MidPoint Project Documentation

Table of Contents

1. Object Templates
- 1.1. Default Project and Org Template
- 1.2. Default User Template
2. Resources
3. Organization Units
- 3.1. F0000
- 3.2. F0100
- 3.3. F0110
- 3.4. F0120
- 3.5. F0200
- 3.6. F0210
- 3.7. P0000
- 3.8. P0001
- 3.9. P0002
4. Roles
5. Tasks

This is the optional preamble (an untitled section body).Useful for writing simple sectionless documents consisting only of a preamble.

1. Object Templates

1.1. Default Project and Org Template

1.1.1. Include References

1.1.2. Iterator Specification

1.1.3. Items

1.1.4. Mappings

Name
Description	A hack to avoid feedback to HR feed - deleting accounts because they are not assigned
Documentation	1. More technical documentation here we go. With some list: A B C 2. Another title there is is. were’re using asciidoc.
Options	Strength: strong	Authoritative:	Exclusive:
Source	`orgType`	Target	`assignment`
Expression	Expression documentation block

Name
Description	A hack to avoid feedback to HR feed - deleting accounts because they are not assigned
Options	Strength: strong	Authoritative:	Exclusive:
Source	`orgType`	Target	`assignment`
Expression	Expression documentation block

1.2. Default User Template

aaa I don’t know that to put here, it’s just an example.

col1	col2	col3
row1	row2	row3

1.2.1. Include References

1.2.2. Iterator Specification

1.2.3. Items

1.2.4. Mappings

Name

Some name

Documentation

I don’t know that to put here, it’s just an example. Table should follow:

col1	col2	col3
row1	row2	row3

Options

Strength: strong

Authoritative:

Exclusive:

Channels

asdf
jklo

Except channels

zxcv
opiu

Source

$user/givenName
$user/familyName
⇒ familyNameeee

Target

fullName

Expression

Expression documentation block

Name
Description	A hack to avoid feedback to HR feed - deleting accounts because they are not assigned
Options	Strength: strong	Authoritative:	Exclusive:
Source	`employeeType`	Target	`assignment`
Expression	Expression documentation block

Name
Options	Strength: strong	Authoritative:	Exclusive:
Source	`employeeType`	Target	`assignment`
Expression	Expression documentation block

Name
Options	Strength: strong	Authoritative:	Exclusive:
Source	`employeeType`	Target	`assignment`
Expression	Expression documentation block

2. Resources

2.1. Addressbook

Simple database application that maintains addresses and telephone numbers of people.
It is authoritative only for telephone number. It also has postal address that no
other application has.

2.1.1. Connector

Resource uses connector. Artifact details:

Connector type:
Connector version:
Connector bundle:
Namespace:

Connector Configuration

Parameter	Value	Description
port	5432
host	localhost
user	addressbook
password	XML
database	addressbook
table	people
keyColumn	username
passwordColumn	password
jdbcDriver	org.postgresql.Driver
jdbcUrlTemplate	jdbc:postgresql://%h:%p/%d
enableEmptyString	false
rethrowAllSQLExceptions	true
nativeTimestamps	true

2.1.2. Object Types

Default Account

Overview

Attribute	Type	Description
uid (Entry ID)
name (Username)
first_name (First Name)
last_name (Last name)
tel_number (Telephone Number)
city (City)

Attribute Details

uid (Entry ID)

name (Username)

Outbounds

first_name (First Name)

Outbounds

last_name (Last name)

Outbounds

tel_number (Telephone Number)

Outbounds

city (City)

Outbounds

Credentials

Activation

Association

2.1.3. Capabilities

Native

$object.getCapabilities().getNative()

Configured

PCV(null):[PP({http://midpoint.evolveum.com/xml/ns/public/resource/capabilities-3}activation):[PPV(ActivationCapabilityType:com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.ActivationCapabilityType@3e60be48[status=com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.ActivationStatusCapabilityType@68312b85[returnedByDefault=<null>,attribute={http://midpoint.evolveum.com/xml/ns/public/resource/instance-3}validity,enableValue=[true],disableValue=[false, ],ignoreAttribute=<null>,enabled=<null>],validFrom=<null>,validTo=<null>,lockoutStatus=<null>,enabled=<null>])]]

2.2. HR Feed

Some description, more usable for midpoint UI

2.2.1. More technical documentation

here we go. With some list:

A
B
C

2.2.2. Another title

there is is. were’re using asciidoc.

2.2.3. Connector

Resource uses connector. Artifact details:

Connector type:
Connector version:
Connector bundle:
Namespace:

Connector Configuration

Parameter	Value	Description
filePath	/var/opt/hr/export.csv
encoding	utf-8
valueQualifier	"
fieldDelimiter	,
multivalueDelimiter	;
usingMultivalue	false
uniqueAttribute	empnum

2.2.4. Object Types

Default Account

Overview

Attribute	Type	Description
uid (ICF UID)
name (Employee#)
firstname (First Name)		Definition of Firstname attribute handling.
lastname (Last name)
artname (Artistic name)
emptype (Employee type)

Attribute Details

uid (ICF UID)

name (Employee#)

Inbounds

Name
Options	Strength:	Authoritative:	Exclusive:
Source		Target	`$user/employeeNumber`
Expression	Expression documentation block

firstname (First Name)

Inbounds

Name
Options	Strength:	Authoritative:	Exclusive:
Source		Target	`$user/givenName`
Expression	Expression documentation block

lastname (Last name)

Inbounds

Name
Options	Strength:	Authoritative:	Exclusive:
Source		Target	`$user/familyName`
Expression	Expression documentation block

artname (Artistic name)

Inbounds

Name
Options	Strength:	Authoritative:	Exclusive:
Source		Target	`$user/extension/artisticName`
Expression	Expression documentation block

Name
Options	Strength: weak	Authoritative:	Exclusive:
Source		Target	`$user/nickName`
Expression	Expression documentation block

Name
Options	Strength: weak	Authoritative:	Exclusive:
Source		Target	`$user/name`
Expression	Expression documentation block

emptype (Employee type)

Inbounds

Name
Options	Strength:	Authoritative:	Exclusive:
Source		Target	`$user/employeeType`
Expression	Expression documentation block

Credentials

Activation

Association

2.2.5. Synchronization

Object Types

, ACCOUNT/default

2.2.6. Capabilities

Native

$object.getCapabilities().getNative()

Configured

$object.getCapabilities().getConfigured()

2.3. LDAP Server (OpenDJ)

2.3.1. Connector

Resource uses connector. Artifact details:

Connector type:
Connector version:
Connector bundle:
Namespace:

Connector Configuration

Parameter	Value	Description
modifiersNamesToFilterOut	uid=idm,ou=Administrators,dc=example,dc=com
credentials	XML
port	1389
vlvSortAttribute	uid
principal	uid=idm,ou=Administrators,dc=example,dc=com
baseContexts	ou=people,dc=example,dc=com
baseContexts	ou=groups,dc=example,dc=com
host	localhost
usePagedResultControl	true
maintainLdapGroupMembership	true
accountOperationalAttributes	ds-pwp-account-disabled

2.3.2. Object Types

Organizational Unit, GENERIC/ou

Overview

Attribute	Type	Description
dn ()
ou ()

Attribute Details

dn ()

Outbounds

ou ()

Credentials

Activation

Association

2.3.3. Synchronization

Object Types

sync, GENERIC/ou

2.3.4. Capabilities

Native

$object.getCapabilities().getNative()

Configured

$object.getCapabilities().getConfigured()

2.4. LDAP Server (OpenDJ)

2.4.1. Connector

Resource uses connector. Artifact details:

Connector type:
Connector version:
Connector bundle:
Namespace:

Connector Configuration

Parameter	Value	Description
modifiersNamesToFilterOut	uid=idm,ou=Administrators,dc=example,dc=com
credentials	XML
port	1389
vlvSortAttribute	uid
principal	uid=idm,ou=Administrators,dc=example,dc=com
baseContexts	ou=people,dc=example,dc=com
baseContexts	ou=groups,dc=example,dc=com
host	localhost
usePagedResultControl	true
maintainLdapGroupMembership	true
accountOperationalAttributes	ds-pwp-account-disabled

2.4.2. Object Types

LDAP project groups, ENTITLEMENT/ldapProject

Overview

Attribute	Type	Description
name ()
cn ()
description ()

Attribute Details

name ()

Outbounds

cn ()

Outbounds

description ()

Outbounds

Credentials

Activation

Association

2.4.3. Capabilities

Native

$object.getCapabilities().getNative()

Configured

$object.getCapabilities().getConfigured()

2.5. LDAP Server (OpenDJ) over new LDAPConn.

LDAP resource using new LDAP Connector based on Apache Directory API. It contains configuration
for connecting to an OpenDJ instance running on the localhost.

2.5.1. Connector

Resource uses connector. Artifact details:

Connector type:
Connector version:
Connector bundle:
Namespace:

Connector Configuration

Parameter	Value	Description
port	1389
host	localhost
baseContextsToSynchronize	ou=people,dc=example,dc=com
baseContextsToSynchronize	ou=groups,dc=example,dc=com
bindDn	uid=idm,ou=Administrators,dc=example,dc=com
pagingStrategy	none
bindPassword	XML
modifiersNamesToFilterOut	uid=idm,ou=Administrators,dc=example,dc=com
vlvSortAttribute	uid
operationalAttributes	ds-pwp-account-disabled

Results Handlers Configuration

Parameter	Value
enableFilteredResultsHandler	false

2.5.2. Object Types

Default Account

Overview

Attribute	Type	Description
dn (Distinguished Name)
entryUUID (Entry UUID)
cn (Common Name)
sn (Surname)
givenName (Given Name)
uid (Login Name)
description ()
l ()
telephoneNumber ()
employeeNumber ()
employeeType ()

Attribute Details

dn (Distinguished Name)

Outbounds

entryUUID (Entry UUID)

cn (Common Name)

Inbounds

Name
Options	Strength: weak	Authoritative:	Exclusive:
Source		Target	`$user/fullName`
Expression	Expression documentation block

Outbounds

sn (Surname)

Inbounds

Name
Options	Strength: weak	Authoritative:	Exclusive:
Source		Target	`familyName`
Expression	Expression documentation block

Outbounds

givenName (Given Name)

Inbounds

Name
Options	Strength: weak	Authoritative:	Exclusive:
Source		Target	`$user/givenName`
Expression	Expression documentation block

Outbounds

uid (Login Name)

Inbounds

Name
Options	Strength: weak	Authoritative:	Exclusive:
Source		Target	`$user/name`
Expression	Expression documentation block

Outbounds

description ()

Outbounds

l ()

Inbounds

Name
Options	Strength:	Authoritative:	Exclusive:
Source		Target	`$user/locality`
Expression	Expression documentation block

telephoneNumber ()

Inbounds

Name
Options	Strength:	Authoritative:	Exclusive:
Source		Target	`$user/telephoneNumber`
Expression	Expression documentation block

Outbounds

employeeNumber ()

Inbounds

Name
Options	Strength: weak	Authoritative:	Exclusive:
Source		Target	`$user/employeeNumber`
Expression	Expression documentation block

Outbounds

employeeType ()

Inbounds

Name
Options	Strength: weak	Authoritative:	Exclusive:
Source		Target	`$user/employeeType`
Expression	Expression documentation block

Outbounds

Credentials

Activation

Association

Group, ENTITLEMENT/group

Overview

Attribute	Type	Description

Attribute Details

Credentials

Activation

Association

LDAP project groups, ENTITLEMENT/ldapProject

Overview

Attribute	Type	Description
dn ()
cn ()
description ()

Attribute Details

dn ()

Outbounds

cn ()

Outbounds

description ()

Outbounds

Credentials

Activation

Association

Organizational Unit, GENERIC/ou

Overview

Attribute	Type	Description
dn ()
ou ()

Attribute Details

dn ()

Outbounds

ou ()

Credentials

Activation

Association

2.5.3. Synchronization

Object Types

sync account, ACCOUNT/default

sync group, ENTITLEMENT/ldapProject

sync, GENERIC/ou

2.5.4. Capabilities

Native

$object.getCapabilities().getNative()

Configured

PCV(null):[PP({http://midpoint.evolveum.com/xml/ns/public/resource/capabilities-3}activation):[PPV(ActivationCapabilityType:com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.ActivationCapabilityType@1e40edb7[status=com.evolveum.midpoint.xml.ns._public.resource.capabilities_3.ActivationStatusCapabilityType@27381497[returnedByDefault=<null>,attribute={http://midpoint.evolveum.com/xml/ns/public/resource/instance-3}ds-pwp-account-disabled,enableValue=[],disableValue=[true],ignoreAttribute=<null>,enabled=<null>],validFrom=<null>,validTo=<null>,lockoutStatus=<null>,enabled=<null>])]]

2.6. LDAP Server (OpenLDAP) over new LDAPConn.

LDAP resource using new LDAP Connector based on Apache Directory API. It contains configuration
for connecting to an OpenLDAP instance running on the localhost.

2.6.1. Connector

Resource uses connector. Artifact details:

Connector type:
Connector version:
Connector bundle:
Namespace:

Connector Configuration

Parameter	Value	Description
port	389
vlvSortAttribute	uid
baseContext	dc=example,dc=com
vlvSortOrderingRule	2.5.13.3
bindDn	cn=idm,ou=Administrators,dc=example,dc=com
pagingStrategy	auto
operationalAttributes	memberOf
operationalAttributes	createTimestamp
host	localhost
bindPassword	XML

Results Handlers Configuration

Parameter	Value
enableFilteredResultsHandler	false

2.6.2. Object Types

Default Account

Overview

Attribute	Type	Description
dn (Distinguished Name)
entryUUID (Entry UUID)
cn (Common Name)
sn (Surname)
givenName (Given Name)
uid (Login Name)
description ()
l ()
telephoneNumber ()
employeeNumber ()
employeeType ()

Attribute Details

dn (Distinguished Name)

Outbounds

entryUUID (Entry UUID)

cn (Common Name)

Inbounds

Name
Options	Strength: weak	Authoritative:	Exclusive:
Source		Target	`$user/fullName`
Expression	Expression documentation block

Outbounds

sn (Surname)

Inbounds

Name
Options	Strength: weak	Authoritative:	Exclusive:
Source		Target	`familyName`
Expression	Expression documentation block

Outbounds

givenName (Given Name)

Inbounds

Name
Options	Strength: weak	Authoritative:	Exclusive:
Source		Target	`$user/givenName`
Expression	Expression documentation block

Outbounds

uid (Login Name)

Inbounds

Name
Options	Strength: weak	Authoritative:	Exclusive:
Source		Target	`$user/name`
Expression	Expression documentation block

Outbounds

description ()

Outbounds

l ()

Inbounds

Name
Options	Strength:	Authoritative:	Exclusive:
Source		Target	`$user/locality`
Expression	Expression documentation block

telephoneNumber ()

Inbounds

Name
Options	Strength:	Authoritative:	Exclusive:
Source		Target	`$user/telephoneNumber`
Expression	Expression documentation block

Outbounds

employeeNumber ()

Inbounds

Name
Options	Strength: weak	Authoritative:	Exclusive:
Source		Target	`$user/employeeNumber`
Expression	Expression documentation block

Outbounds

employeeType ()

Inbounds

Name
Options	Strength: weak	Authoritative:	Exclusive:
Source		Target	`$user/employeeType`
Expression	Expression documentation block

Outbounds

Credentials

Activation

Association

Group, ENTITLEMENT/group

Overview

Attribute	Type	Description

Attribute Details

Credentials

Activation

Association

LDAP project groups, ENTITLEMENT/ldapProject

Overview

Attribute	Type	Description
dn ()
cn ()
description ()

Attribute Details

dn ()

Outbounds

cn ()

Outbounds

description ()

Outbounds

Credentials

Activation

Association

Organizational Unit, GENERIC/ou

Overview

Attribute	Type	Description
dn ()
ou ()

Attribute Details

dn ()

Outbounds

ou ()

Credentials

Activation

Association

2.6.3. Synchronization

Object Types

sync account, ACCOUNT/default

sync group, ENTITLEMENT/ldapProject

sync, GENERIC/ou

2.6.4. Capabilities

Native

$object.getCapabilities().getNative()

Configured

$object.getCapabilities().getConfigured()

3. Organization Units

3.1. F0000

Famous workshop of Leonardo da Vinci

3.2. F0100

Fine arts and stuff

3.3. F0110

Painting, drawing, carving, scratching whatever

3.4. F0120

Bigger than life

3.5. F0200

Everything that moves or otherwise.

3.6. F0210

We can destroy it for you wholesale

3.7. P0000

Project organizational structure root

3.8. P0001

Create the most appealing visual representation of a smile

3.9. P0002

4. Roles

4.1. Contractor role

Role that gives contractors necessary access.

4.2. Full Time Employee

Basic role for full-time employee. It contains basic access rights that every employee should get automatically.

4.3. LDAP Orgs MetaRole

using to push new Orgs to LDAP automatically

4.4. LDAP Projects MetaRole

using to push new Projects to LDAP automatically

4.5. Patron

A role for art patrons. Designed to be assigned manually.

Files

example.adoc

Latest commit

History

example.adoc

File metadata and controls

MidPoint Project Documentation

1. Object Templates

1.1. Default Project and Org Template

1.1.1. Include References

1.1.2. Iterator Specification

1.1.3. Items

1.1.4. Mappings

1. More technical documentation

2. Another title

1.2. Default User Template

1.2.1. Include References

1.2.2. Iterator Specification

1.2.3. Items

1.2.4. Mappings

2. Resources

2.1. Addressbook

2.1.1. Connector

Connector Configuration

2.1.2. Object Types

Default Account

Overview

Attribute Details

Credentials

Activation

Association

2.1.3. Capabilities

Native

Configured

2.2. HR Feed

2.2.1. More technical documentation

2.2.2. Another title

2.2.3. Connector

Connector Configuration

2.2.4. Object Types

Default Account

Overview

Attribute Details

Credentials

Activation

Association

2.2.5. Synchronization

Object Types

, ACCOUNT/default

2.2.6. Capabilities

Native

Configured

2.3. LDAP Server (OpenDJ)

2.3.1. Connector

Connector Configuration

2.3.2. Object Types

Organizational Unit, GENERIC/ou

Overview

Attribute Details

Credentials

Activation

Association

2.3.3. Synchronization

Object Types

sync, GENERIC/ou

2.3.4. Capabilities

Native

Configured

2.4. LDAP Server (OpenDJ)

2.4.1. Connector

Connector Configuration

2.4.2. Object Types

LDAP project groups, ENTITLEMENT/ldapProject

Overview

Attribute Details

Credentials

Activation

Association

2.4.3. Capabilities

Native