internet2 · pcaskey · May 11, 2023 · May 11, 2023
diff --git a/...h/midpoint_server/container_files/mp-home/post-initial-objects/resources/100-guest-db.xml b/...h/midpoint_server/container_files/mp-home/post-initial-objects/resources/100-guest-db.xml
@@ -202,7 +202,7 @@
                         <path>assignment</path>
                     </target>
                 </inbound>
-                <inbound id="37">
+                <inbound>
                     <description>Assignment of role-ldap-basic role</description>
                     <strength>strong</strength>
                     <expression>
@@ -215,6 +215,19 @@
                         <path>assignment</path>
                     </target>
                 </inbound>
+                <inbound>
+                    <description>Assignment of role-ad-basic role</description>
+                    <strength>strong</strength>
+                    <expression>
+                        <assignmentTargetSearch>
+                            <targetType>c:RoleType</targetType>
+                            <oid>94a5b1b1-b7be-4ee5-a231-3f044d953448</oid>
+                        </assignmentTargetSearch>
+                    </expression>
+                    <target>
+                        <path>assignment</path>
+                    </target>
+                </inbound>
             </attribute>
             <attribute id="7">
                 <ref>ri:emailaddress</ref>

diff --git a/.../midpoint_server/container_files/mp-home/post-initial-objects/resources/100-ldap-main.xml b/.../midpoint_server/container_files/mp-home/post-initial-objects/resources/100-ldap-main.xml
@@ -81,35 +81,35 @@
 			<auxiliaryObjectClass>ri:eduPerson</auxiliaryObjectClass>
 			<auxiliaryObjectClass>ri:eduMember</auxiliaryObjectClass>
 			<auxiliaryObjectClass>ri:incwbPerson</auxiliaryObjectClass>
-			<attribute>
-				<ref>ri:dn</ref>
-				<displayName>Distinguished Name</displayName>
+                  <attribute>
+                    <ref>ri:dn</ref>
+                    <displayName>Distinguished Name</displayName>
                 <limitations>
                     <minOccurs>0</minOccurs>
                 </limitations>
                 <tolerant>false</tolerant>
-				<matchingRule>mr:distinguishedName</matchingRule>
+                <matchingRule>mr:distinguishedName</matchingRule>
                 <outbound>
                     <strength>strong</strength>
-					<source>
-                        <path>employeeNumber</path>
+                    <source>
+                        <path>name</path>
                     </source>
                     <expression>
                         <script>
                             <code>
-                                'uid=' + employeeNumber + ',ou=People,dc=internet2,dc=edu'
+                                'uid=' + name + ',ou=People,dc=internet2,dc=edu'
                             </code>
                         </script>
                     </expression>
                 </outbound>
-			</attribute>
-			<attribute>
-				<ref>ri:cn</ref>
-				<displayName>Common Name</displayName>
-				<limitations>
-					<minOccurs>0</minOccurs>
-				</limitations>
-                <tolerant>false</tolerant>
+		</attribute>
+		<attribute>
+			<ref>ri:cn</ref>
+			<displayName>Common Name</displayName>
+			<limitations>
+				<minOccurs>0</minOccurs>
+			</limitations>
+                        <tolerant>false</tolerant>
                 <outbound>
                     <strength>strong</strength>
                     <source>
@@ -130,38 +130,38 @@
                         <path>extension/SIS_ID</path>
                     </source>
                 </outbound>
-			</attribute>			
-			<attribute>
-				<ref>ri:incwbPersonEmployeeID</ref>
-				<displayName>Employee ID</displayName>
-				<limitations>
-					<minOccurs>0</minOccurs>
-				</limitations>
+		</attribute>			
+		<attribute>
+			<ref>ri:incwbPersonEmployeeID</ref>
+			<displayName>Employee ID</displayName>
+			<limitations>
+				<minOccurs>0</minOccurs>
+			</limitations>
                 <tolerant>false</tolerant>
                 <outbound>
                     <strength>strong</strength>
                     <source>
                         <path>extension/HR_ID</path>
                     </source>
                 </outbound>
-			</attribute>
-			<attribute>
-				<ref>ri:incwbPersonGuestID</ref>
-				<displayName>Guest ID</displayName>
-				<limitations>
-					<minOccurs>0</minOccurs>
-				</limitations>
+		</attribute>
+		<attribute>
+			<ref>ri:incwbPersonGuestID</ref>
+			<displayName>Guest ID</displayName>
+			<limitations>
+				<minOccurs>0</minOccurs>
+			</limitations>
                 <tolerant>false</tolerant>
                 <outbound>
                     <strength>strong</strength>
                     <source>
                         <path>extension/Guest_ID</path>
                     </source>
                 </outbound>
-			</attribute>
-			<attribute>
-				<ref>ri:sn</ref>
-				<displayName>Surname</displayName>
+		</attribute>
+		<attribute>
+			<ref>ri:sn</ref>
+			<displayName>Surname</displayName>
                 <limitations>
                     <minOccurs>0</minOccurs>
                 </limitations>
@@ -195,11 +195,11 @@
                 <outbound>
                     <strength>strong</strength>
 					<source>
-                        <path>employeeNumber</path>
+                        <path>name</path>
                     </source>
                 </outbound>
-			</attribute>
-			<attribute>
+		</attribute>
+		<attribute>
 				<ref>ri:mail</ref>
 				<displayName>Mail</displayName>
 				<matchingRule>mr:stringIgnoreCase</matchingRule>
@@ -210,21 +210,21 @@
                         <path>emailAddress</path>
                     </source>
                 </outbound>
-			</attribute>
-			<attribute>
-				<ref>ri:employeeNumber</ref>
+		</attribute>
+		<attribute>
+			<ref>ri:employeeNumber</ref>
                 <tolerant>false</tolerant>
                 <outbound>
                     <strength>strong</strength>
                     <source>
                         <path>employeeNumber</path>
                     </source>
                 </outbound>
-			</attribute>
-			<attribute>
-				<ref>ri:businessCategory</ref>
+		</attribute>
+		<attribute>
+			<ref>ri:businessCategory</ref>
                 <tolerant>false</tolerant>
-			</attribute>
+		</attribute>
 <!-- 				<attribute>
 				<ref>ri:eduPersonAffiliation</ref>
 				<outbound>
@@ -235,15 +235,13 @@
 				</outbound>
                 <tolerant>false</tolerant>
 			</attribute> -->
-<!-- TODO MidPoint Basics Training, LAB 4-9, part 1 of 2: uncomment the following content -->
 <!--
             <activation>
                 <administrativeStatus>
                     <outbound/>
                 </administrativeStatus>
             </activation>
 -->
-<!-- TODO MidPoint Basics Training, LAB 4-9, part 1 of 2: end of to-be-uncommented content -->
             <association>
                 <tolerant>false</tolerant>
                 <ref>ri:group</ref>

diff --git a/...point_server/container_files/mp-home/post-initial-objects/resources/100-source-hr-sor.xml b/...point_server/container_files/mp-home/post-initial-objects/resources/100-source-hr-sor.xml
@@ -109,6 +109,19 @@
                             <path>assignment</path>
                         </target>
                     </inbound>
+                    <inbound>
+                        <description>Assignment of role-ad-basic role</description>
+                        <strength>strong</strength>
+                        <expression>
+                            <assignmentTargetSearch>
+                                <targetType>c:RoleType</targetType>
+                                <oid>94a5b1b1-b7be-4ee5-a231-3f044d953448</oid>
+                            </assignmentTargetSearch>
+                        </expression>
+                        <target>
+                            <path>assignment</path>
+                        </target>
+                    </inbound>
                 </attribute>
                 <attribute>
                     <ref>ri:department</ref>

diff --git a/..._server/container_files/mp-home/post-initial-objects/resources/100-source-sis-persons.xml b/..._server/container_files/mp-home/post-initial-objects/resources/100-source-sis-persons.xml
@@ -79,7 +79,7 @@
 				<ref>ri:uid</ref>
 				<displayName>UID</displayName>
                 <inbound id="34">
-				    <strength>strong</strength>
+		    <strength>strong</strength>
                     <target>
                         <c:path xmlns:incommon="http://grouper-demo.tier.internet2.edu">c:extension/incommon:SIS_ID</c:path>
                     </target>
@@ -108,6 +108,30 @@
                         </set>
                     </target>
                 </inbound>
+                <inbound>
+                    <strength>strong</strength>
+                    <expression>
+                        <assignmentTargetSearch>
+                            <targetType>RoleType</targetType>
+                            <oid>94a5b1b1-b7be-4ee5-a231-3f044d953448</oid>     <!--  role-ad-basic -->
+                            <assignmentProperties>
+                                <subtype>grouper-basic</subtype>
+                            </assignmentProperties>
+                        </assignmentTargetSearch>
+                    </expression>
+                    <target>
+                        <path>assignment</path>
+                        <set>
+                            <condition>
+                                <script>
+                                    <code>
+                                        assignment.subtype.contains('grouper-basic')
+                                    </code>
+                                </script>
+                            </condition>
+                        </set>
+                    </target>
+                </inbound>
                 <inbound>
                     <strength>strong</strength>
                     <expression>