<div dir="auto"><div class="gmail_quote" dir="auto"><div dir="ltr" class="gmail_attr">Hello,<br></div><div lang="FR" link="#0563C1" vlink="#954F72"><div class="m_-9188281304109651004WordSection1"><p class="MsoNormal"><u></u></p>

<p class="MsoNormal"><u></u> <u></u></p>

<p class="MsoNormal">Following up my last email « Set resource attribute pwdReset when password changed by Midpoint GUI by IDM admin », I think the password mapping using channels is the way to go.

<u></u><u></u></p>

<p class="MsoNormal">What I want to do now is to set this attribute in the password mapping context using groovy. This attribute exists in the resource schema as an operational attribute and I can manualy set this attribute for a user through midpoint GUI (edit

 projection tab).<u></u><u></u></p>

<p class="MsoNormal"><u></u> <u></u></p>

<p class="MsoNormal">My guess is that I have to « build a delta » for the correspondant shadow object. Am I right?<u></u><u></u></p>

<p class="MsoNormal"><u></u> <u></u></p>

<p class="MsoNormal">I know the shadow OID thanks to the projection variable (projection.getOid()), I tried to build the delta using some examples around, but I get the error « Undefined or dynamic path: pwdReset in: CTD ({.../common/common-3}ShadowType) ».

 Any idea of what I am doing wrong?<u></u><u></u></p>

<p class="MsoNormal"><u></u> <u></u></p>

<p class="MsoNormal">The full password mapping : <u></u><u></u></p>

<p class="MsoNormal"><u></u> <u></u></p>

<p class="MsoNormal" style="line-height:14.25pt;background:#1e1e1e"><span style="font-size:10.5pt;font-family:Consolas;color:gray"><</span><span style="font-size:10.5pt;font-family:Consolas;color:#569cd6">credentials</span><span style="font-size:10.5pt;font-family:Consolas;color:gray">></span><span style="font-size:10.5pt;font-family:Consolas;color:#d4d4d4"><u></u><u></u></span></p>

<p class="MsoNormal" style="line-height:14.25pt;background:#1e1e1e"><span style="font-size:10.5pt;font-family:Consolas;color:#d4d4d4">   

</span><span style="font-size:10.5pt;font-family:Consolas;color:gray"><</span><span style="font-size:10.5pt;font-family:Consolas;color:#569cd6">password</span><span style="font-size:10.5pt;font-family:Consolas;color:gray">></span><span style="font-size:10.5pt;font-family:Consolas;color:#d4d4d4"><u></u><u></u></span></p>

<p class="MsoNormal" style="line-height:14.25pt;background:#1e1e1e"><span style="font-size:10.5pt;font-family:Consolas;color:#d4d4d4">       

</span><span style="font-size:10.5pt;font-family:Consolas;color:gray"><</span><span style="font-size:10.5pt;font-family:Consolas;color:#569cd6">outbound</span><span style="font-size:10.5pt;font-family:Consolas;color:gray">></span><span style="font-size:10.5pt;font-family:Consolas;color:#d4d4d4"><u></u><u></u></span></p>

<p class="MsoNormal" style="line-height:14.25pt;background:#1e1e1e"><span style="font-size:10.5pt;font-family:Consolas;color:#d4d4d4">           

</span><span style="font-size:10.5pt;font-family:Consolas;color:gray"><</span><span style="font-size:10.5pt;font-family:Consolas;color:#569cd6">name</span><span style="font-size:10.5pt;font-family:Consolas;color:gray">></span><span style="font-size:10.5pt;font-family:Consolas;color:#d4d4d4">Password and pwdReset (to

 force the password reset by user)</span><span style="font-size:10.5pt;font-family:Consolas;color:gray"></</span><span style="font-size:10.5pt;font-family:Consolas;color:#569cd6">name</span><span style="font-size:10.5pt;font-family:Consolas;color:gray">></span><span style="font-size:10.5pt;font-family:Consolas;color:#d4d4d4"><u></u><u></u></span></p>

<p class="MsoNormal" style="line-height:14.25pt;background:#1e1e1e"><span style="font-size:10.5pt;font-family:Consolas;color:#d4d4d4">            </span><span style="font-size:10.5pt;font-family:Consolas;color:gray"><</span><span style="font-size:10.5pt;font-family:Consolas;color:#569cd6">strength</span><span style="font-size:10.5pt;font-family:Consolas;color:gray">></span><span style="font-size:10.5pt;font-family:Consolas;color:#d4d4d4">strong</span><span style="font-size:10.5pt;font-family:Consolas;color:gray"></</span><span style="font-size:10.5pt;font-family:Consolas;color:#569cd6">strength</span><span style="font-size:10.5pt;font-family:Consolas;color:gray">></span><span style="font-size:10.5pt;font-family:Consolas;color:#d4d4d4"><u></u><u></u></span></p>

<p class="MsoNormal" style="line-height:14.25pt;background:#1e1e1e"><span style="font-size:10.5pt;font-family:Consolas;color:#d4d4d4">            </span><span style="font-size:10.5pt;font-family:Consolas;color:gray"><</span><span style="font-size:10.5pt;font-family:Consolas;color:#569cd6">channel</span><span style="font-size:10.5pt;font-family:Consolas;color:gray">></span><span style="font-size:10.5pt;font-family:Consolas;color:#d4d4d4"><a href="http://midpoint.evolveum.com/xml/ns/public/gui/channels-3#user%3C/channel" target="_blank" rel="noreferrer">http://midpoint.evolveum.com/xml/ns/public/gui/channels-3#user<span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:gray;text-decoration:none"></</span><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#569cd6;text-decoration:none">c</span><span style="color:#569cd6;text-decoration:none">hanne</span><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#569cd6;text-decoration:none">l</span></a></span><span style="font-size:10.5pt;font-family:Consolas;color:gray">></span><span style="font-size:10.5pt;font-family:Consolas;color:#d4d4d4"><u></u><u></u></span></p>

<p class="MsoNormal" style="line-height:14.25pt;background:#1e1e1e"><span style="font-size:10.5pt;font-family:Consolas;color:#d4d4d4">            </span><span style="font-size:10.5pt;font-family:Consolas;color:gray"><</span><span style="font-size:10.5pt;font-family:Consolas;color:#569cd6">expression</span><span style="font-size:10.5pt;font-family:Consolas;color:gray">></span><span style="font-size:10.5pt;font-family:Consolas;color:#d4d4d4"><u></u><u></u></span></p>

<p class="MsoNormal" style="line-height:14.25pt;background:#1e1e1e"><span style="font-size:10.5pt;font-family:Consolas;color:#d4d4d4">               

</span><span style="font-size:10.5pt;font-family:Consolas;color:gray"><</span><span style="font-size:10.5pt;font-family:Consolas;color:#569cd6">script</span><span style="font-size:10.5pt;font-family:Consolas;color:gray">></span><span style="font-size:10.5pt;font-family:Consolas;color:#d4d4d4"><u></u><u></u></span></p>

<p class="MsoNormal" style="line-height:14.25pt;background:#1e1e1e"><span style="font-size:10.5pt;font-family:Consolas;color:#d4d4d4">                   

</span><span style="font-size:10.5pt;font-family:Consolas;color:gray"><</span><span style="font-size:10.5pt;font-family:Consolas;color:#569cd6">code</span><span style="font-size:10.5pt;font-family:Consolas;color:gray">></span><span style="font-size:10.5pt;font-family:Consolas;color:#d4d4d4"><u></u><u></u></span></p>

<p class="MsoNormal" style="line-height:14.25pt;background:#1e1e1e"><span style="font-size:10.5pt;font-family:Consolas;color:#d4d4d4">                        // If password modification comes from an Midpoint admin (channel #user), then

 we set the Open LDAP pwdReset attribute to TRUE (this will force the user to reset his password)<u></u><u></u></span></p>

<p class="MsoNormal" style="line-height:14.25pt;background:#1e1e1e"><span style="font-size:10.5pt;font-family:Consolas;color:#d4d4d4">                        <u></u><u></u></span></p>

<p class="MsoNormal" style="line-height:14.25pt;background:#1e1e1e"><span style="font-size:10.5pt;font-family:Consolas;color:#d4d4d4">                       

</span><span style="font-size:10.5pt;font-family:Consolas;color:#d4d4d4">import com.evolveum.midpoint.prism.impl.delta.builder.*<u></u><u></u></span></p>

<p class="MsoNormal" style="line-height:14.25pt;background:#1e1e1e"><span style="font-size:10.5pt;font-family:Consolas;color:#d4d4d4">                        import com.evolveum.midpoint.xml.ns._public.common.common_3.*<u></u><u></u></span></p>

<p class="MsoNormal" style="line-height:14.25pt;background:#1e1e1e"><span style="font-size:10.5pt;font-family:Consolas;color:#d4d4d4">                        import com.evolveum.prism.xml.ns._public.types_3.*<u></u><u></u></span></p>

<p class="MsoNormal" style="line-height:14.25pt;background:#1e1e1e"><span style="font-size:10.5pt;font-family:Consolas;color:#d4d4d4"><u></u> <u></u></span></p>

<p class="MsoNormal" style="line-height:14.25pt;background:#1e1e1e"><span style="font-size:10.5pt;font-family:Consolas;color:#d4d4d4">                        def prismContext = midpoint.getPrismContext()<u></u><u></u></span></p>

<p class="MsoNormal" style="line-height:14.25pt;background:#1e1e1e"><span style="font-size:10.5pt;font-family:Consolas;color:#d4d4d4">                        def shadowOid = projection.getOid()<u></u><u></u></span></p>

<p class="MsoNormal" style="line-height:14.25pt;background:#1e1e1e"><span style="font-size:10.5pt;font-family:Consolas;color:#d4d4d4">                        def delta = DeltaBuilder.deltaFor(ShadowType.class, prismContext)<u></u><u></u></span></p>

<p class="MsoNormal" style="text-indent:35.4pt;line-height:14.25pt;background:#1e1e1e">

<span style="font-size:10.5pt;font-family:Consolas;color:#d4d4d4">                      .item(ShadowType.F_ATTRIBUTES, "pwdReset")<u></u><u></u></span></p>

<p class="MsoNormal" style="line-height:14.25pt;background:#1e1e1e"><span style="font-size:10.5pt;font-family:Consolas;color:#d4d4d4">                            .add("TRUE")<u></u><u></u></span></p>

<p class="MsoNormal" style="line-height:14.25pt;background:#1e1e1e"><span style="font-size:10.5pt;font-family:Consolas;color:#d4d4d4">                            .asObjectDelta(shadowOid)<u></u><u></u></span></p>

<p class="MsoNormal" style="line-height:14.25pt;background:#1e1e1e"><span style="font-size:10.5pt;font-family:Consolas;color:#d4d4d4">                        midpoint.modifyObject(delta, null)<u></u><u></u></span></p>

<p class="MsoNormal" style="line-height:14.25pt;background:#1e1e1e"><span style="font-size:10.5pt;font-family:Consolas;color:#d4d4d4">                        <u></u><u></u></span></p>

<p class="MsoNormal" style="line-height:14.25pt;background:#1e1e1e"><span style="font-size:10.5pt;font-family:Consolas;color:#d4d4d4">                        // Then we return the password value anyway<u></u><u></u></span></p>

<p class="MsoNormal" style="line-height:14.25pt;background:#1e1e1e"><span style="font-size:10.5pt;font-family:Consolas;color:#d4d4d4">                        return input<u></u><u></u></span></p>

<p class="MsoNormal" style="line-height:14.25pt;background:#1e1e1e"><span style="font-size:10.5pt;font-family:Consolas;color:#d4d4d4">                   

</span><span style="font-size:10.5pt;font-family:Consolas;color:gray"></</span><span style="font-size:10.5pt;font-family:Consolas;color:#569cd6">code</span><span style="font-size:10.5pt;font-family:Consolas;color:gray">></span><span style="font-size:10.5pt;font-family:Consolas;color:#d4d4d4"><u></u><u></u></span></p>

<p class="MsoNormal" style="line-height:14.25pt;background:#1e1e1e"><span style="font-size:10.5pt;font-family:Consolas;color:#d4d4d4">               

</span><span style="font-size:10.5pt;font-family:Consolas;color:gray"></</span><span style="font-size:10.5pt;font-family:Consolas;color:#569cd6">script</span><span style="font-size:10.5pt;font-family:Consolas;color:gray">></span><span style="font-size:10.5pt;font-family:Consolas;color:#d4d4d4"><u></u><u></u></span></p>

<p class="MsoNormal" style="line-height:14.25pt;background:#1e1e1e"><span style="font-size:10.5pt;font-family:Consolas;color:#d4d4d4">            </span><span style="font-size:10.5pt;font-family:Consolas;color:gray"></</span><span style="font-size:10.5pt;font-family:Consolas;color:#569cd6">expression</span><span style="font-size:10.5pt;font-family:Consolas;color:gray">></span><span style="font-size:10.5pt;font-family:Consolas;color:#d4d4d4"><u></u><u></u></span></p>

<p class="MsoNormal" style="line-height:14.25pt;background:#1e1e1e"><span style="font-size:10.5pt;font-family:Consolas;color:#d4d4d4">        </span><span style="font-size:10.5pt;font-family:Consolas;color:gray"></</span><span style="font-size:10.5pt;font-family:Consolas;color:#569cd6">outbound</span><span style="font-size:10.5pt;font-family:Consolas;color:gray">></span><span style="font-size:10.5pt;font-family:Consolas;color:#d4d4d4"><u></u><u></u></span></p>

<p class="MsoNormal" style="line-height:14.25pt;background:#1e1e1e"><span style="font-size:10.5pt;font-family:Consolas;color:#d4d4d4">        </span><span style="font-size:10.5pt;font-family:Consolas;color:gray"><</span><span style="font-size:10.5pt;font-family:Consolas;color:#569cd6">outbound</span><span style="font-size:10.5pt;font-family:Consolas;color:gray">></span><span style="font-size:10.5pt;font-family:Consolas;color:#d4d4d4"><u></u><u></u></span></p>

<p class="MsoNormal" style="line-height:14.25pt;background:#1e1e1e"><span style="font-size:10.5pt;font-family:Consolas;color:#d4d4d4">           

</span><span style="font-size:10.5pt;font-family:Consolas;color:gray"><</span><span style="font-size:10.5pt;font-family:Consolas;color:#569cd6">name</span><span style="font-size:10.5pt;font-family:Consolas;color:gray">></span><span style="font-size:10.5pt;font-family:Consolas;color:#d4d4d4">

 Simple password mapping</span><span style="font-size:10.5pt;font-family:Consolas;color:gray"></</span><span style="font-size:10.5pt;font-family:Consolas;color:#569cd6">name</span><span style="font-size:10.5pt;font-family:Consolas;color:gray">><u></u><u></u></span></p>

<p class="MsoNormal" style="line-height:14.25pt;background:#1e1e1e"><span style="font-size:10.5pt;font-family:Consolas;color:#d4d4d4">            </span><span style="font-size:10.5pt;font-family:Consolas;color:gray"><</span><span style="font-size:10.5pt;font-family:Consolas;color:#569cd6">description</span><span style="font-size:10.5pt;font-family:Consolas;color:gray">></span><span style="font-size:10.5pt;font-family:Consolas;color:#d4d4d4">We

 apply this mapping every time, except if the modification is done on the Midpoint GUI (by an IDM admin)</span><span style="font-size:10.5pt;font-family:Consolas;color:gray"></</span><span style="font-size:10.5pt;font-family:Consolas;color:#569cd6">description</span><span style="font-size:10.5pt;font-family:Consolas;color:gray">></span><span style="font-size:10.5pt;font-family:Consolas;color:#d4d4d4"><u></u><u></u></span></p>

<p class="MsoNormal" style="line-height:14.25pt;background:#1e1e1e"><span style="font-size:10.5pt;font-family:Consolas;color:#d4d4d4">            </span><span style="font-size:10.5pt;font-family:Consolas;color:gray"><</span><span style="font-size:10.5pt;font-family:Consolas;color:#569cd6">strength</span><span style="font-size:10.5pt;font-family:Consolas;color:gray">></span><span style="font-size:10.5pt;font-family:Consolas;color:#d4d4d4">strong</span><span style="font-size:10.5pt;font-family:Consolas;color:gray"></</span><span style="font-size:10.5pt;font-family:Consolas;color:#569cd6">strength</span><span style="font-size:10.5pt;font-family:Consolas;color:gray">></span><span style="font-size:10.5pt;font-family:Consolas;color:#d4d4d4"><u></u><u></u></span></p>

<p class="MsoNormal" style="line-height:14.25pt;background:#1e1e1e"><span style="font-size:10.5pt;font-family:Consolas;color:#d4d4d4">            </span><span style="font-size:10.5pt;font-family:Consolas;color:gray"><</span><span style="font-size:10.5pt;font-family:Consolas;color:#569cd6">exceptChannel</span><span style="font-size:10.5pt;font-family:Consolas;color:gray">></span><span style="font-size:10.5pt;font-family:Consolas;color:#d4d4d4"><a href="http://midpoint.evolveum.com/xml/ns/public/gui/channels-3#user%3C/exceptChannel" target="_blank" rel="noreferrer">http://midpoint.evolveum.com/xml/ns/public/gui/channels-3#user<span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:gray;text-decoration:none"></</span><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#569cd6;text-decoration:none">exceptChannel</span></a></span><span style="font-size:10.5pt;font-family:Consolas;color:gray">></span><span style="font-size:10.5pt;font-family:Consolas;color:#d4d4d4"><u></u><u></u></span></p>

<p class="MsoNormal" style="line-height:14.25pt;background:#1e1e1e"><span style="font-size:10.5pt;font-family:Consolas;color:#d4d4d4">        </span><span style="font-size:10.5pt;font-family:Consolas;color:gray"></</span><span style="font-size:10.5pt;font-family:Consolas;color:#569cd6">outbound</span><span style="font-size:10.5pt;font-family:Consolas;color:gray">></span><span style="font-size:10.5pt;font-family:Consolas;color:#d4d4d4"><u></u><u></u></span></p>

<p class="MsoNormal" style="line-height:14.25pt;background:#1e1e1e"><span style="font-size:10.5pt;font-family:Consolas;color:#d4d4d4">        </span><span style="font-size:10.5pt;font-family:Consolas;color:gray"><</span><span style="font-size:10.5pt;font-family:Consolas;color:#569cd6">inbound</span><span style="font-size:10.5pt;font-family:Consolas;color:gray">/></span><span style="font-size:10.5pt;font-family:Consolas;color:#d4d4d4"><u></u><u></u></span></p>

<p class="MsoNormal" style="line-height:14.25pt;background:#1e1e1e"><span style="font-size:10.5pt;font-family:Consolas;color:#d4d4d4">    </span><span style="font-size:10.5pt;font-family:Consolas;color:gray"></</span><span style="font-size:10.5pt;font-family:Consolas;color:#569cd6">password</span><span style="font-size:10.5pt;font-family:Consolas;color:gray">></span><span style="font-size:10.5pt;font-family:Consolas;color:#d4d4d4"><u></u><u></u></span></p>

<p class="MsoNormal" style="line-height:14.25pt;background:#1e1e1e"><span style="font-size:10.5pt;font-family:Consolas;color:gray"></</span><span style="font-size:10.5pt;font-family:Consolas;color:#569cd6">credentials</span><span style="font-size:10.5pt;font-family:Consolas;color:gray">></span><span style="font-size:10.5pt;font-family:Consolas;color:#d4d4d4"><u></u><u></u></span></p>

<p class="MsoNormal" style="line-height:14.25pt;background:#1e1e1e"><span style="font-size:10.5pt;font-family:Consolas;color:#d4d4d4"><u></u> <u></u></span></p>

<p class="MsoNormal" style="line-height:14.25pt;background:#1e1e1e"><span style="font-size:10.5pt;font-family:Consolas;color:#d4d4d4"><u></u> <u></u></span></p>

<p class="MsoNormal"><u></u> <u></u></p>

<p class="MsoNormal">Error :<u></u><u></u></p>

<p class="MsoNormal"><u></u> <u></u></p>

<p class="MsoNormal">java.lang.IllegalArgumentException: Undefined or dynamic path: pwdReset in: CTD ({.../common/common-3}ShadowType)<u></u><u></u></p>

<p class="MsoNormal">        at com.evolveum.midpoint.prism.impl.delta.builder.DeltaBuilder.item(DeltaBuilder.java:92)<u></u><u></u></p>

<p class="MsoNormal">        at com.evolveum.midpoint.prism.impl.delta.builder.DeltaBuilder.item(DeltaBuilder.java:85)<u></u><u></u></p>

<p class="MsoNormal">        at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)<u></u><u></u></p>

<p class="MsoNormal">        at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)<u></u><u></u></p>

<p class="MsoNormal">        at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)<u></u><u></u></p>

<p class="MsoNormal">        at java.base/java.lang.reflect.Method.invoke(Method.java:566)<u></u><u></u></p>

<p class="MsoNormal">        at org.codehaus.groovy.runtime.callsite.PlainObjectMetaMethodSite.doInvoke(PlainObjectMetaMethodSite.java:43)<u></u><u></u></p>

<p class="MsoNormal">        at org.codehaus.groovy.runtime.callsite.PojoMetaMethodSite$PojoCachedMethodSite.invoke(PojoMetaMethodSite.java:188)<u></u><u></u></p>

<p class="MsoNormal">        at org.codehaus.groovy.runtime.callsite.PojoMetaMethodSite.call(PojoMetaMethodSite.java:53)<u></u><u></u></p>

<p class="MsoNormal">        at org.codehaus.groovy.runtime.callsite.CallSiteArray.defaultCall(CallSiteArray.java:47)<u></u><u></u></p>

<p class="MsoNormal">        at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:115)<u></u><u></u></p>

<p class="MsoNormal">        at org.codehaus.groovy.runtime.callsite.AbstractCallSite.call(AbstractCallSite.java:127)<u></u><u></u></p>

<p class="MsoNormal">        at expression_in_mapping_'Password_and_pwdReset_(to_force_the_password_reset_by_user)'_in_password_mapping_in_projection_(account_(default)_on_resource_xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx(LDAP)).run(expression in mapping 'Password_and_pwdReset_(to_force_the_password_reset_by_user)'

 in password mapping in projection (account (default) on resource: xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx (LDAP)):13)<u></u><u></u></p>

<p class="MsoNormal">        at com.evolveum.midpoint.model.common.expression.script.groovy.GroovyScriptEvaluator.evaluateScript(GroovyScriptEvaluator.java:203)<u></u><u></u></p>

<p class="MsoNormal">        at com.evolveum.midpoint.model.common.expression.script.groovy.GroovyScriptEvaluator.evaluateScript(GroovyScriptEvaluator.java:50)<u></u><u></u></p>

<p class="MsoNormal">        at com.evolveum.midpoint.model.common.expression.script.AbstractCachingScriptEvaluator.evaluate(AbstractCachingScriptEvaluator.java:76)<u></u><u></u></p>

<p class="MsoNormal">        ... 36 common frames omitted<u></u><u></u></p>

</div>

</div>

</div></div>