diff --git a/Workbench/directory/container_files/etc/phpldapadmin/config.php b/Workbench/directory/container_files/etc/phpldapadmin/config.php
index eafe857..5892e5c 100644
--- a/Workbench/directory/container_files/etc/phpldapadmin/config.php
+++ b/Workbench/directory/container_files/etc/phpldapadmin/config.php
@@ -329,7 +329,7 @@
the directory for users (ie, if your LDAP server does not allow anonymous
binds. */
// $servers->setValue('login','bind_id','');
-$servers->setValue('login','bind_id','cn=admin,dc=internet2,dc=edu');
+$servers->setValue('login','bind_id','cn=Directory Manager');
/* Your LDAP password. If you specified an empty bind_id above, this MUST also
be blank. */
diff --git a/Workbench/directory/container_files/seed-data/data.ldif b/Workbench/directory/container_files/seed-data/data.ldif
index 22b7a02..cadac2f 100644
--- a/Workbench/directory/container_files/seed-data/data.ldif
+++ b/Workbench/directory/container_files/seed-data/data.ldif
@@ -62,6 +62,7 @@ objectClass: person
objectClass: top
cn: Andy Guest
sn: Aguest
+mail: andyaguestcspuser@workbench.incommon.org
givenName: Andy
userPassword: password
description: A guest user
diff --git a/Workbench/midpoint_server/container_files/mp-home/post-initial-objects/archetypes/400-archetype-guest-person.xml b/Workbench/midpoint_server/container_files/mp-home/post-initial-objects/archetypes/400-archetype-guest-person.xml
new file mode 100644
index 0000000..3056cc1
--- /dev/null
+++ b/Workbench/midpoint_server/container_files/mp-home/post-initial-objects/archetypes/400-archetype-guest-person.xml
@@ -0,0 +1,25 @@
+
+
+ Guest
+ Non-academic person from the Guest system
+
+
+
+ Guests
+ Person imported from the Guest System
+
+ fa fa-plus-square
+ blue
+
+
+
+
+
+ UserType
+
+
+
diff --git a/Workbench/midpoint_server/container_files/mp-home/post-initial-objects/archetypes/500-archetype-hr-person.xml b/Workbench/midpoint_server/container_files/mp-home/post-initial-objects/archetypes/500-archetype-hr-person.xml
index 7d9f7bb..ad0d034 100644
--- a/Workbench/midpoint_server/container_files/mp-home/post-initial-objects/archetypes/500-archetype-hr-person.xml
+++ b/Workbench/midpoint_server/container_files/mp-home/post-initial-objects/archetypes/500-archetype-hr-person.xml
@@ -12,7 +12,7 @@
HRs
Person imported from the HR CSV
- fa fa-space-shuttle
+ fa fa-user-circle
olive
diff --git a/Workbench/midpoint_server/container_files/mp-home/post-initial-objects/orgs/600-org-guest-sor.xml b/Workbench/midpoint_server/container_files/mp-home/post-initial-objects/orgs/600-org-guest-sor.xml
new file mode 100644
index 0000000..c8cc102
--- /dev/null
+++ b/Workbench/midpoint_server/container_files/mp-home/post-initial-objects/orgs/600-org-guest-sor.xml
@@ -0,0 +1,13 @@
+
+
+
+
+ guest
+ Guest SOR
+
diff --git a/Workbench/midpoint_server/container_files/mp-home/post-initial-objects/resources/100-guest-ldap.xml b/Workbench/midpoint_server/container_files/mp-home/post-initial-objects/resources/100-guest-ldap.xml
new file mode 100644
index 0000000..16f0661
--- /dev/null
+++ b/Workbench/midpoint_server/container_files/mp-home/post-initial-objects/resources/100-guest-ldap.xml
@@ -0,0 +1,252 @@
+
+ Guest LDAP
+ LDAP guests provisioned by COmanage
+
+
+
+ c:connectorType
+ com.evolveum.polygon.connector.ldap.LdapConnector
+
+
+
+
+
+ false
+ false
+ false
+
+
+ directory
+ 389
+ cn=Directory Manager
+
+ password
+
+ nsUniqueId
+ spr
+ ou=Guests,dc=internet2,dc=edu
+
+ spr
+
+ memberOf
+ createTimestamp
+ true
+
+
+
+
+
+ ri:inetOrgPerson
+ ri:eduPerson
+ ri:organizationalPerson
+ ri:person
+ ri:groupOfUniqueNames
+ ri:groupOfNames
+ ri:organizationalUnit
+
+
+
+
+ account
+ default
+ Normal Account
+ true
+ ri:inetOrgPerson
+ ri:eduPerson
+
+ ri:dn
+ Distinguished Name
+
+ 0
+
+ true
+ true
+ true
+
+
+ mr:stringIgnoreCase
+
+
+ ri:sn
+ Surname
+
+ 0
+
+
+
+ familyName
+
+
+
+
+ $projection/attributes/ri:givenName
+ givenname
+
+
+
+
+
+ fullName
+
+
+
+
+ ri:givenName
+ Given Name
+
+
+ $c:user/c:givenName
+
+
+
+
+ ri:mail
+
+
+ $c:user/c:emailAddress
+
+
+
+
+ ri:uid
+
+
+ name
+
+
+
+ Assignment of Guest SOR archetype
+ strong
+
+
+ c:ArchetypeType
+ 3d290ffd-35d6-40d5-9b20-964f891f569c
+
+
+
+ assignment
+
+
+
+ Assignment of Guest SOR organization
+ strong
+
+
+ c:OrgType
+ 55ced112-264c-4c77-a1bf-9e32d8a138b0
+
+
+
+ assignment
+
+
+
+ Assignment of role-ldap-basic role
+ strong
+
+
+ c:RoleType
+ c89f31dd-8d4f-4e0a-82cb-58ff9d8c1b2f
+
+
+
+ assignment
+
+
+
+
+ 5
+
+
+
+
+ http://prism.evolveum.com/xml/ns/public/matching-rule-3#stringIgnoreCase
+ attributes/ri:dn
+ cn=admin,dc=internet2,dc=edu
+
+
+
+
+
+
+
+ weak
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+ weak
+
+
+
+
+
+
+
+
+
+
+ true
+
+
+ name
+
+
+ declare namespace ri="http://midpoint.evolveum.com/xml/ns/public/resource/instance-3";
+ $account/attributes/ri:uid
+
+
+
+
+ Correlation expression is a search query.
+ Following search query will look for users that have "name"
+ equal to the "eduPersonPrincipalName" attribute of the account. Simply speaking,
+ it will look for a match in usernames in the IDM and the resource.
+ The correlation rule always looks for users, so it will not match
+ any other object type.
+
+
+
+ linked
+ true
+
+
+ deleted
+ true
+
+ http://midpoint.evolveum.com/xml/ns/public/model/action-3#unlink
+
+
+
+ unlinked
+ true
+
+ http://midpoint.evolveum.com/xml/ns/public/model/action-3#link
+
+
+
+ unmatched
+ true
+
+ http://midpoint.evolveum.com/xml/ns/public/model/action-3#addFocus
+
+
+
+
+
+ true
+
+
diff --git a/Workbench/midpoint_server/container_files/mp-home/post-initial-objects/resources/100-ldap-main.xml b/Workbench/midpoint_server/container_files/mp-home/post-initial-objects/resources/100-ldap-main.xml
index c768c90..9f8e308 100644
--- a/Workbench/midpoint_server/container_files/mp-home/post-initial-objects/resources/100-ldap-main.xml
+++ b/Workbench/midpoint_server/container_files/mp-home/post-initial-objects/resources/100-ldap-main.xml
@@ -61,6 +61,8 @@
ri:inetOrgPerson
ri:eduPerson
+ ri:organizationalPerson
+ ri:person
ri:groupOfUniqueNames
ri:groupOfNames
ri:organizationalUnit
diff --git a/Workbench/midpoint_server/container_files/mp-home/post-initial-objects/tasks/994-task-guest-ldap-import.xml b/Workbench/midpoint_server/container_files/mp-home/post-initial-objects/tasks/994-task-guest-ldap-import.xml
new file mode 100644
index 0000000..c85e8a0
--- /dev/null
+++ b/Workbench/midpoint_server/container_files/mp-home/post-initial-objects/tasks/994-task-guest-ldap-import.xml
@@ -0,0 +1,37 @@
+
+ Import from Guest LDAP
+
+ account
+ ri:AccountObjectClass
+
+
+
+
+
+ df940655-2167-455d-a735-a5e8c234e289
+
+ runnable
+ ImportingAccounts
+
+ recurring
+
+ 60
+
+ loose
+