmsonormal1"><span
style="color:black">
<situation>deleted</situation><o:p></o:p></span></p>
<p class="xmsonormal1"><span
style="color:black">
<action ref="<a
href="http://midpoint.evolveum.com/xml/ns/public/model/action-3#unlink"
target="_blank"
moz-do-not-send="true">http://midpoint.evolveum.com/xml/ns/public/model/action-3#unlink</a>"/><o:p></o:p></span></p>
<p class="xmsonormal1"><span
style="color:black">
</reaction><o:p></o:p></span></p>
<p class="xmsonormal1"><span
style="color:black">
<reaction><o:p></o:p></span></p>
<p class="xmsonormal1"><span
style="color:black">
<situation>unlinked</situation><o:p></o:p></span></p>
<p class="xmsonormal1"><span
style="color:black">
<reconcile>false</reconcile><o:p></o:p></span></p>
<p class="xmsonormal1"><span
style="color:black">
<action><o:p></o:p></span></p>
<p class="xmsonormal1"><span
style="color:black">
<handlerUri><a
href="http://midpoint.evolveum.com/xml/ns/public/model/action-3#link"
target="_blank"
moz-do-not-send="true">http://midpoint.evolveum.com/xml/ns/public/model/action-3#link</a></handlerUri><o:p></o:p></span></p>
<p class="xmsonormal1"><span
style="color:black">
</action><o:p></o:p></span></p>
<p class="xmsonormal1"><span
style="color:black">
</reaction><o:p></o:p></span></p>
<p class="xmsonormal1"><span
style="color:black">
<reaction><o:p></o:p></span></p>
<p class="xmsonormal1"><span
style="color:black">
<situation>unmatched</situation><o:p></o:p></span></p>
<p class="xmsonormal1"><span
style="color:black">
<reconcile>false</reconcile><o:p></o:p></span></p>
<p class="xmsonormal1"><span
style="color:black">
<action><o:p></o:p></span></p>
<p class="xmsonormal1"><span
style="color:black">
<handlerUri><a
href="http://midpoint.evolveum.com/xml/ns/public/model/action-3#addFocus"
target="_blank"
moz-do-not-send="true">http://midpoint.evolveum.com/xml/ns/public/model/action-3#addFocus</a></handlerUri><o:p></o:p></span></p>
<p class="xmsonormal1"><span
style="color:black">
</action><o:p></o:p></span></p>
<p class="xmsonormal1"><span
style="color:black">
</reaction><o:p></o:p></span></p>
<p class="xmsonormal1"><span
style="color:black">
</objectSynchronization><o:p></o:p></span></p>
<p class="xmsonormal1"><span
style="color:black"> <o:p></o:p></span></p>
<p class="xmsonormal1"><span
style="color:black">Thank You,<o:p></o:p></span></p>
<p class="xmsonormal1"><span
style="color:black">Rod Holman<o:p></o:p></span></p>
<p class="xmsonormal1"><span
style="color:black"> <o:p></o:p></span></p>
</div>
</div>
<p class="xmsonormal1"><span
style="color:black">_______________________________________________<br>
midPoint mailing list<br>
<a
href="mailto:midPoint@lists.evolveum.com"
target="_blank"
moz-do-not-send="true">midPoint@lists.evolveum.com</a><br>
<a
href="http://lists.evolveum.com/mailman/listinfo/midpoint"
target="_blank"
moz-do-not-send="true">http://lists.evolveum.com/mailman/listinfo/midpoint</a><o:p></o:p></span></p>
</blockquote>
</div>
<p class="xmsonormal1"><span
style="color:black" lang="DE">WWK
Lebensversicherung a. G., Vorstand:
Jürgen Schrameier (V.), Rainer Gebhart
(stv. V.), Dirk Fassott; Vorsitzender
des Aufsichtsrats: Dr. Frank
Schindelhauer, Sitz München,
Registergericht München HR B 211; WWK
Allgemeine Versicherung AG, Vorstand:
Jürgen Schrameier (V.), Rainer Gebhart
(stv. V.), Dirk Fassott; Vorsitzender
des Aufsichtsrats: Prof. Dr. Peter
Reiff, Sitz München, Registergericht
München HR B 5553; WWK
Vermögensverwaltungs und
Dienstleistungs GmbH, Geschäftsführer:
Karl Ruffing, Stefan Sedlmeir, Sitz
München, Registergericht München HR B
76323; WWK Pensionsfonds AG, Vorstand:
Ansgar Eckert, Karl Ruffing, Heinrich
Schüppert; Vorsitzender des
Aufsichtsrats: Dirk Fassott, Sitz
München, Registergericht München HR B
146295; Hausanschrift: Marsstraße 37,
80335 München; WWK Investment S.A.,
Verwaltungsrat: Karl Ruffing (V.),
Ansgar Eckert, Stefan Schneider (Hauck
& Aufhäuser), Handelsregister:
R.C. Luxembourg Nr. B 81 270, Sitz der
Gesellschaft: 1c, rue Gabriel
Lippmann, L-5365 Munsbach </span><span
style="color:black"><o:p></o:p></span></p>
</div>
</div>
<p class="xmsonormal1"><span
style="color:black">_______________________________________________<br>
midPoint mailing list<br>
<a
href="mailto:midPoint@lists.evolveum.com"
target="_blank" moz-do-not-send="true">midPoint@lists.evolveum.com</a><br>
<a
href="http://lists.evolveum.com/mailman/listinfo/midpoint"
target="_blank" moz-do-not-send="true">http://lists.evolveum.com/mailman/listinfo/midpoint</a><o:p></o:p></span></p>
</blockquote>
</div>
<p class="xmsonormal1"><span style="color:black"><br
clear="all">
<o:p></o:p></span></p>
<div>
<p class="xmsonormal1"><span style="color:black"> <o:p></o:p></span></p>
</div>
<p class="xmsonormal1"><span style="color:black">--
<o:p></o:p></span></p>
<div>
<div>
<div>
<div>
<div>
<p class="MsoNormal"><strong><span
style="font-size:10.0pt;font-family:"Arial",sans-serif;color:black">Arnošt
Starosta</span></strong><span
style="font-size:10.0pt;font-family:"Arial",sans-serif;color:black"><br>
</span><span
style="font-size:8.5pt;font-family:"Arial",sans-serif;color:gray">solution
architect</span><span
style="color:black"><o:p></o:p></span></p>
</div>
<p class="MsoNormal"><span
style="font-size:8.5pt;font-family:"Arial",sans-serif;color:black">gsm:
[+420] 603 794 932<br>
e‑mail: <a
href="mailto:arnost.starosta@ami.cz"
target="_blank"
moz-do-not-send="true">arnost.starosta@ami.cz</a></span><span
style="color:black"><o:p></o:p></span></p>
<p class="MsoNormal"><strong><span
style="font-size:8.5pt;font-family:"Arial",sans-serif;color:black">AMI
Praha a.s.</span></strong><span
style="font-size:8.5pt;font-family:"Arial",sans-serif;color:black"><br>
Pláničkova 11, 162 00 Praha 6</span><span
style="color:black"><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:8.5pt;font-family:"Arial",sans-serif;color:black">tel.:
[+420] 274 783 239 | web: <a
href="https://www.ami.cz"
target="_blank"
moz-do-not-send="true">www.ami.cz</a></span><span
style="color:black"><o:p></o:p></span></p>
<p class="MsoNormal"
style="margin-top:15.0pt"><span
style="font-size:7.5pt;font-family:"Verdana",sans-serif;color:black"><img
id="x__x005f_x0000_i1025"
src="http://www.ami.cz/images/podpis/ami_logo.gif"
alt="AMI Praha a.s."
moz-do-not-send="true" border="0"></span><span
style="color:black"><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:8.5pt;font-family:"Arial",sans-serif;color:#AAAAAA">Textem
tohoto e‑mailu podepisující neslibuje
uzavřít ani neuzavírá za společnost
AMI Praha a.s.<br>
jakoukoliv smlouvu. Každá smlouva,
pokud bude uzavřena, musí mít výhradně
písemnou formu.<br>
</span><span
style="font-size:4.5pt;font-family:"Arial",sans-serif;color:#AAAAAA"> </span><span
style="font-size:8.5pt;font-family:"Arial",sans-serif;color:#AAAAAA"><br>
Tento e‑mail je určen výhradně
pro potřeby jeho adresáta/ů a může
obsahovat důvěrné nebo osobní<br>
informace. Nejste‑li zamýšleným
příjemcem, je zakázáno jakékoliv
zveřejňování, zprostředkování<br>
nebo jiné použití těchto informací.
Pokud jste obdrželi e‑mail
neoprávněně, informujte o tom prosím<br>
odesílatele a vymažte neprodleně
všechny kopie tohoto e‑mailu včetně
všech jeho příloh. Nakládáním<br>
s neoprávněně získanými informacemi
se vystavujete riziku právního
postihu.</span><span
style="color:black"><o:p></o:p></span></p>
</div>
</div>
</div>
</div>
</div>
</div>
<div>
<p class="MsoNormal"><span style="color:black">_______________________________________________<o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span style="color:black">midPoint
mailing list<o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span style="color:black"><a
href="mailto:midPoint%40lists.evolveum.com"
moz-do-not-send="true">midPoint@lists.evolveum.com</a><o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span style="color:black"><a
href="http://lists.evolveum.com/mailman/listinfo/midpoint"
moz-do-not-send="true">http://lists.evolveum.com/mailman/listinfo/midpoint</a><o:p></o:p></span></p>
</div>
</blockquote>
</div>
</div>
</div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
</div>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<pre class="moz-quote-pre" wrap="">_______________________________________________
midPoint mailing list
<a class="moz-txt-link-abbreviated" href="mailto:midPoint@lists.evolveum.com">midPoint@lists.evolveum.com</a>
<a class="moz-txt-link-freetext" href="http://lists.evolveum.com/mailman/listinfo/midpoint">http://lists.evolveum.com/mailman/listinfo/midpoint</a>
</pre>
</blockquote>
<pre class="moz-signature" cols="72">--
Ivan Noris
Senior Identity Engineer
evolveum.com
</pre>
</body>
</html>