<div dir="ltr"><div dir="ltr">For example, I have something like this:<br><div>(where dn is AD namingAttribute, organization O has two org assignments Off1 & Off2, O includes single-value "department" attribute with value "O" to use it as AD OU name for org O))<br>I use Off1 and Off2 names as tag value.</div><div><pre style="background-color:rgb(43,43,43);color:rgb(169,183,198);font-family:"JetBrains Mono",monospace;font-size:9.8pt"><span style="color:rgb(232,191,106)"><objectType><br></span><span style="color:rgb(232,191,106)"> <kind></span>generic<span style="color:rgb(232,191,106)"></kind><br></span><span style="color:rgb(232,191,106)"> <intent></span>default<span style="color:rgb(232,191,106)"></intent><br></span><span style="color:rgb(232,191,106)"> <objectClass></span>ri:organizationalUnit<span style="color:rgb(232,191,106)"></objectClass><br></span><span style="color:rgb(232,191,106)"> <multiplicity><br></span><span style="color:rgb(232,191,106)"> <maxOccurs></span>unbounded<span style="color:rgb(232,191,106)"></maxOccurs><br></span><span style="color:rgb(232,191,106)"> <tag><br></span><span style="color:rgb(232,191,106)"> <outbound><br></span><span style="color:rgb(232,191,106)"> <source><br></span><span style="color:rgb(232,191,106)"> <path></span>parentOrgRef<span style="color:rgb(232,191,106)"></path><br></span><span style="color:rgb(232,191,106)"> </source><br></span><span style="color:rgb(232,191,106)"> <expression><br></span><span style="color:rgb(232,191,106)"> <script><br></span><span style="color:rgb(232,191,106)"> <code></span><span style="color:rgb(232,191,106);background-color:rgb(54,65,53)"><br></span><span style="color:rgb(232,191,106);background-color:rgb(54,65,53)"> </span><span style="background-color:rgb(54,65,53)">import com.evolveum.midpoint.xml.ns._public.common.common_3.OrgType;<br></span><span style="background-color:rgb(54,65,53)"> <br></span><span style="background-color:rgb(54,65,53)"> OrgType office = midpoint.getOrgByOid(parentOrgRef.oid);<br></span><span style="background-color:rgb(54,65,53)"> <a href="http://log.info">log.info</a>("1.1" + String.valueOf(<a href="http://office.name">office.name</a>));<br></span><span style="background-color:rgb(54,65,53)"> return <a href="http://office.name">office.name</a>;<br></span><span style="background-color:rgb(54,65,53)"> </span><span style="color:rgb(232,191,106)"></code><br></span><span style="color:rgb(232,191,106)"> </script><br></span><span style="color:rgb(232,191,106)"> </expression><br></span><span style="color:rgb(232,191,106)"> </outbound><br></span><span style="color:rgb(232,191,106)"> </tag><br></span><span style="color:rgb(232,191,106)"> </multiplicity><br></span><span style="color:rgb(232,191,106)"> <attribute><br></span><span style="color:rgb(232,191,106)"> <ref></span>ri:dn<span style="color:rgb(232,191,106)"></ref><br></span><span style="color:rgb(232,191,106)"> <matchingRule></span>distinguishedName<span style="color:rgb(232,191,106)"></matchingRule><br></span><span style="color:rgb(232,191,106)"> <outbound><br></span><span style="color:rgb(232,191,106)"> <strength></span>strong<span style="color:rgb(232,191,106)"></strength><br></span><span style="color:rgb(232,191,106)"> <source><br></span><span style="color:rgb(232,191,106)"> <path></span>extension/department<span style="color:rgb(232,191,106)"></path><br></span><span style="color:rgb(232,191,106)"> </source><br></span><span style="color:rgb(232,191,106)"> <source><br></span><span style="color:rgb(232,191,106)"> <path></span>parentOrgRef<span style="color:rgb(232,191,106)"></path><br></span><span style="color:rgb(232,191,106)"> </source><br></span><span style="color:rgb(232,191,106)"> <source><br></span><span style="color:rgb(232,191,106)"> <path></span>$projection/tag<span style="color:rgb(232,191,106)"></path><br></span><span style="color:rgb(232,191,106)"> </source><br></span><span style="color:rgb(232,191,106)"> <expression><br></span><span style="color:rgb(232,191,106)"> <script><br></span><span style="color:rgb(232,191,106)"> <code></span><span style="color:rgb(232,191,106);background-color:rgb(54,65,53)"><br></span><span style="color:rgb(232,191,106);background-color:rgb(54,65,53)"> </span><span style="background-color:rgb(54,65,53)">import com.evolveum.midpoint.schema.constants.SchemaConstants;<br></span><span style="background-color:rgb(54,65,53)"> import com.evolveum.midpoint.xml.ns._public.common.common_3.OrgType;<br></span><span style="background-color:rgb(54,65,53)"> import javax.naming.ldap.Rdn;<br></span><span style="background-color:rgb(54,65,53)"> import javax.naming.ldap.LdapName;<br></span><span style="background-color:rgb(54,65,53)"><br></span><span style="background-color:rgb(54,65,53)"> OrgType office = midpoint.getOrgByOid(parentOrgRef.oid);<br></span><span style="background-color:rgb(54,65,53)"><br></span><span style="background-color:rgb(54,65,53)"> <a href="http://log.info">log.info</a>("2.1" + String.valueOf(tag));<br></span><span style="background-color:rgb(54,65,53)"> <a href="http://log.info">log.info</a>("2.2" + String.valueOf(<a href="http://office.name">office.name</a>));<br></span><span style="background-color:rgb(54,65,53)"><br></span><span style="background-color:rgb(54,65,53)"> return basic.composeDn(<br></span><span style="background-color:rgb(54,65,53)"> new Rdn("OU", basic.stringify(department)),<br></span><span style="background-color:rgb(54,65,53)"> new Rdn("OU", basic.stringify(<a href="http://office.name">office.name</a>)),<br></span><span style="background-color:rgb(54,65,53)"> new LdapName("DC=example,DC=com")<br></span><span style="background-color:rgb(54,65,53)"> );<br></span><span style="background-color:rgb(54,65,53)"> </span><span style="color:rgb(232,191,106)"></code><br></span><span style="color:rgb(232,191,106)"> </script><br></span><span style="color:rgb(232,191,106)"> </expression><br></span><span style="color:rgb(232,191,106)"> </outbound><br></span><span style="color:rgb(232,191,106)"> </attribute><br></span><span style="color:rgb(232,191,106)"></objectType><br></span></pre></div></div><div>For my data structure I wrote above I have the following output in log:</div><div><br></div><div>1.1 Off1 <br>1.1 Off2 <br>1.1 Off1 <br>1.1 Off2 <br>2.1 Off1 <br>2.2 Off1 <br>2.1 Off1 <br>2.2 Off2 <br>2.1 Off1 <br>2.2 Off1 <br>2.1 Off1 <br>2.2 Off2 <br><br>Partial error while processing projection on resource:746ecf5e-3e8c-11e6-b2f9-3c970e44b9e2(AD): Attempt to add 2 values to a single-valued item attributes/dn; values: [PPV(String:OU=O,OU=Off1,DC=example,DC=com), PPV(String:OU=O,OU=Off2,DC=example,DC=com)]<br></div><div><br></div><div>How to complete my conf? I don't understand how to configure the multivalued account feature. Please, help</div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Sun, 13 Feb 2022 at 14:48, Yakov Revyakin <<a href="mailto:yrevyakin@gmail.com">yrevyakin@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr">Correct, I'd like to have multiple AD accounts. How to command to create them?</div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Sun, 13 Feb 2022 at 14:34, Roman Pudil - AMI Praha a.s. via midPoint <<a href="mailto:midpoint@lists.evolveum.com" target="_blank">midpoint@lists.evolveum.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="auto"><div dir="auto"><br></div><div>Hi, </div><div dir="auto">AD schema did not allow multiple values in DN attribute. See AD schema documentation. </div><div dir="auto">You have ro use multiple accounts.</div><div dir="auto">Regards</div><div dir="auto">Roman Pudil</div><div dir="auto"><br></div><div dir="auto"><br><div class="gmail_quote" dir="auto"><div dir="ltr" class="gmail_attr">Dne ne 13. 2. 2022 13:27 uživatel Yakov Revyakin via midPoint <<a href="mailto:midpoint@lists.evolveum.com" target="_blank">midpoint@lists.evolveum.com</a>> napsal:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr"><div>An org (O, intent : default) is a member of two organizations (Off1 & Off2) different by name but the same by nature (intent : office).</div><div>This structure results in AD as:</div><div>Off1 dn : OU=Off1</div><div>Off2 dn : OU=Off2</div><div>O in Off1 dn : OU=O,OU=Off1</div><div>O in Off2 dn : OU=O,OU=Off2<br></div><div><br></div>I'd like to have multiple AD accounts under O created: OU=O,OU=Off1 and OU=O,OU=Off2.<br><div><br></div><div>Could someone provide schema handling with multiple accounts support for the case? I mean TAG support.</div><div><br></div><div>My configuration tries to save multiple values in dn attribute instead of creating different accounts.</div><div><br></div><div>Thanks,</div><div>J</div></div>
_______________________________________________<br>
midPoint mailing list<br>
<a href="mailto:midPoint@lists.evolveum.com" rel="noreferrer" target="_blank">midPoint@lists.evolveum.com</a><br>
<a href="https://lists.evolveum.com/mailman/listinfo/midpoint" rel="noreferrer noreferrer" target="_blank">https://lists.evolveum.com/mailman/listinfo/midpoint</a><br>
</blockquote></div></div></div>
_______________________________________________<br>
midPoint mailing list<br>
<a href="mailto:midPoint@lists.evolveum.com" target="_blank">midPoint@lists.evolveum.com</a><br>
<a href="https://lists.evolveum.com/mailman/listinfo/midpoint" rel="noreferrer" target="_blank">https://lists.evolveum.com/mailman/listinfo/midpoint</a><br>
</blockquote></div>
</blockquote></div></div>