Merge branch 'main' of github.internet2.edu:internet2/iam-knowledge-bits

connectors.adoc

@@ -1,46 +1,120 @@
 === connectors.adoc
-https://docs.evolveum.com/connectors/connectors/com.evolveum.polygon.connector.csv.CsvConnector/
- <= CSV Connector Documentation +
-next] 2020-03-18 10:07 spell out steps toward a how-to for LDAP/AD provisioning with midPoint
+permalink: https://github.internet2.edu/internet2/iam-knowledge-bits/blob/main/connectors.adoc +
+next] LDAP/AD provisioning with midPoint
 
 - - -
-_2022-05-13 05:50 continue work on csv connector_
+_2023-02-08 11:38:56 database table connector configuration_
 
-working example:
-/Users/khazelton/opt/non.adoc/source-hr.csv
+*- Use workbench instance, guest resource, dbTable connector for a full working example -*
+
+demo in browser:
+
+` resource, guest db, configuration in UI, in XML +
+` import task, operation statistics
+
+.
+
+- - -
+_2023-02-08 11:37:46 references and links_
+
+https://docs.evolveum.com/connectors/connectors/org.identityconnectors.databasetable.DatabaseTableConnector/ +
+https://docs.evolveum.com/connectors/resources/databasetable/ +
+https://docs.evolveum.com/midpoint/reference/resources/connector-setup/ +
+
+https://evolveum.com/blog/ +
+
+- - -
+_2022-09-19 13:08 chad redman developing SCIM 2 server_
+
+part of the Grouper roadmap for 2.7 is to rewrite the SCIM server. The current implementation uses a 3rd party library written for J2EE, which is why Grouper runs under TomEE and not regular Tomcat. There are a few options for replacement libraries, so this should be a reachable goal.
+
+If the Grouper SCIM server is rewritten, the endpoints should not change significantly, but the object data is likely to change. The current service expresses objects in ways that differ from the published SCIM RFC's [1][2], and a different solution would adhere more closely to the standards. An example of some ways SCIM in Grouper is non-standard and would change:
+
+- extensions are wrapped in an "extensions" node (includes group name or subject id, so essential fields)
+
+- userName is not present in user objects and is required
+
+- unknown attribute baseUrn
+
+- inconsistent use of group and subject ids vs. uuids
+
+- /Schemas endpoint is broken (infinite loop that eventually aborts)
+
+- no PATCH or BulkRequest support
+
+Changes would impact integrations already in production, so the Grouper team is looking to hear from current users of the SCIM server.
+
+Starting a conversation with the current users, as well as users holding back because of current limitations, would also be a good opportunity to make improvements to the system. BulkRequest isn't supported, so large change sets are inefficient. PATCH operations are not currently supported, which means memberships can't be managed through the group object. Instead, multiple calls potentially need to be made to look up uuids for the group, subject, and membership. That illustrates how cumbersome it is to work with uuids for groups and subjects in general, and maybe there is some opportunity to switch to more friendly subject ids and group names as resource keys.
+
+So, if you are using the SCIM service in Grouper, or want to use a more standard version, please comment or let the Grouper team know, so that the needs can be better known.
+
+- - -
+_2022-09-14 17:37 schema mapping, csv connector template_
+
+- - -
+_2022-05-19 09:43 utility for prompted user input in CLI scripts (for use in soliciting configuration items and choices)_
+
+https://github.com/SBoudrias/Inquirer.js
+ <- +
+https://github.com/mokkabonna/inquirer-autocomplete-prompt
+ <- +
+
+- - -
+_2022-05-15 17:10 continue work on csv connector_
 
 TBD: SoR person to mP user schema mapping utility
 
 Next resource definition: develop, test, document  SIS resource creation using the 100-student csv sample from BennO's mock data sets
 /Users/khazelton/opt/non.adoc/sis.csv
 
+sorid
+GivenName
+MiddleInitial
+Surname
+Birthday
+EmailAddress
+TelephoneCountryCode
+TelephoneNumber
+NationalID
+Occupation
+Company
+
+
+
+- - -
+_2022-05-13 05:50 continue work on csv connector_
+
+working example:
+/Users/khazelton/opt/non.adoc/source-hr.csv
+
 - - -
 
 https://github.com/Evolveum/midpoint-samples/blob/master/samples/evolveum/object-template-user.xml
- <= user template +
+ <- user template +
 
 A user template may be applied globally by including the following snippet in xref:/midpoint/reference/concepts/system-configuration-object/just after the "logging" element:
 
+```
  <defaultUserTemplateRef oid="10000000-0000-0000-0000-000000000222"/>
+```
 
 System configuration xml; after logging element:
-
 ```
  <defaultObjectPolicyConfiguration id="101">
     <type>UserType</type>
     <objectTemplateRef xmlns:tns="http://midpoint.evolveum.com/xml/ns/public/common/common-3" oid="8098b124-c20c-4965-8adf-e528abedf7a4" relation="org:default" type="tns:ObjectTemplateType"/>
-</defaultObjectPolicyConfiguration>
+ </defaultObjectPolicyConfiguration>
 ```
 
 That template ref, oid="8098b124-c20c-4965-8adf-e528abedf7a4", points to ../objects/objectTemplates/UserTemplate.xml which assigns the unique name and uid
+
 ```
 uid,firstname,lastname,department,mail,validFrom,validTo
 E600001,John R,Smith,HR_SOR,xjsmith@example.com,2018-01-01,9999-12-31
 E600002,Alice,Anderson,HR_SOR,xaanderson@example.com,2016-03-15,9999-12-31
 E600003,Ellen,Johnson,HR_SOR,xejohnson@example.com,2019-10-01,2019-12-31
 E600004,Ron,Vasquez,HR_SOR,xrvasquez@example.com,2019-01-01,2019-10-31
 ```
-
 csv resource def template: ../non.adoc/extCsvResourceA.xml
 
 Resource on Aktis: 'HR SOR Source'
@@ -60,34 +134,35 @@ schema extension xsd's go in $MIDPOINT_HOME/schema
 
 ~/opt/InCommonTAP-Examples-current/Workbench/midpoint_server/container_files/mp-home$
 
+```
 tree . -L 2
 .
 ├── config.xml
 ├── cs-portal.csv
 ├── faculty-portal.csv
 ├── icf-connectors
-│   ├── connector-grouper-rest-0.7.jar
-│   ├── connector-rest-wordpress-.23-SNAPSHOT.jar
-│   ├── connector-sympa-1.0.2-connector.jar
-│   └── net.tirasa.connid.bundles.db.scriptedsql-2.2.6-SNAPSHOT.jar
+│   ├── connector-grouper-rest-0.7.jar
+│   ├── connector-rest-wordpress-.23-SNAPSHOT.jar
+│   ├── connector-sympa-1.0.2-connector.jar
+│   └── net.tirasa.connid.bundles.db.scriptedsql-2.2.6-SNAPSHOT.jar
 ├── mailing-lists.csv
 ├── post-initial-objects
-│   ├── archetypes
-│   ├── bulkActions
-│   ├── functionLibraries
-│   ├── objectTemplates
-│   ├── ordering.txt
-│   ├── orgs
-│   ├── resources
-│   ├── roles
-│   ├── securityPolicy
-│   ├── systemConfigurations
-│   ├── tasks
-│   └── users
+│   ├── archetypes
+│   ├── bulkActions
+│   ├── functionLibraries
+│   ├── objectTemplates
+│   ├── ordering.txt
+│   ├── orgs
+│   ├── resources
+│   ├── roles
+│   ├── securityPolicy
+│   ├── systemConfigurations
+│   ├── tasks
+│   └── users
 ├── res
-│   └── sis-persons
+│   └── sis-persons
 ├── schema
-│   └── internet2.xsd  <=  example schema extension file   ────────────────────────────────
+│   └── internet2.xsd  <-  example schema extension file   ────────────────────────────────
 ├── source-external.csv
 └── staff-portal.csv
 ```
@@ -117,7 +192,7 @@ _2022-04-27 18:44 CSV connector how-to_
 
 https://www.evolveum.com/downloads/midpoint/4.1/midpoint-4.1-schemadoc/http---midpoint-evolveum-com-xml-ns-public-common-common-3/object/UserType.html
 
-userAttr.ods <= midPoint User Attribute Groups +
+userAttr.ods <- midPoint User Attribute Priority Categorization +
 
 ==== CSV Connector Work Plan
 
@@ -141,27 +216,26 @@ Then click “UserType”
 
 Starting from a template xml file (TBD), map the information from the schema document into the matching XML elements in the sections on <connectorRef/>, <connectorConfiguration/>, <schema/>, <schemaHandling>, and <synchronization/> (See sisSorResourceDef.xml)
 
-Next step is to debug Resource Tasks
-Import (and Reconcile)
+Next step is to debug Resource Tasks +
+Import (and Reconcile) +
 Recompute
 
-TBD
-Build and test  Synchronization Task
+TBD +
+Build and test  Synchronization Task +
 Live sync: Work with Ethan
 
 - - -
 _2022-05-13 05:48 references and links_
 
 https://github.com/Evolveum/midpoint-samples
- <= +
+ <- +
 https://github.com/Evolveum/midpoint-samples/tree/master/samples/contrib/bshp
- <= Jason Everling, Bishop examples +
+ <- Jason Everling, Bishop examples +
 
 - - -
 _2022-04-05 13:59 csv connector how-to_
 
 [source,xml]
-----
 <?xml version="1.0" encoding="UTF-8"?>
 <!--
   ~ Copyright (c) 2010-2017 Evolveum
@@ -288,7 +362,6 @@ _2022-04-05 13:59 csv connector how-to_
 
 </resource>
 
-----
 
 ==== building a csv connector for sis source drawn from BennOs 500k sample user files
 
@@ -316,7 +389,7 @@ drwxr-xr-x 3 root root 4096 Feb 17 14:32 ..
 _2021-07-31 09:31 grouper connector enhancements_
 
 https://docs.google.com/document/d/1-NxAlgFHaA30j0PZEqP98qq9ScY-A93fDGIDdYokJWc/edit
- <= requirements +
+ <- requirements +
 
 - - -
 _2020-06-11 21:36 db table connector how-to slide deck_
@@ -332,7 +405,7 @@ https://github.com/JasonEverling/midpoint-samples
 - - -
 _2020-05-06 09:22 handling LDAP object classes in connector config_
 
-https://lists.evolveum.com/pipermail/midpoint/2017-December/004269.html <= Jason Everling on course group config +
+https://lists.evolveum.com/pipermail/midpoint/2017-December/004269.html <- Jason Everling on course group config +
 
 - - -
 _2020-05-05 09:40 ConnID 2.0 delayed at least to end of year_
@@ -504,9 +577,8 @@ This text originated from on-line discussion (call) in February 2020.
 
 See connid-dev mailing list archives.
 
----
+- - -
 _2020-02-03 19:32 references and links_
 
 https://evolveum.com/blog/
- <= +
-
+  <- +

iam-functions-list.adoc

@@ -61,14 +61,14 @@ directory services +
 IAM data dictionary +
 identity and entitlement data access +
 
+
 - - -
 
 *Deployment Models*
 
 on-prem, cloud, hybrid, hosted +
 
 
-
 - - -
 
 *The ...ities*

iamPatterns.adoc

@@ -0,0 +1,15 @@
+### IAM Patterns Ideas
+
+#### Level X: Use Cases with base architecture
+
+*- Use Case 1 - Federation Enablement -* +
+*- Use Case 2 - Managing Access -* +
+*- Use Case 3 - Scholarly Collaborations -* +
+*- Use Case 4 - Guest Systems -* +
+*- Use Case 5 - Identity Lifecycle Management -* +
+
+### Diagrams
+
+image:/images/archPatternBackbone.png[
+"IAM Arch Backbone",
+link="/images/archPatternBackbone.png"]

midpoint-db-table-res-def.adoc

@@ -0,0 +1,94 @@
+= midPoint Database Table Resource Definition How-to
+
+=== Walkthrough midPont UI Screenshots during DB table Resource Defintion
+
+
+.First page of resource definition
+
+image:/images/Screenshot 2023-02-23 at 14.03.59.png[
+"First page of resource definition",width=128,
+link="/images/Screenshot 2023-02-23 at 14.03.59.png"]
+
+.Basic tab
+
+image:/images/Screenshot 2023-02-23 at 14.05.13.png[
+"First page of resource definition",width=128,
+link="/images/Screenshot 2023-02-23 at 14.05.13.png"]
+
+.Connector configuration (top half of page)
+
+image:/images/Screenshot 2023-02-23 at 14.05.48.png[
+"First page of resource definition",width=128,
+link="/images/Screenshot 2023-02-23 at 14.05.48.png"]
+
+.Connector configuration (bottom half of page)
+
+image:/images/Screenshot 2023-02-23 at 14.06.48.png[
+"First page of resource definition",width=128,
+link="/images/Screenshot 2023-02-23 at 14.06.48.png"]
+
+.Accounts tab 
+
+image:/images/Screenshot 2023-02-23 at 14.07.12.png[
+"First page of resource definition",width=128,
+link="/images/Screenshot 2023-02-23 at 14.07.12.png"]
+
+XML version of resource definition
+
+image:/images/Screenshot 2023-02-23 at 14.55.33.png[
+"First page of resource definition",width=128,
+link="/images/Screenshot 2023-02-23 at 14.55.33.png"][
+
+
+Basiic tab
+
+image:/images/Screenshot 2023-02-23 at 14.05.13.png[
+"First page of resource definition",width=128,
+link="/images/Screenshot 2023-02-23 at 14.05.13.png"]
+
+Basiic tab
+
+image:/images/Screenshot 2023-02-23 at 14.05.13.png[
+"First page of resource definition",width=128,
+link="/images/Screenshot 2023-02-23 at 14.05.13.png"]
+
+Basiic tab
+
+image:/images/Screenshot 2023-02-23 at 14.05.13.png[
+"First page of resource definition",width=128,
+link="/images/Screenshot 2023-02-23 at 14.05.13.png"]
+
+Basiic tab
+
+image:/images/Screenshot 2023-02-23 at 14.05.13.png[
+"First page of resource definition",width=128,
+link="/images/Screenshot 2023-02-23 at 14.05.13.png"]
+
+Basiic tab
+
+image:/images/Screenshot 2023-02-23 at 14.05.13.png[
+"First page of resource definition",width=128,
+link="/images/Screenshot 2023-02-23 at 14.05.13.png"]
+
+Basiic tab
+
+image:/images/Screenshot 2023-02-23 at 14.05.13.png[
+"First page of resource definition",width=128,
+link="/images/Screenshot 2023-02-23 at 14.05.13.png"]
+
+Basiic tab
+
+image:/images/Screenshot 2023-02-23 at 14.05.13.png[
+"First page of resource definition",width=128,
+link="/images/Screenshot 2023-02-23 at 14.05.13.png"]
+
+Basiic tab
+
+image:/images/Screenshot 2023-02-23 at 14.05.13.png[
+"First page of resource definition",width=128,
+link="/images/Screenshot 2023-02-23 at 14.05.13.png"]
+
+
+
+
+