<div style="color:;font: 10pt Helvetica Neue;">Hello<br>
<br>
<font size="2"><font face="Arial, Helvetica, sans-serif">thanks a lot Pascal for your answer<br>
When i wrote security group, it is windows active directory security groups, Midpoint is a new installation and after the original import of users into midpoint, some active directory security groups have been updated by administrator using powershell.<br>
the result is that the users are assigned correctly in active directory but the users are not assigned to the midpoint roles and doesn't show in the roles members.<br>
Of course on the role projection i can see all the users part of the security group.<br>
<br>
to clarify<br>
<br>
AD security group Midpoint role<br>
"test" -------------------------------------> "test"<br>
</font></font>
<div><font size="2"><font face="Arial, Helvetica, sans-serif">user1 nothing in members <br>
</font></font></div>
<div><font size="2"><font face="Arial, Helvetica, sans-serif">user2</font></font></div>
<div><font size="2"><font face="Arial, Helvetica, sans-serif">user3</font></font><br>
</div>
<div> <br>
</div>
<div><font size="2"><font face="Arial, Helvetica, sans-serif">the goal is to assign the users part of "test" AD security group to "test" midpoint role , without doing another import.</font></font></div>
<div><font size="2"><font face="Arial, Helvetica, sans-serif">we have others AD Security group in the same situation<br>
</font></font></div>
<div><font size="2"><font face="Arial, Helvetica, sans-serif">So i was thinking of a bulk import <br>
</font></font></div>
<div><font size="2"><font face="Arial, Helvetica, sans-serif"><br>
</font></font></div>
<div><font size="2"><font face="Arial, Helvetica, sans-serif">Thanks again for you answer, ill read it carefully</font></font></div>
<div><font size="2"><font face="Arial, Helvetica, sans-serif"><br>
</font></font></div>
<div><font size="2"><font face="Arial, Helvetica, sans-serif">Have a nice day</font></font></div>
<div><br>
</div>
<div><br>
</div>
<div style="font-family:arial,helvetica;font-size:10pt;color:black">-----Original Message-----<br>
From: Pascal PÉRICHON via midPoint <midpoint@lists.evolveum.com><br>
To: midpoint@lists.evolveum.com<br>
Cc: Pascal PÉRICHON <pascal.perichon@u-paris.fr><br>
Sent: Fri, Sep 4, 2020 11:51 am<br>
Subject: Re: [midPoint] midpoint 4.0.1 - need to do a bulk action to assign users from AD specific security group to a role in midpoint<br>
<br>
<div id="yiv8444585419">
<div>
<div>hello,</div>
<div>SomethIng like that : this is a task that you should import from
import menu and run from task menu.</div>
<div>by group you mean midpoint organizations ?<br clear="none">
</div>
<div>This is not tested, so... but it just a start.</div>
<div><br clear="none">
</div>
<?xml version="1.0" encoding="UTF-8"?><br clear="none">
<objects
xmlns=<a rel="nofollow" shape="rect" class="yiv8444585419moz-txt-link-rfc2396E" target="_blank" href="http://midpoint.evolveum.com/xml/ns/public/common/common-3">"http://midpoint.evolveum.com/xml/ns/public/common/common-3"</a><br clear="none">
xmlns:c=<a rel="nofollow" shape="rect" class="yiv8444585419moz-txt-link-rfc2396E" target="_blank" href="http://midpoint.evolveum.com/xml/ns/public/common/common-3">"http://midpoint.evolveum.com/xml/ns/public/common/common-3"</a><br clear="none">
xmlns:q=<a rel="nofollow" shape="rect" class="yiv8444585419moz-txt-link-rfc2396E" target="_blank" href="http://prism.evolveum.com/xml/ns/public/query-3">"http://prism.evolveum.com/xml/ns/public/query-3"</a><br clear="none">
xmlns:t=<a rel="nofollow" shape="rect" class="yiv8444585419moz-txt-link-rfc2396E" target="_blank" href="http://prism.evolveum.com/xml/ns/public/types-3">"http://prism.evolveum.com/xml/ns/public/types-3"</a><br clear="none">
xmlns:xsi=<a rel="nofollow" shape="rect" class="yiv8444585419moz-txt-link-rfc2396E" target="_blank" href="http://www.w3.org/2001/XMLSchema-instance">"http://www.w3.org/2001/XMLSchema-instance"</a>><br clear="none">
<task><br clear="none">
<name>task suppression Assignement
ETUDIANT-LICENCE</name><br clear="none">
<extension><br clear="none">
<scext:executeScript
xmlns:scext=<a rel="nofollow" shape="rect" class="yiv8444585419moz-txt-link-rfc2396E" target="_blank" href="http://midpoint.evolveum.com/xml/ns/public/model/scripting/extension-3">"http://midpoint.evolveum.com/xml/ns/public/model/scripting/extension-3"</a><br clear="none">
xmlns:s=<a rel="nofollow" shape="rect" class="yiv8444585419moz-txt-link-rfc2396E" target="_blank" href="http://midpoint.evolveum.com/xml/ns/public/model/scripting-3">"http://midpoint.evolveum.com/xml/ns/public/model/scripting-3"</a><br clear="none">
xmlns:c=<a rel="nofollow" shape="rect" class="yiv8444585419moz-txt-link-rfc2396E" target="_blank" href="http://midpoint.evolveum.com/xml/ns/public/common/common-3">"http://midpoint.evolveum.com/xml/ns/public/common/common-3"</a><br clear="none">
xmlns:t=<a rel="nofollow" shape="rect" class="yiv8444585419moz-txt-link-rfc2396E" target="_blank" href="http://prism.evolveum.com/xml/ns/public/types-3">"http://prism.evolveum.com/xml/ns/public/types-3"</a><br clear="none">
xmlns:xsi=<a rel="nofollow" shape="rect" class="yiv8444585419moz-txt-link-rfc2396E" target="_blank" href="http://www.w3.org/2001/XMLSchema-instance">"http://www.w3.org/2001/XMLSchema-instance"</a><br clear="none">
xmlns:api=<a rel="nofollow" shape="rect" class="yiv8444585419moz-txt-link-rfc2396E" target="_blank" href="http://midpoint.evolveum.com/xml/ns/public/common/api-types-3">"http://midpoint.evolveum.com/xml/ns/public/common/api-types-3"</a><br clear="none">
xmlns:q=<a rel="nofollow" shape="rect" class="yiv8444585419moz-txt-link-rfc2396E" target="_blank" href="http://prism.evolveum.com/xml/ns/public/query-3">"http://prism.evolveum.com/xml/ns/public/query-3"</a><br clear="none">
xmlns:xsd=<a rel="nofollow" shape="rect" class="yiv8444585419moz-txt-link-rfc2396E" target="_blank" href="http://www.w3.org/2001/XMLSchema">"http://www.w3.org/2001/XMLSchema"</a><br clear="none">
xmlns:org=<a rel="nofollow" shape="rect" class="yiv8444585419moz-txt-link-rfc2396E" target="_blank" href="http://midpoint.evolveum.com/xml/ns/public/common/org-3">"http://midpoint.evolveum.com/xml/ns/public/common/org-3"</a>><br clear="none">
<s:search><br clear="none">
<s:type>c:UserType</s:type><br clear="none">
<s:query><br clear="none">
<q:filter><br clear="none">
<q:and><br clear="none">
<q:equal><br clear="none">
<q:path>subtype</q:path><br clear="none">
<q:value>ETUDIANT-LICENCE</q:value><br clear="none">
</q:equal><br clear="none">
<q:org><br clear="none">
<q:orgRef><br clear="none">
<!-- TPC group
(organization) --><br clear="none">
<q:oid>1f043504-127b-4707-b4dd-11fa5603ef1e</q:oid><br clear="none">
</q:orgRef><br clear="none">
<q:maxDepth>unbounded</q:maxDepth><br clear="none">
</q:org><br clear="none">
</q:and><br clear="none">
</q:filter><br clear="none">
</s:query><br clear="none">
<br clear="none">
<s:action><br clear="none">
<s:type>modify</s:type><br clear="none">
<s:parameter><br clear="none">
<s:name>delta</s:name><br clear="none">
<c:value
xsi:type="t:ObjectDeltaType"><br clear="none">
<t:changeType>modify</t:changeType><br clear="none">
<t:itemDelta><br clear="none">
<t:modificationType>add</t:modificationType><br clear="none">
<t:path>c:assignment</t:path><br clear="none">
<t:value
xsi:type="c:AssignmentType"><br clear="none">
<!-- Telem role --><br clear="none">
<targetRef
oid="f602c03b-4c50-4a7c-8866-59202dc27fad" relation="org:default"
type="c:RoleType"/><br clear="none">
<!-- add multiple role is
necessary --><br clear="none">
<!--targetRef
oid="other-role" relation="org:default" type="c:RoleType"/><br clear="none">
<targetRef
oid="another-role" relation="org:default" type="c:RoleType"/--><br clear="none">
</t:value><br clear="none">
</t:itemDelta><br clear="none">
</c:value><br clear="none">
</s:parameter><br clear="none">
</s:action><br clear="none">
<br clear="none">
</s:search><br clear="none">
</scext:executeScript><br clear="none">
</extension><br clear="none">
<ownerRef oid="00000000-0000-0000-0000-000000000002"/><br clear="none">
<executionStatus>runnable</executionStatus><br clear="none">
<br clear="none">
<category>BulkActions</category><br clear="none">
<handlerUri><a rel="nofollow" shape="rect" class="yiv8444585419moz-txt-link-freetext" target="_blank" href="http://midpoint.evolveum.com/xml/ns/public/model/scripting/handler-3">http://midpoint.evolveum.com/xml/ns/public/model/scripting/handler-3</a></handlerUri><br clear="none">
<recurrence>single</recurrence><br clear="none">
</task><br clear="none">
</objects><br clear="none">
<div><br clear="none">
</div>
<div><br clear="none">
</div>
<div class="yiv8444585419moz-cite-prefix">Le 04/09/2020 à 09:33, mid point via
midPoint a écrit :<br clear="none">
</div>
<blockquote type="cite">
</blockquote></div>
<div>
<div class="yiv8444585419yqt6472938366" id="yiv8444585419yqt95180">
<div style="font:10pt Helvetica Neue;">Good <font size="2"><font face="Arial, Helvetica, sans-serif">morning<br clear="none">
<br clear="none">
I ask this question 2 weeks ago, and no answer.<br clear="none">
I supposed i was wrong to think that this question would
have interested a lot of midpoint users.<br clear="none">
it is maybe too simple.<br clear="none">
in case of someone has an example of bulk action that
accomplish what i want, please do not hesitate to share<br clear="none">
<br clear="none">
Best regards<br clear="none">
<br clear="none">
<br clear="none">
</font></font>
<div> <br clear="none">
</div>
<div> <br clear="none">
</div>
<div> <br clear="none">
</div>
<div style="font-family:arial, helvetica;font-size:10pt;color:black;">-----Original
Message-----<br clear="none">
From: mid point <a rel="nofollow" shape="rect" class="yiv8444585419moz-txt-link-rfc2396E" ymailto="mailto:pointmid2@aol.com" target="_blank" href="mailto:pointmid2@aol.com"><pointmid2@aol.com></a><br clear="none">
To: <a rel="nofollow" shape="rect" class="yiv8444585419moz-txt-link-abbreviated" ymailto="mailto:midpoint@lists.evolveum.com" target="_blank" href="mailto:midpoint@lists.evolveum.com">midpoint@lists.evolveum.com</a>
<a rel="nofollow" shape="rect" class="yiv8444585419moz-txt-link-rfc2396E" ymailto="mailto:midpoint@lists.evolveum.com" target="_blank" href="mailto:midpoint@lists.evolveum.com"><midpoint@lists.evolveum.com></a><br clear="none">
Sent: Thu, Aug 20, 2020 5:41 pm<br clear="none">
Subject: [midPoint] midpoint 4.0.1 - need to do a bulk action
to assign users from AD specific security group to a role in
midpoint<br clear="none">
<br clear="none">
<div id="yiv8444585419">
<div style="font:10pt Helvetica Neue;"><font size="2"><font face="Arial, Helvetica, sans-serif">Hello <br clear="none">
<br clear="none">
As a short introduction, i'm a new midpoint
administrator and i'm French :-)<br clear="none">
<br clear="none">
My company is using a midpoint solution, it was
installed recently by an external company.<br clear="none">
it is working fine so far.<br clear="none">
Midpoint has two AD domain resources<br clear="none">
<br clear="none">
I need to assign all users from an existing security
group within one of the AD ressources to a midpoint
role<br clear="none">
I already created the midpoint role with all necessary
assignments and inducements<br clear="none">
<br clear="none">
but there is too much users in the security group to
assign them one by one and i would like to use bulk
action to do this.<br clear="none">
Unfortunately , my developer skills are null and for
this reason kindly request your help<br clear="none">
<br clear="none">
I hope one of you will help me and give me a good
script.I hope the data below can be enough <br clear="none">
<br clear="none">
the role name is : Telem his OID
is </font></font><font size="2"><font face="Arial, Helvetica, sans-serif"><span>f602c03b-4c50-4a7c-8866-59202dc27fad<br clear="none">
</span>the security group name is TPC </font></font><font size="2"><font face="Arial, Helvetica, sans-serif"><span>
his OID is
1f043504-127b-4707-b4dd-11fa5603ef1e<br clear="none">
</span>the AD ressource name is Internal his
OID is </font></font><font size="2"><font face="Arial, Helvetica, sans-serif"><span>e580a543-6b87-460b-aa80-3525e436cf9f</span><br clear="none">
<br clear="none">
thanks in advance<br clear="none">
<br clear="none">
Raymond<br clear="none">
</font></font></div>
</div>
_______________________________________________<br clear="none">
midPoint mailing list<br clear="none">
<a rel="nofollow" shape="rect" ymailto="mailto:midPoint@lists.evolveum.com" target="_blank" href="mailto:midPoint@lists.evolveum.com">midPoint@lists.evolveum.com</a><br clear="none">
<a rel="nofollow" shape="rect" target="_blank" href="https://lists.evolveum.com/mailman/listinfo/midpoint">https://lists.evolveum.com/mailman/listinfo/midpoint</a><br clear="none">
</div>
</div>
</div>
<br clear="none">
<fieldset class="yiv8444585419mimeAttachmentHeader"></fieldset>
<pre class="yiv8444585419moz-quote-pre">_______________________________________________
midPoint mailing list
<a rel="nofollow" shape="rect" class="yiv8444585419moz-txt-link-abbreviated" ymailto="mailto:midPoint@lists.evolveum.com" target="_blank" href="mailto:midPoint@lists.evolveum.com">midPoint@lists.evolveum.com</a>
<a rel="nofollow" shape="rect" class="yiv8444585419moz-txt-link-freetext" target="_blank" href="https://lists.evolveum.com/mailman/listinfo/midpoint">https://lists.evolveum.com/mailman/listinfo/midpoint</a>
</pre>
</div>
</div>
<div class="yqt6472938366" id="yqt32790">_______________________________________________<br clear="none">midPoint mailing list<br clear="none"><a shape="rect" ymailto="mailto:midPoint@lists.evolveum.com" href="mailto:midPoint@lists.evolveum.com">midPoint@lists.evolveum.com</a><br clear="none"><a shape="rect" href="https://lists.evolveum.com/mailman/listinfo/midpoint" target="_blank">https://lists.evolveum.com/mailman/listinfo/midpoint</a><br clear="none"></div>
</div>
</div>