Skip to content

Instantly share code, notes, and snippets.

@MattMencel

MattMencel/idm.log Secret

Last active August 26, 2016 21:58
Show Gist options
  • Save MattMencel/f7f9ad65a791d15c9dc820d747dc6197 to your computer and use it in GitHub Desktop.
Save MattMencel/f7f9ad65a791d15c9dc820d747dc6197 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
idm.log
2016-08-26 16:18:09,176 [] [pool-1-thread-6] DEBUG (com.evolveum.midpoint.model.impl.sync.SynchronizationServiceImpl): SYNCHRONIZATION: received change notification ResourceObjectShadowChangeDescription(objectDelta=ObjectDelta(ShadowType:49c31ff8-5f85-4612-8697-3237b121582e,ADD: shadow:49c31ff8-5f85-4612-8697-3237b121582e(uid=mrm114,ou=People,dc=wiu,dc=edu)), currentShadow=shadow:49c31ff8-5f85-4612-8697-3237b121582e(uid=mrm114,ou=People,dc=wiu,dc=edu), oldShadow=null, sourceChannel=http://midpoint.evolveum.com/xml/ns/public/provisioning/channels-3#import, resource=resource:141d78c6-697a-11e6-a271-0050569aa9d2(WIU Sun LDAP Test))
2016-08-26 16:18:09,178 [] [pool-1-thread-6] TRACE (com.evolveum.midpoint.model.impl.sync.SynchronizationServiceImpl): SYNCHRONIZATION determined policy: null
2016-08-26 16:18:09,178 [] [pool-1-thread-6] DEBUG (com.evolveum.midpoint.model.impl.sync.SynchronizationServiceImpl): SYNCHRONIZATION no matching policy for shadow:49c31ff8-5f85-4612-8697-3237b121582e(uid=mrm114,ou=People,dc=wiu,dc=edu) ({http://midpoint.evolveum.com/xml/ns/public/resource/instance-3}person) on resource:141d78c6-697a-11e6-a271-0050569aa9d2(WIU Sun LDAP Test), ignoring change from channel http://midpoint.evolveum.com/xml/ns/public/provisioning/channels-3#import
2016-08-26 16:18:09,178 [] [pool-1-thread-6] INFO (com.evolveum.midpoint.model.impl.util.AbstractSearchIterativeResultHandler): Import object shadow:49c31ff8-5f85-4612-8697-3237b121582e(uid=mrm114,ou=People,dc=wiu,dc=edu) from resource:141d78c6-697a-11e6-a271-0050569aa9d2(WIU Sun LDAP Test) done with status SUCCESS (this one: 2 ms, avg: 1 ms) (total progress: 17645, wall clock avg: 12 ms)
Raw
ldap_resource.xml
<?xml version="1.0" encoding="UTF-8"?>
<!-- ~ Copyright (c) 2010-2016 Evolveum ~ ~ Licensed under the Apache License, Version 2.0 (the "License"); ~ you may not use this file except in compliance with the License. ~ You may obtain a copy of the License at ~ ~ http://www.apache.org/licenses/LICENSE-2.0 ~ ~ Unless required by applicable law or agreed to in writing, software ~ distributed under the License is distributed on an "AS IS" BASIS, ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ~ See the License for the specific language governing permissions and ~ limitations under the License. -->
<resource
oid="141d78c6-697a-11e6-a271-0050569aa9d2"
xmlns="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
xmlns:t="http://prism.evolveum.com/xml/ns/public/types-3"
xmlns:q="http://prism.evolveum.com/xml/ns/public/query-3"
xmlns:mr="http://prism.evolveum.com/xml/ns/public/matching-rule-3"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:ri="http://midpoint.evolveum.com/xml/ns/public/resource/instance-3"
xmlns:icfs="http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/resource-schema-3"
xmlns:icfc="http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/connector-schema-3"
xmlns:func="http://midpoint.evolveum.com/xml/ns/public/function/basic-3"
xmlns:ext="http://midpoint.evolveum.com/xml/ns/story/orgsync/ext">
<name>WIU Sun LDAP Test</name>
<connectorRef type="ConnectorType">
<description>Dummy description, just for the test</description>
<filter>
<q:equal>
<q:path>c:connectorType</q:path>
<q:value>com.evolveum.polygon.connector.ldap.LdapConnector</q:value>
</q:equal>
</filter>
</connectorRef>
<connectorConfiguration xmlns:icfcldap="http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/bundle/com.evolveum.polygon.connector-ldap/com.evolveum.polygon.connector.ldap.LdapConnector">
<icfc:configurationProperties>
<icfcldap:port>389</icfcldap:port>
<icfcldap:host>ldap.wiu.edu</icfcldap:host>
<icfcldap:baseContext>ou=people,dc=wiu,dc=edu</icfcldap:baseContext>
<icfcldap:bindDn>BINDDN</icfcldap:bindDn>
<icfcldap:bindPassword>
BINDPW
</icfcldap:bindPassword>
<icfcldap:uidAttribute>dn</icfcldap:uidAttribute>
<icfcldap:pagingStrategy>none</icfcldap:pagingStrategy>
<icfcldap:passwordAttribute>userPassword</icfcldap:passwordAttribute>
<icfcldap:synchronizationStrategy>sunChangeLog</icfcldap:synchronizationStrategy>
</icfc:configurationProperties>
<icfc:resultsHandlerConfiguration>
<icfc:enableNormalizingResultsHandler>false</icfc:enableNormalizingResultsHandler>
<icfc:enableFilteredResultsHandler>false</icfc:enableFilteredResultsHandler>
<icfc:enableAttributesToGetSearchResultsHandler>false</icfc:enableAttributesToGetSearchResultsHandler>
</icfc:resultsHandlerConfiguration>
</connectorConfiguration>
<schema>
<generationConstraints>
<generateObjectClass>ri:person</generateObjectClass>
<generateObjectClass>ri:groupOfUniqueNames</generateObjectClass>
<generateObjectClass>ri:inetLocalMailRecipient</generateObjectClass>
<generateObjectClass>ri:inetAdmin</generateObjectClass>
<generateObjectClass>ri:inetMailUser</generateObjectClass>
<generateObjectClass>ri:inetSubscriber</generateObjectClass>
<generateObjectClass>ri:inetUser</generateObjectClass>
<generateObjectClass>ri:iplanet-am-managed-person</generateObjectClass>
<generateObjectClass>ri:iplanet-am-session-service</generateObjectClass>
<generateObjectClass>ri:iplanet-am-user-service</generateObjectClass>
<generateObjectClass>ri:iPlanetPreferences</generateObjectClass>
<generateObjectClass>ri:posixAccount</generateObjectClass>
<generateObjectClass>ri:wiuPerson</generateObjectClass>
<generateObjectClass>ri:wiuAccount</generateObjectClass>
<generateObjectClass>ri:wiuEmployee</generateObjectClass>
<generateObjectClass>ri:wiuMail</generateObjectClass>
<generateObjectClass>ri:shadowAccount</generateObjectClass>
</generationConstraints>
</schema>
<schemaHandling>
<objectType>
<kind>account</kind>
<intent>person</intent>
<displayName>Person Account</displayName>
<default>true</default>
<objectClass>ri:person</objectClass>
<auxiliaryObjectClass>wiuAccount</auxiliaryObjectClass>
<auxiliaryObjectClass>wiuEmployee</auxiliaryObjectClass>
<auxiliaryObjectClass>wiuPerson</auxiliaryObjectClass>
<auxiliaryObjectClass>inetLocalMailRecipient</auxiliaryObjectClass>
<attribute>
<ref>ri:dn</ref>
<displayName>Distinguished Name</displayName>
<outbound>
<!-- Name cannot be weak. Changes in name trigger object rename. -->
<source>
<path>$user/name</path>
</source>
<expression>
<script>
<code>
basic.composeDnWithSuffix('uid', name, 'ou=people,dc=wiu,dc=edu')
</code>
</script>
</expression>
</outbound>
</attribute>
<attribute>
<ref>ri:cn</ref>
<displayName>Common Name</displayName>
<outbound>
<source>
<path>$user/fullName</path>
</source>
</outbound>
<inbound>
<strength>weak</strength>
<target>
<path>$user/fullName</path>
</target>
</inbound>
</attribute>
<attribute>
<ref>ri:sn</ref>
<outbound>
<source>
<path>familyName</path>
</source>
</outbound>
<inbound>
<strength>weak</strength>
<target>
<path>$user/familyName</path>
</target>
</inbound>
</attribute>
<attribute>
<ref>ri:givenName</ref>
<outbound>
<source>
<path>$user/givenName</path>
</source>
</outbound>
<inbound>
<strength>weak</strength>
<target>
<path>$user/givenName</path>
</target>
</inbound>
</attribute>
<attribute>
<ref>ri:department</ref>
<outbound>
<source>
<path>$user/department</path>
</source>
</outbound>
<inbound>
<strength>weak</strength>
<target>
<path>$user/department</path>
</target>
</inbound>
</attribute>
<attribute>
<ref>ri:wiuExpirationTime</ref>
<fetchStrategy>minimal</fetchStrategy>
</attribute>
<protected>
<filter>
<q:equal>
<q:matching>http://prism.evolveum.com/xml/ns/public/matching-rule-3#stringIgnoreCase</q:matching>
<q:path>attributes/ri:dn</q:path>
<q:value>uid=idm,ou=Administrators,dc=example,dc=com</q:value>
</q:equal>
</filter>
</protected>
<activation>
<administrativeStatus>
<outbound/>
<inbound/>
</administrativeStatus>
</activation>
<credentials>
<password>
<outbound/>
<inbound>
<strength>weak</strength>
<expression>
<generate/>
</expression>
</inbound>
</password>
</credentials>
</objectType>
<!-- <objectType>
<kind>account</kind>
<intent>person</intent>
<displayName>Person Account</displayName>
<objectClass>ri:wiuPerson</objectClass>
<attribute>
<ref>ri:givenName</ref>
<outbound>
<source>
<path>$user/givenName</path>
</source>
</outbound>
<inbound>
<strength>weak</strength>
<target>
<path>$user/givenName</path>
</target>
</inbound>
</attribute>
<attribute>
<ref>ri:uid</ref>
<outbound>
<strength>weak</strength>
<source>
<path>$user/name</path>
</source>
</outbound>
<inbound>
<strength>weak</strength>
<target>
<path>$user/name</path>
</target>
</inbound>
</attribute>
<activation>
<administrativeStatus>
<outbound/>
<inbound/>
</administrativeStatus>
</activation>
<credentials>
<password>
<outbound/>
<inbound>
<strength>weak</strength>
<expression>
<generate/>
</expression>
</inbound>
</password>
</credentials>
</objectType> -->
<!-- <association>
<ref>ri:group</ref>
<displayName>LDAP Group Membership</displayName>
<kind>entitlement</kind>
<intent>group</intent>
<direction>objectToSubject</direction>
<associationAttribute>ri:uniqueMember</associationAttribute>
<valueAttribute>ri:dn</valueAttribute>
<shortcutAssociationAttribute>ri:isMemberOf</shortcutAssociationAttribute>
<shortcutValueAttribute>ri:dn</shortcutValueAttribute>
</association> -->
<objectType>
<kind>entitlement</kind>
<intent>group</intent>
<displayName>LDAP Group</displayName>
<objectClass>ri:groupOfUniqueNames</objectClass>
<attribute>
<c:ref>ri:dn</c:ref>
<displayName>Distinguished Name</displayName>
<outbound>
<source>
<c:path>$focus/name</c:path>
</source>
<expression>
<script>
<code>
basic.composeDnWithSuffix('cn', name, 'ou=groups,dc=example,dc=com')
</code>
</script>
</expression>
</outbound>
</attribute>
<attribute>
<c:ref>ri:cn</c:ref>
<displayName>Common Name</displayName>
<outbound>
<source>
<c:path>$focus/name</c:path>
</source>
</outbound>
</attribute>
</objectType>
</schemaHandling>
<synchronization>
<objectSynchronization>
<kind>account</kind>
<intent>person</intent>
<enabled>true</enabled>
<!-- Only Sync uTech from LDAP -->
<condition>
<script>
<code>
tmp = basic.getAttributeValue(shadow, 'http://midpoint.evolveum.com/xml/ns/public/resource/instance-3', 'department'); return (tmp == 'University Technology' || tmp == 'AIMS')
</code>
</script>
</condition>
<correlation>
<q:equal>
<q:path>c:name</q:path>
<expression>
<path>$account/attributes/icfs:name</path>
</expression>
</q:equal>
</correlation>
<reaction>
<situation>linked</situation>
<action>
<handlerUri>http://midpoint.evolveum.com/xml/ns/public/model/action-3#modifyUser</handlerUri>
</action>
</reaction>
<reaction>
<situation>deleted</situation>
<action>
<handlerUri>http://midpoint.evolveum.com/xml/ns/public/model/action-3#unlinkAccount</handlerUri>
</action>
</reaction>
<reaction>
<situation>unlinked</situation>
<action>
<handlerUri>http://midpoint.evolveum.com/xml/ns/public/model/action-3#linkAccount</handlerUri>
</action>
</reaction>
<reaction>
<situation>unmatched</situation>
<action>
<handlerUri>http://midpoint.evolveum.com/xml/ns/public/model/action-3#addUser</handlerUri>
</action>
</reaction>
</objectSynchronization>
</synchronization>
</resource>
Raw
ldapimport.xml
<task xmlns="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
xmlns:q="http://prism.evolveum.com/xml/ns/public/query-3"
xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
xmlns:t="http://prism.evolveum.com/xml/ns/public/types-3"
xmlns:icfs="http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/resource-schema-3"
xmlns:ri="http://midpoint.evolveum.com/xml/ns/public/resource/instance-3"
oid="2cae7f8d-1eb8-401e-9ceb-59e033a2f36b"
version="513">
<name>LDAP IMPORT</name>
<extension xmlns:mext="http://midpoint.evolveum.com/xml/ns/public/model/extension-3">
<mext:kind>account</mext:kind>
</extension>
<metadata>
<createTimestamp>2016-08-26T14:29:20.273-05:00</createTimestamp>
<creatorRef oid="00000000-0000-0000-0000-000000000002" type="c:UserType"><!-- administrator --></creatorRef>
<createChannel>http://midpoint.evolveum.com/xml/ns/public/gui/channels-3#user</createChannel>
</metadata>
<taskIdentifier>1472239760274-0-1</taskIdentifier>
<ownerRef oid="00000000-0000-0000-0000-000000000002" type="c:UserType"><!-- administrator --></ownerRef>
<executionStatus>runnable</executionStatus>
<node>DefaultNode</node>
<category>ImportingAccounts</category>
<handlerUri>http://midpoint.evolveum.com/xml/ns/public/model/synchronization/task/import/handler-3</handlerUri>
<result>
<operation>run</operation>
<status>in_progress</status>
<token>1000000000000139753</token>
</result>
<resultStatus>in_progress</resultStatus>
<objectRef oid="141d78c6-697a-11e6-a271-0050569aa9d2" type="c:ResourceType"><!-- WIU Sun LDAP Test --></objectRef>
<lastRunStartTimestamp>2016-08-26T15:09:43.601-05:00</lastRunStartTimestamp>
<lastRunFinishTimestamp>2016-08-26T15:02:57.265-05:00</lastRunFinishTimestamp>
<completionTimestamp>2016-08-26T15:02:57.281-05:00</completionTimestamp>
<progress>16745</progress>
<operationStats>
<environmentalPerformanceInformation>
<provisioningStatistics>
<entry>
<resource>WIU Sun LDAP Test</resource>
<objectClass>ri:person</objectClass>
<getSuccess>0</getSuccess>
<getFailure>0</getFailure>
<searchSuccess>0</searchSuccess>
<searchFailure>0</searchFailure>
<createSuccess>0</createSuccess>
<createFailure>0</createFailure>
<updateSuccess>0</updateSuccess>
<updateFailure>0</updateFailure>
<deleteSuccess>0</deleteSuccess>
<deleteFailure>0</deleteFailure>
<syncSuccess>0</syncSuccess>
<syncFailure>0</syncFailure>
<scriptSuccess>0</scriptSuccess>
<scriptFailure>0</scriptFailure>
<otherSuccess>0</otherSuccess>
<otherFailure>0</otherFailure>
<minTime>0</minTime>
<maxTime>1905</maxTime>
<totalTime>135545</totalTime>
</entry>
</provisioningStatistics>
<mappingsStatistics/>
<notificationsStatistics/>
<lastMessageTimestamp>2016-08-26T15:13:10.088-05:00</lastMessageTimestamp>
<lastMessage>Returned from ICF_SEARCH of person on WIU Sun LDAP Test</lastMessage>
</environmentalPerformanceInformation>
<iterativeTaskInformation>
<lastSuccessObjectName>uid=cs109,ou=People,dc=wiu,dc=edu</lastSuccessObjectName>
<lastSuccessObjectDisplayName>uid=cs109,ou=People,dc=wiu,dc=edu (ACCOUNT - null - person)</lastSuccessObjectDisplayName>
<lastSuccessObjectType>c:ShadowType</lastSuccessObjectType>
<lastSuccessObjectOid>6d8f7127-f1fc-4758-a718-d032ce3c8ebf</lastSuccessObjectOid>
<lastSuccessEndTimestamp>2016-08-26T15:13:10.092-05:00</lastSuccessEndTimestamp>
<lastSuccessDuration>2</lastSuccessDuration>
<totalSuccessDuration>33582</totalSuccessDuration>
<totalSuccessCount>16745</totalSuccessCount>
<lastFailureDuration>0</lastFailureDuration>
<totalFailureDuration>0</totalFailureDuration>
<totalFailureCount>0</totalFailureCount>
</iterativeTaskInformation>
<synchronizationInformation>
<countProtected>0</countProtected>
<countNoSynchronizationPolicy>16745</countNoSynchronizationPolicy>
<countSynchronizationDisabled>0</countSynchronizationDisabled>
<countNotApplicableForTask>0</countNotApplicableForTask>
<countDeleted>0</countDeleted>
<countDisputed>0</countDisputed>
<countLinked>0</countLinked>
<countUnlinked>0</countUnlinked>
<countUnmatched>0</countUnmatched>
<countProtectedAfter>0</countProtectedAfter>
<countNoSynchronizationPolicyAfter>16745</countNoSynchronizationPolicyAfter>
<countSynchronizationDisabledAfter>0</countSynchronizationDisabledAfter>
<countNotApplicableForTaskAfter>0</countNotApplicableForTaskAfter>
<countDeletedAfter>0</countDeletedAfter>
<countDisputedAfter>0</countDisputedAfter>
<countLinkedAfter>0</countLinkedAfter>
<countUnlinkedAfter>0</countUnlinkedAfter>
<countUnmatchedAfter>0</countUnmatchedAfter>
</synchronizationInformation>
<actionsExecutedInformation/>
<timestamp>2016-08-26T15:13:10.092-05:00</timestamp>
<liveInformation>false</liveInformation>
</operationStats>
<recurrence>single</recurrence>
<binding>loose</binding>
<schedule>
<misfireAction>executeImmediately</misfireAction>
</schedule>
<threadStopAction>restart</threadStopAction>
</task>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment