MattMencel/idm.log Secret

## idm.log
2016-08-26 16:18:09,176 [] [pool-1-thread-6] DEBUG (com.evolveum.midpoint.model.impl.sync.SynchronizationServiceImpl): SYNCHRONIZATION: received change notification ResourceObjectShadowChangeDescription(objectDelta=ObjectDelta(ShadowType:49c31ff8-5f85-4612-8697-3237b121582e,ADD: shadow:49c31ff8-5f85-4612-8697-3237b121582e(uid=mrm114,ou=People,dc=wiu,dc=edu)), currentShadow=shadow:49c31ff8-5f85-4612-8697-3237b121582e(uid=mrm114,ou=People,dc=wiu,dc=edu), oldShadow=null, sourceChannel=http://midpoint.evolveum.com/xml/ns/public/provisioning/channels-3#import, resource=resource:141d78c6-697a-11e6-a271-0050569aa9d2(WIU Sun LDAP Test))
2016-08-26 16:18:09,178 [] [pool-1-thread-6] TRACE (com.evolveum.midpoint.model.impl.sync.SynchronizationServiceImpl): SYNCHRONIZATION determined policy: null
2016-08-26 16:18:09,178 [] [pool-1-thread-6] DEBUG (com.evolveum.midpoint.model.impl.sync.SynchronizationServiceImpl): SYNCHRONIZATION no matching policy for shadow:49c31ff8-5f85-4612-8697-3237b121582e(uid=mrm114,ou=People,dc=wiu,dc=edu) ({http://midpoint.evolveum.com/xml/ns/public/resource/instance-3}person)  on resource:141d78c6-697a-11e6-a271-0050569aa9d2(WIU Sun LDAP Test), ignoring change from channel http://midpoint.evolveum.com/xml/ns/public/provisioning/channels-3#import
2016-08-26 16:18:09,178 [] [pool-1-thread-6] INFO (com.evolveum.midpoint.model.impl.util.AbstractSearchIterativeResultHandler): Import object shadow:49c31ff8-5f85-4612-8697-3237b121582e(uid=mrm114,ou=People,dc=wiu,dc=edu) from resource:141d78c6-697a-11e6-a271-0050569aa9d2(WIU Sun LDAP Test) done with status SUCCESS (this one: 2 ms, avg: 1 ms) (total progress: 17645, wall clock avg: 12 ms)

## ldap_resource.xml
<?xml version="1.0" encoding="UTF-8"?>
<!--  ~ Copyright (c) 2010-2016 Evolveum  ~  ~ Licensed under the Apache License, Version 2.0 (the "License");  ~ you may not use this file except in compliance with the License.  ~ You may obtain a copy of the License at  ~  ~      http://www.apache.org/licenses/LICENSE-2.0  ~  ~ Unless required by applicable law or agreed to in writing, software  ~ distributed under the License is distributed on an "AS IS" BASIS,  ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.  ~ See the License for the specific language governing permissions and  ~ limitations under the License.  -->
<resource
    oid="141d78c6-697a-11e6-a271-0050569aa9d2"
    xmlns="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
    xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
    xmlns:t="http://prism.evolveum.com/xml/ns/public/types-3"
    xmlns:q="http://prism.evolveum.com/xml/ns/public/query-3"
    xmlns:mr="http://prism.evolveum.com/xml/ns/public/matching-rule-3"
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
    xmlns:ri="http://midpoint.evolveum.com/xml/ns/public/resource/instance-3"
    xmlns:icfs="http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/resource-schema-3"
    xmlns:icfc="http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/connector-schema-3"
    xmlns:func="http://midpoint.evolveum.com/xml/ns/public/function/basic-3"
    xmlns:ext="http://midpoint.evolveum.com/xml/ns/story/orgsync/ext">
    <name>WIU Sun LDAP Test</name>
    <connectorRef type="ConnectorType">
        <description>Dummy description, just for the test</description>
        <filter>
            <q:equal>
                <q:path>c:connectorType</q:path>
                <q:value>com.evolveum.polygon.connector.ldap.LdapConnector</q:value>
            </q:equal>
        </filter>
    </connectorRef>
    <connectorConfiguration xmlns:icfcldap="http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/bundle/com.evolveum.polygon.connector-ldap/com.evolveum.polygon.connector.ldap.LdapConnector">
        <icfc:configurationProperties>
            <icfcldap:port>389</icfcldap:port>
            <icfcldap:host>ldap.wiu.edu</icfcldap:host>
            <icfcldap:baseContext>ou=people,dc=wiu,dc=edu</icfcldap:baseContext>
            <icfcldap:bindDn>BINDDN</icfcldap:bindDn>
            <icfcldap:bindPassword>
                BINDPW
            </icfcldap:bindPassword>
            <icfcldap:uidAttribute>dn</icfcldap:uidAttribute>
            <icfcldap:pagingStrategy>none</icfcldap:pagingStrategy>
            <icfcldap:passwordAttribute>userPassword</icfcldap:passwordAttribute>
            <icfcldap:synchronizationStrategy>sunChangeLog</icfcldap:synchronizationStrategy>
        </icfc:configurationProperties>
        <icfc:resultsHandlerConfiguration>
            <icfc:enableNormalizingResultsHandler>false</icfc:enableNormalizingResultsHandler>
            <icfc:enableFilteredResultsHandler>false</icfc:enableFilteredResultsHandler>
            <icfc:enableAttributesToGetSearchResultsHandler>false</icfc:enableAttributesToGetSearchResultsHandler>
        </icfc:resultsHandlerConfiguration>
    </connectorConfiguration>
    <schema>
        <generationConstraints>
            <generateObjectClass>ri:person</generateObjectClass>
            <generateObjectClass>ri:groupOfUniqueNames</generateObjectClass>
            <generateObjectClass>ri:inetLocalMailRecipient</generateObjectClass>
            <generateObjectClass>ri:inetAdmin</generateObjectClass>
            <generateObjectClass>ri:inetMailUser</generateObjectClass>
            <generateObjectClass>ri:inetSubscriber</generateObjectClass>
            <generateObjectClass>ri:inetUser</generateObjectClass>
            <generateObjectClass>ri:iplanet-am-managed-person</generateObjectClass>
            <generateObjectClass>ri:iplanet-am-session-service</generateObjectClass>
            <generateObjectClass>ri:iplanet-am-user-service</generateObjectClass>
            <generateObjectClass>ri:iPlanetPreferences</generateObjectClass>
            <generateObjectClass>ri:posixAccount</generateObjectClass>
            <generateObjectClass>ri:wiuPerson</generateObjectClass>
            <generateObjectClass>ri:wiuAccount</generateObjectClass>
            <generateObjectClass>ri:wiuEmployee</generateObjectClass>
            <generateObjectClass>ri:wiuMail</generateObjectClass>
            <generateObjectClass>ri:shadowAccount</generateObjectClass>
        </generationConstraints>
    </schema>
    <schemaHandling>
        <objectType>
            <kind>account</kind>
            <intent>person</intent>
            <displayName>Person Account</displayName>
            <default>true</default>
            <objectClass>ri:person</objectClass>
            <auxiliaryObjectClass>wiuAccount</auxiliaryObjectClass>
            <auxiliaryObjectClass>wiuEmployee</auxiliaryObjectClass>
            <auxiliaryObjectClass>wiuPerson</auxiliaryObjectClass>
            <auxiliaryObjectClass>inetLocalMailRecipient</auxiliaryObjectClass>
            <attribute>
                <ref>ri:dn</ref>
                <displayName>Distinguished Name</displayName>
                <outbound>
                    <!-- Name cannot be weak. Changes in name trigger object rename. -->
                    <source>
                        <path>$user/name</path>
                    </source>
                    <expression>
                        <script>
                            <code>
                                basic.composeDnWithSuffix('uid', name, 'ou=people,dc=wiu,dc=edu')
                            </code>
                        </script>
                    </expression>
                </outbound>
            </attribute>
            <attribute>
                <ref>ri:cn</ref>
                <displayName>Common Name</displayName>
                <outbound>
                    <source>
                        <path>$user/fullName</path>
                    </source>
                </outbound>
                <inbound>
                    <strength>weak</strength>
                    <target>
                        <path>$user/fullName</path>
                    </target>
                </inbound>
            </attribute>
            <attribute>
                <ref>ri:sn</ref>
                <outbound>
                    <source>
                        <path>familyName</path>
                    </source>
                </outbound>
                <inbound>
                    <strength>weak</strength>
                    <target>
                        <path>$user/familyName</path>
                    </target>
                </inbound>
            </attribute>
            <attribute>
                <ref>ri:givenName</ref>
                <outbound>
                    <source>
                        <path>$user/givenName</path>
                    </source>
                </outbound>
                <inbound>
                    <strength>weak</strength>
                    <target>
                        <path>$user/givenName</path>
                    </target>
                </inbound>
            </attribute>
            <attribute>
                <ref>ri:department</ref>
                <outbound>
                    <source>
                        <path>$user/department</path>
                    </source>
                </outbound>
                <inbound>
                    <strength>weak</strength>
                    <target>
                        <path>$user/department</path>
                    </target>
                </inbound>
            </attribute>
            <attribute>
                <ref>ri:wiuExpirationTime</ref>
                <fetchStrategy>minimal</fetchStrategy>
            </attribute>
            <protected>
                <filter>
                    <q:equal>
                        <q:matching>http://prism.evolveum.com/xml/ns/public/matching-rule-3#stringIgnoreCase</q:matching>
                        <q:path>attributes/ri:dn</q:path>
                        <q:value>uid=idm,ou=Administrators,dc=example,dc=com</q:value>
                    </q:equal>
                </filter>
            </protected>
            <activation>
                <administrativeStatus>
                    <outbound/>
                    <inbound/>
                </administrativeStatus>
            </activation>
            <credentials>
                <password>
                    <outbound/>
                    <inbound>
                        <strength>weak</strength>
                        <expression>
                            <generate/>
                        </expression>
                    </inbound>
                </password>
            </credentials>
        </objectType>
        <!-- <objectType>
    <kind>account</kind>
    <intent>person</intent>
    <displayName>Person Account</displayName>
    <objectClass>ri:wiuPerson</objectClass>
    <attribute>
      <ref>ri:givenName</ref>
      <outbound>
        <source>
          <path>$user/givenName</path>
        </source>
      </outbound>
      <inbound>
        <strength>weak</strength>
        <target>
          <path>$user/givenName</path>
        </target>
      </inbound>
    </attribute>
    <attribute>
      <ref>ri:uid</ref>
      <outbound>
        <strength>weak</strength>
        <source>
          <path>$user/name</path>
        </source>
      </outbound>
      <inbound>
        <strength>weak</strength>
        <target>
          <path>$user/name</path>
        </target>
      </inbound>
    </attribute>
    <activation>
      <administrativeStatus>
        <outbound/>
        <inbound/>
      </administrativeStatus>
    </activation>
    <credentials>
      <password>
        <outbound/>
        <inbound>
          <strength>weak</strength>
          <expression>
            <generate/>
          </expression>
        </inbound>
      </password>
    </credentials>
  </objectType> -->
        <!-- <association>
  <ref>ri:group</ref>
  <displayName>LDAP Group Membership</displayName>
  <kind>entitlement</kind>
  <intent>group</intent>
  <direction>objectToSubject</direction>
  <associationAttribute>ri:uniqueMember</associationAttribute>
  <valueAttribute>ri:dn</valueAttribute>
  <shortcutAssociationAttribute>ri:isMemberOf</shortcutAssociationAttribute>
  <shortcutValueAttribute>ri:dn</shortcutValueAttribute>
</association> -->
        <objectType>
            <kind>entitlement</kind>
            <intent>group</intent>
            <displayName>LDAP Group</displayName>
            <objectClass>ri:groupOfUniqueNames</objectClass>
            <attribute>
                <c:ref>ri:dn</c:ref>
                <displayName>Distinguished Name</displayName>
                <outbound>
                    <source>
                        <c:path>$focus/name</c:path>
                    </source>
                    <expression>
                        <script>
                            <code>
                                basic.composeDnWithSuffix('cn', name, 'ou=groups,dc=example,dc=com')
                            </code>
                        </script>
                    </expression>
                </outbound>
            </attribute>
            <attribute>
                <c:ref>ri:cn</c:ref>
                <displayName>Common Name</displayName>
                <outbound>
                    <source>
                        <c:path>$focus/name</c:path>
                    </source>
                </outbound>
            </attribute>
        </objectType>
    </schemaHandling>
    <synchronization>
        <objectSynchronization>
            <kind>account</kind>
            <intent>person</intent>
            <enabled>true</enabled>
            <!-- Only Sync uTech from LDAP -->
            <condition>
                <script>
                    <code>
                        tmp = basic.getAttributeValue(shadow, 'http://midpoint.evolveum.com/xml/ns/public/resource/instance-3', 'department'); return (tmp == 'University Technology' || tmp == 'AIMS')
                    </code>
                </script>
            </condition>
            <correlation>
                <q:equal>
                    <q:path>c:name</q:path>
                    <expression>
                        <path>$account/attributes/icfs:name</path>
                    </expression>
                </q:equal>
            </correlation>
            <reaction>
                <situation>linked</situation>
                <action>
                    <handlerUri>http://midpoint.evolveum.com/xml/ns/public/model/action-3#modifyUser</handlerUri>
                </action>
            </reaction>
            <reaction>
                <situation>deleted</situation>
                <action>
                    <handlerUri>http://midpoint.evolveum.com/xml/ns/public/model/action-3#unlinkAccount</handlerUri>
                </action>
            </reaction>
            <reaction>
                <situation>unlinked</situation>
                <action>
                    <handlerUri>http://midpoint.evolveum.com/xml/ns/public/model/action-3#linkAccount</handlerUri>
                </action>
            </reaction>
            <reaction>
                <situation>unmatched</situation>
                <action>
                    <handlerUri>http://midpoint.evolveum.com/xml/ns/public/model/action-3#addUser</handlerUri>
                </action>
            </reaction>
        </objectSynchronization>
    </synchronization>
</resource>

## ldapimport.xml
<task xmlns="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
      xmlns:q="http://prism.evolveum.com/xml/ns/public/query-3"
      xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
      xmlns:t="http://prism.evolveum.com/xml/ns/public/types-3"
      xmlns:icfs="http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/resource-schema-3"
      xmlns:ri="http://midpoint.evolveum.com/xml/ns/public/resource/instance-3"
      oid="2cae7f8d-1eb8-401e-9ceb-59e033a2f36b"
      version="513">
   <name>LDAP IMPORT</name>
   <extension xmlns:mext="http://midpoint.evolveum.com/xml/ns/public/model/extension-3">
      <mext:kind>account</mext:kind>
   </extension>
   <metadata>
      <createTimestamp>2016-08-26T14:29:20.273-05:00</createTimestamp>
      <creatorRef oid="00000000-0000-0000-0000-000000000002" type="c:UserType"><!-- administrator --></creatorRef>
      <createChannel>http://midpoint.evolveum.com/xml/ns/public/gui/channels-3#user</createChannel>
   </metadata>
   <taskIdentifier>1472239760274-0-1</taskIdentifier>
   <ownerRef oid="00000000-0000-0000-0000-000000000002" type="c:UserType"><!-- administrator --></ownerRef>
   <executionStatus>runnable</executionStatus>
   <node>DefaultNode</node>
   <category>ImportingAccounts</category>
   <handlerUri>http://midpoint.evolveum.com/xml/ns/public/model/synchronization/task/import/handler-3</handlerUri>
   <result>
      <operation>run</operation>
      <status>in_progress</status>
      <token>1000000000000139753</token>
   </result>
   <resultStatus>in_progress</resultStatus>
   <objectRef oid="141d78c6-697a-11e6-a271-0050569aa9d2" type="c:ResourceType"><!-- WIU Sun LDAP Test --></objectRef>
   <lastRunStartTimestamp>2016-08-26T15:09:43.601-05:00</lastRunStartTimestamp>
   <lastRunFinishTimestamp>2016-08-26T15:02:57.265-05:00</lastRunFinishTimestamp>
   <completionTimestamp>2016-08-26T15:02:57.281-05:00</completionTimestamp>
   <progress>16745</progress>
   <operationStats>
      <environmentalPerformanceInformation>
         <provisioningStatistics>
            <entry>
               <resource>WIU Sun LDAP Test</resource>
               <objectClass>ri:person</objectClass>
               <getSuccess>0</getSuccess>
               <getFailure>0</getFailure>
               <searchSuccess>0</searchSuccess>
               <searchFailure>0</searchFailure>
               <createSuccess>0</createSuccess>
               <createFailure>0</createFailure>
               <updateSuccess>0</updateSuccess>
               <updateFailure>0</updateFailure>
               <deleteSuccess>0</deleteSuccess>
               <deleteFailure>0</deleteFailure>
               <syncSuccess>0</syncSuccess>
               <syncFailure>0</syncFailure>
               <scriptSuccess>0</scriptSuccess>
               <scriptFailure>0</scriptFailure>
               <otherSuccess>0</otherSuccess>
               <otherFailure>0</otherFailure>
               <minTime>0</minTime>
               <maxTime>1905</maxTime>
               <totalTime>135545</totalTime>
            </entry>
         </provisioningStatistics>
         <mappingsStatistics/>
         <notificationsStatistics/>
         <lastMessageTimestamp>2016-08-26T15:13:10.088-05:00</lastMessageTimestamp>
         <lastMessage>Returned from ICF_SEARCH of person on WIU Sun LDAP Test</lastMessage>
      </environmentalPerformanceInformation>
      <iterativeTaskInformation>
         <lastSuccessObjectName>uid=cs109,ou=People,dc=wiu,dc=edu</lastSuccessObjectName>
         <lastSuccessObjectDisplayName>uid=cs109,ou=People,dc=wiu,dc=edu (ACCOUNT - null - person)</lastSuccessObjectDisplayName>
         <lastSuccessObjectType>c:ShadowType</lastSuccessObjectType>
         <lastSuccessObjectOid>6d8f7127-f1fc-4758-a718-d032ce3c8ebf</lastSuccessObjectOid>
         <lastSuccessEndTimestamp>2016-08-26T15:13:10.092-05:00</lastSuccessEndTimestamp>
         <lastSuccessDuration>2</lastSuccessDuration>
         <totalSuccessDuration>33582</totalSuccessDuration>
         <totalSuccessCount>16745</totalSuccessCount>
         <lastFailureDuration>0</lastFailureDuration>
         <totalFailureDuration>0</totalFailureDuration>
         <totalFailureCount>0</totalFailureCount>
      </iterativeTaskInformation>
      <synchronizationInformation>
         <countProtected>0</countProtected>
         <countNoSynchronizationPolicy>16745</countNoSynchronizationPolicy>
         <countSynchronizationDisabled>0</countSynchronizationDisabled>
         <countNotApplicableForTask>0</countNotApplicableForTask>
         <countDeleted>0</countDeleted>
         <countDisputed>0</countDisputed>
         <countLinked>0</countLinked>
         <countUnlinked>0</countUnlinked>
         <countUnmatched>0</countUnmatched>
         <countProtectedAfter>0</countProtectedAfter>
         <countNoSynchronizationPolicyAfter>16745</countNoSynchronizationPolicyAfter>
         <countSynchronizationDisabledAfter>0</countSynchronizationDisabledAfter>
         <countNotApplicableForTaskAfter>0</countNotApplicableForTaskAfter>
         <countDeletedAfter>0</countDeletedAfter>
         <countDisputedAfter>0</countDisputedAfter>
         <countLinkedAfter>0</countLinkedAfter>
         <countUnlinkedAfter>0</countUnlinkedAfter>
         <countUnmatchedAfter>0</countUnmatchedAfter>
      </synchronizationInformation>
      <actionsExecutedInformation/>
      <timestamp>2016-08-26T15:13:10.092-05:00</timestamp>
      <liveInformation>false</liveInformation>
   </operationStats>
   <recurrence>single</recurrence>
   <binding>loose</binding>
   <schedule>
      <misfireAction>executeImmediately</misfireAction>
   </schedule>
   <threadStopAction>restart</threadStopAction>
</task>
	2016-08-26 16:18:09,176 [] [pool-1-thread-6] DEBUG (com.evolveum.midpoint.model.impl.sync.SynchronizationServiceImpl): SYNCHRONIZATION: received change notification ResourceObjectShadowChangeDescription(objectDelta=ObjectDelta(ShadowType:49c31ff8-5f85-4612-8697-3237b121582e,ADD: shadow:49c31ff8-5f85-4612-8697-3237b121582e(uid=mrm114,ou=People,dc=wiu,dc=edu)), currentShadow=shadow:49c31ff8-5f85-4612-8697-3237b121582e(uid=mrm114,ou=People,dc=wiu,dc=edu), oldShadow=null, sourceChannel=http://midpoint.evolveum.com/xml/ns/public/provisioning/channels-3#import, resource=resource:141d78c6-697a-11e6-a271-0050569aa9d2(WIU Sun LDAP Test))
	2016-08-26 16:18:09,178 [] [pool-1-thread-6] TRACE (com.evolveum.midpoint.model.impl.sync.SynchronizationServiceImpl): SYNCHRONIZATION determined policy: null
	2016-08-26 16:18:09,178 [] [pool-1-thread-6] DEBUG (com.evolveum.midpoint.model.impl.sync.SynchronizationServiceImpl): SYNCHRONIZATION no matching policy for shadow:49c31ff8-5f85-4612-8697-3237b121582e(uid=mrm114,ou=People,dc=wiu,dc=edu) ({http://midpoint.evolveum.com/xml/ns/public/resource/instance-3}person) on resource:141d78c6-697a-11e6-a271-0050569aa9d2(WIU Sun LDAP Test), ignoring change from channel http://midpoint.evolveum.com/xml/ns/public/provisioning/channels-3#import
	2016-08-26 16:18:09,178 [] [pool-1-thread-6] INFO (com.evolveum.midpoint.model.impl.util.AbstractSearchIterativeResultHandler): Import object shadow:49c31ff8-5f85-4612-8697-3237b121582e(uid=mrm114,ou=People,dc=wiu,dc=edu) from resource:141d78c6-697a-11e6-a271-0050569aa9d2(WIU Sun LDAP Test) done with status SUCCESS (this one: 2 ms, avg: 1 ms) (total progress: 17645, wall clock avg: 12 ms)
	<?xml version="1.0" encoding="UTF-8"?>
	<!-- ~ Copyright (c) 2010-2016 Evolveum ~ ~ Licensed under the Apache License, Version 2.0 (the "License"); ~ you may not use this file except in compliance with the License. ~ You may obtain a copy of the License at ~ ~ http://www.apache.org/licenses/LICENSE-2.0 ~ ~ Unless required by applicable law or agreed to in writing, software ~ distributed under the License is distributed on an "AS IS" BASIS, ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ~ See the License for the specific language governing permissions and ~ limitations under the License. -->
	<resource
	oid="141d78c6-697a-11e6-a271-0050569aa9d2"
	xmlns="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
	xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
	xmlns:t="http://prism.evolveum.com/xml/ns/public/types-3"
	xmlns:q="http://prism.evolveum.com/xml/ns/public/query-3"
	xmlns:mr="http://prism.evolveum.com/xml/ns/public/matching-rule-3"
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xmlns:ri="http://midpoint.evolveum.com/xml/ns/public/resource/instance-3"
	xmlns:icfs="http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/resource-schema-3"
	xmlns:icfc="http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/connector-schema-3"
	xmlns:func="http://midpoint.evolveum.com/xml/ns/public/function/basic-3"
	xmlns:ext="http://midpoint.evolveum.com/xml/ns/story/orgsync/ext">
	<name>WIU Sun LDAP Test</name>
	<connectorRef type="ConnectorType">
	<description>Dummy description, just for the test</description>
	<filter>
	<q:equal>
	<q:path>c:connectorType</q:path>
	<q:value>com.evolveum.polygon.connector.ldap.LdapConnector</q:value>
	</q:equal>
	</filter>
	</connectorRef>
	<connectorConfiguration xmlns:icfcldap="http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/bundle/com.evolveum.polygon.connector-ldap/com.evolveum.polygon.connector.ldap.LdapConnector">
	<icfc:configurationProperties>
	<icfcldap:port>389</icfcldap:port>
	<icfcldap:host>ldap.wiu.edu</icfcldap:host>
	<icfcldap:baseContext>ou=people,dc=wiu,dc=edu</icfcldap:baseContext>
	<icfcldap:bindDn>BINDDN</icfcldap:bindDn>
	<icfcldap:bindPassword>
	BINDPW
	</icfcldap:bindPassword>
	<icfcldap:uidAttribute>dn</icfcldap:uidAttribute>
	<icfcldap:pagingStrategy>none</icfcldap:pagingStrategy>
	<icfcldap:passwordAttribute>userPassword</icfcldap:passwordAttribute>
	<icfcldap:synchronizationStrategy>sunChangeLog</icfcldap:synchronizationStrategy>
	</icfc:configurationProperties>
	<icfc:resultsHandlerConfiguration>
	<icfc:enableNormalizingResultsHandler>false</icfc:enableNormalizingResultsHandler>
	<icfc:enableFilteredResultsHandler>false</icfc:enableFilteredResultsHandler>
	<icfc:enableAttributesToGetSearchResultsHandler>false</icfc:enableAttributesToGetSearchResultsHandler>
	</icfc:resultsHandlerConfiguration>
	</connectorConfiguration>
	<schema>
	<generationConstraints>
	<generateObjectClass>ri:person</generateObjectClass>
	<generateObjectClass>ri:groupOfUniqueNames</generateObjectClass>
	<generateObjectClass>ri:inetLocalMailRecipient</generateObjectClass>
	<generateObjectClass>ri:inetAdmin</generateObjectClass>
	<generateObjectClass>ri:inetMailUser</generateObjectClass>
	<generateObjectClass>ri:inetSubscriber</generateObjectClass>
	<generateObjectClass>ri:inetUser</generateObjectClass>
	<generateObjectClass>ri:iplanet-am-managed-person</generateObjectClass>
	<generateObjectClass>ri:iplanet-am-session-service</generateObjectClass>
	<generateObjectClass>ri:iplanet-am-user-service</generateObjectClass>
	<generateObjectClass>ri:iPlanetPreferences</generateObjectClass>
	<generateObjectClass>ri:posixAccount</generateObjectClass>
	<generateObjectClass>ri:wiuPerson</generateObjectClass>
	<generateObjectClass>ri:wiuAccount</generateObjectClass>
	<generateObjectClass>ri:wiuEmployee</generateObjectClass>
	<generateObjectClass>ri:wiuMail</generateObjectClass>
	<generateObjectClass>ri:shadowAccount</generateObjectClass>
	</generationConstraints>
	</schema>
	<schemaHandling>
	<objectType>
	<kind>account</kind>
	<intent>person</intent>
	<displayName>Person Account</displayName>
	<default>true</default>
	<objectClass>ri:person</objectClass>
	<auxiliaryObjectClass>wiuAccount</auxiliaryObjectClass>
	<auxiliaryObjectClass>wiuEmployee</auxiliaryObjectClass>
	<auxiliaryObjectClass>wiuPerson</auxiliaryObjectClass>
	<auxiliaryObjectClass>inetLocalMailRecipient</auxiliaryObjectClass>
	<attribute>
	<ref>ri:dn</ref>
	<displayName>Distinguished Name</displayName>
	<outbound>
	<!-- Name cannot be weak. Changes in name trigger object rename. -->
	<source>
	<path>$user/name</path>
	</source>
	<expression>
	<script>
	<code>
	basic.composeDnWithSuffix('uid', name, 'ou=people,dc=wiu,dc=edu')
	</code>
	</script>
	</expression>
	</outbound>
	</attribute>
	<attribute>
	<ref>ri:cn</ref>
	<displayName>Common Name</displayName>
	<outbound>
	<source>
	<path>$user/fullName</path>
	</source>
	</outbound>
	<inbound>
	<strength>weak</strength>
	<target>
	<path>$user/fullName</path>
	</target>
	</inbound>
	</attribute>
	<attribute>
	<ref>ri:sn</ref>
	<outbound>
	<source>
	<path>familyName</path>
	</source>
	</outbound>
	<inbound>
	<strength>weak</strength>
	<target>
	<path>$user/familyName</path>
	</target>
	</inbound>
	</attribute>
	<attribute>
	<ref>ri:givenName</ref>
	<outbound>
	<source>
	<path>$user/givenName</path>
	</source>
	</outbound>
	<inbound>
	<strength>weak</strength>
	<target>
	<path>$user/givenName</path>
	</target>
	</inbound>
	</attribute>
	<attribute>
	<ref>ri:department</ref>
	<outbound>
	<source>
	<path>$user/department</path>
	</source>
	</outbound>
	<inbound>
	<strength>weak</strength>
	<target>
	<path>$user/department</path>
	</target>
	</inbound>
	</attribute>
	<attribute>
	<ref>ri:wiuExpirationTime</ref>
	<fetchStrategy>minimal</fetchStrategy>
	</attribute>
	<protected>
	<filter>
	<q:equal>
	<q:matching>http://prism.evolveum.com/xml/ns/public/matching-rule-3#stringIgnoreCase</q:matching>
	<q:path>attributes/ri:dn</q:path>
	<q:value>uid=idm,ou=Administrators,dc=example,dc=com</q:value>
	</q:equal>
	</filter>
	</protected>
	<activation>
	<administrativeStatus>
	<outbound/>
	<inbound/>
	</administrativeStatus>
	</activation>
	<credentials>
	<password>
	<outbound/>
	<inbound>
	<strength>weak</strength>
	<expression>
	<generate/>
	</expression>
	</inbound>
	</password>
	</credentials>
	</objectType>
	<!-- <objectType>
	<kind>account</kind>
	<intent>person</intent>
	<displayName>Person Account</displayName>
	<objectClass>ri:wiuPerson</objectClass>
	<attribute>
	<ref>ri:givenName</ref>
	<outbound>
	<source>
	<path>$user/givenName</path>
	</source>
	</outbound>
	<inbound>
	<strength>weak</strength>
	<target>
	<path>$user/givenName</path>
	</target>
	</inbound>
	</attribute>
	<attribute>
	<ref>ri:uid</ref>
	<outbound>
	<strength>weak</strength>
	<source>
	<path>$user/name</path>
	</source>
	</outbound>
	<inbound>
	<strength>weak</strength>
	<target>
	<path>$user/name</path>
	</target>
	</inbound>
	</attribute>
	<activation>
	<administrativeStatus>
	<outbound/>
	<inbound/>
	</administrativeStatus>
	</activation>
	<credentials>
	<password>
	<outbound/>
	<inbound>
	<strength>weak</strength>
	<expression>
	<generate/>
	</expression>
	</inbound>
	</password>
	</credentials>
	</objectType> -->
	<!-- <association>
	<ref>ri:group</ref>
	<displayName>LDAP Group Membership</displayName>
	<kind>entitlement</kind>
	<intent>group</intent>
	<direction>objectToSubject</direction>
	<associationAttribute>ri:uniqueMember</associationAttribute>
	<valueAttribute>ri:dn</valueAttribute>
	<shortcutAssociationAttribute>ri:isMemberOf</shortcutAssociationAttribute>
	<shortcutValueAttribute>ri:dn</shortcutValueAttribute>
	</association> -->
	<objectType>
	<kind>entitlement</kind>
	<intent>group</intent>
	<displayName>LDAP Group</displayName>
	<objectClass>ri:groupOfUniqueNames</objectClass>
	<attribute>
	<c:ref>ri:dn</c:ref>
	<displayName>Distinguished Name</displayName>
	<outbound>
	<source>
	<c:path>$focus/name</c:path>
	</source>
	<expression>
	<script>
	<code>
	basic.composeDnWithSuffix('cn', name, 'ou=groups,dc=example,dc=com')
	</code>
	</script>
	</expression>
	</outbound>
	</attribute>
	<attribute>
	<c:ref>ri:cn</c:ref>
	<displayName>Common Name</displayName>
	<outbound>
	<source>
	<c:path>$focus/name</c:path>
	</source>
	</outbound>
	</attribute>
	</objectType>
	</schemaHandling>
	<synchronization>
	<objectSynchronization>
	<kind>account</kind>
	<intent>person</intent>
	<enabled>true</enabled>
	<!-- Only Sync uTech from LDAP -->
	<condition>
	<script>
	<code>
	tmp = basic.getAttributeValue(shadow, 'http://midpoint.evolveum.com/xml/ns/public/resource/instance-3', 'department'); return (tmp == 'University Technology' \|\| tmp == 'AIMS')
	</code>
	</script>
	</condition>
	<correlation>
	<q:equal>
	<q:path>c:name</q:path>
	<expression>
	<path>$account/attributes/icfs:name</path>
	</expression>
	</q:equal>
	</correlation>
	<reaction>
	<situation>linked</situation>
	<action>
	<handlerUri>http://midpoint.evolveum.com/xml/ns/public/model/action-3#modifyUser</handlerUri>
	</action>
	</reaction>
	<reaction>
	<situation>deleted</situation>
	<action>
	<handlerUri>http://midpoint.evolveum.com/xml/ns/public/model/action-3#unlinkAccount</handlerUri>
	</action>
	</reaction>
	<reaction>
	<situation>unlinked</situation>
	<action>
	<handlerUri>http://midpoint.evolveum.com/xml/ns/public/model/action-3#linkAccount</handlerUri>
	</action>
	</reaction>
	<reaction>
	<situation>unmatched</situation>
	<action>
	<handlerUri>http://midpoint.evolveum.com/xml/ns/public/model/action-3#addUser</handlerUri>
	</action>
	</reaction>
	</objectSynchronization>
	</synchronization>
	</resource>
	<task xmlns="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
	xmlns:q="http://prism.evolveum.com/xml/ns/public/query-3"
	xmlns:c="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
	xmlns:t="http://prism.evolveum.com/xml/ns/public/types-3"
	xmlns:icfs="http://midpoint.evolveum.com/xml/ns/public/connector/icf-1/resource-schema-3"
	xmlns:ri="http://midpoint.evolveum.com/xml/ns/public/resource/instance-3"
	oid="2cae7f8d-1eb8-401e-9ceb-59e033a2f36b"
	version="513">
	<name>LDAP IMPORT</name>
	<extension xmlns:mext="http://midpoint.evolveum.com/xml/ns/public/model/extension-3">
	<mext:kind>account</mext:kind>
	</extension>
	<metadata>
	<createTimestamp>2016-08-26T14:29:20.273-05:00</createTimestamp>
	<creatorRef oid="00000000-0000-0000-0000-000000000002" type="c:UserType"><!-- administrator --></creatorRef>
	<createChannel>http://midpoint.evolveum.com/xml/ns/public/gui/channels-3#user</createChannel>
	</metadata>
	<taskIdentifier>1472239760274-0-1</taskIdentifier>
	<ownerRef oid="00000000-0000-0000-0000-000000000002" type="c:UserType"><!-- administrator --></ownerRef>
	<executionStatus>runnable</executionStatus>
	<node>DefaultNode</node>
	<category>ImportingAccounts</category>
	<handlerUri>http://midpoint.evolveum.com/xml/ns/public/model/synchronization/task/import/handler-3</handlerUri>
	<result>
	<operation>run</operation>
	<status>in_progress</status>
	<token>1000000000000139753</token>
	</result>
	<resultStatus>in_progress</resultStatus>
	<objectRef oid="141d78c6-697a-11e6-a271-0050569aa9d2" type="c:ResourceType"><!-- WIU Sun LDAP Test --></objectRef>
	<lastRunStartTimestamp>2016-08-26T15:09:43.601-05:00</lastRunStartTimestamp>
	<lastRunFinishTimestamp>2016-08-26T15:02:57.265-05:00</lastRunFinishTimestamp>
	<completionTimestamp>2016-08-26T15:02:57.281-05:00</completionTimestamp>
	<progress>16745</progress>
	<operationStats>
	<environmentalPerformanceInformation>
	<provisioningStatistics>
	<entry>
	<resource>WIU Sun LDAP Test</resource>
	<objectClass>ri:person</objectClass>
	<getSuccess>0</getSuccess>
	<getFailure>0</getFailure>
	<searchSuccess>0</searchSuccess>
	<searchFailure>0</searchFailure>
	<createSuccess>0</createSuccess>
	<createFailure>0</createFailure>
	<updateSuccess>0</updateSuccess>
	<updateFailure>0</updateFailure>
	<deleteSuccess>0</deleteSuccess>
	<deleteFailure>0</deleteFailure>
	<syncSuccess>0</syncSuccess>
	<syncFailure>0</syncFailure>
	<scriptSuccess>0</scriptSuccess>
	<scriptFailure>0</scriptFailure>
	<otherSuccess>0</otherSuccess>
	<otherFailure>0</otherFailure>
	<minTime>0</minTime>
	<maxTime>1905</maxTime>
	<totalTime>135545</totalTime>
	</entry>
	</provisioningStatistics>
	<mappingsStatistics/>
	<notificationsStatistics/>
	<lastMessageTimestamp>2016-08-26T15:13:10.088-05:00</lastMessageTimestamp>
	<lastMessage>Returned from ICF_SEARCH of person on WIU Sun LDAP Test</lastMessage>
	</environmentalPerformanceInformation>
	<iterativeTaskInformation>
	<lastSuccessObjectName>uid=cs109,ou=People,dc=wiu,dc=edu</lastSuccessObjectName>
	<lastSuccessObjectDisplayName>uid=cs109,ou=People,dc=wiu,dc=edu (ACCOUNT - null - person)</lastSuccessObjectDisplayName>
	<lastSuccessObjectType>c:ShadowType</lastSuccessObjectType>
	<lastSuccessObjectOid>6d8f7127-f1fc-4758-a718-d032ce3c8ebf</lastSuccessObjectOid>
	<lastSuccessEndTimestamp>2016-08-26T15:13:10.092-05:00</lastSuccessEndTimestamp>
	<lastSuccessDuration>2</lastSuccessDuration>
	<totalSuccessDuration>33582</totalSuccessDuration>
	<totalSuccessCount>16745</totalSuccessCount>
	<lastFailureDuration>0</lastFailureDuration>
	<totalFailureDuration>0</totalFailureDuration>
	<totalFailureCount>0</totalFailureCount>
	</iterativeTaskInformation>
	<synchronizationInformation>
	<countProtected>0</countProtected>
	<countNoSynchronizationPolicy>16745</countNoSynchronizationPolicy>
	<countSynchronizationDisabled>0</countSynchronizationDisabled>
	<countNotApplicableForTask>0</countNotApplicableForTask>
	<countDeleted>0</countDeleted>
	<countDisputed>0</countDisputed>
	<countLinked>0</countLinked>
	<countUnlinked>0</countUnlinked>
	<countUnmatched>0</countUnmatched>
	<countProtectedAfter>0</countProtectedAfter>
	<countNoSynchronizationPolicyAfter>16745</countNoSynchronizationPolicyAfter>
	<countSynchronizationDisabledAfter>0</countSynchronizationDisabledAfter>
	<countNotApplicableForTaskAfter>0</countNotApplicableForTaskAfter>
	<countDeletedAfter>0</countDeletedAfter>
	<countDisputedAfter>0</countDisputedAfter>
	<countLinkedAfter>0</countLinkedAfter>
	<countUnlinkedAfter>0</countUnlinkedAfter>
	<countUnmatchedAfter>0</countUnmatchedAfter>
	</synchronizationInformation>
	<actionsExecutedInformation/>
	<timestamp>2016-08-26T15:13:10.092-05:00</timestamp>
	<liveInformation>false</liveInformation>
	</operationStats>
	<recurrence>single</recurrence>
	<binding>loose</binding>
	<schedule>
	<misfireAction>executeImmediately</misfireAction>
	</schedule>
	<threadStopAction>restart</threadStopAction>
	</task>