From 59b4c3387ff42c0dbcf0fc0805f82a4362429d83 Mon Sep 17 00:00:00 2001 From: Keith Hazelton Date: Wed, 8 Feb 2023 14:01:14 -0600 Subject: [PATCH] Update connectors.adoc --- connectors.adoc | 155 +++++++++++++++++++++++++++++++++++------------- 1 file changed, 113 insertions(+), 42 deletions(-) diff --git a/connectors.adoc b/connectors.adoc index 743e114..7d44b49 100644 --- a/connectors.adoc +++ b/connectors.adoc @@ -1,38 +1,113 @@ === connectors.adoc -https://docs.evolveum.com/connectors/connectors/com.evolveum.polygon.connector.csv.CsvConnector/ - <= CSV Connector Documentation + -next] 2020-03-18 10:07 spell out steps toward a how-to for LDAP/AD provisioning with midPoint +permalink: https://github.internet2.edu/internet2/iam-knowledge-bits/blob/main/connectors.adoc + +next] LDAP/AD provisioning with midPoint - - - -_2022-05-13 05:50 continue work on csv connector_ +_2023-02-08 11:38:56 database table connector configuration_ -working example: -/Users/khazelton/opt/non.adoc/source-hr.csv +*- Use workbench instance, guest resource, dbTable connector for a full working example -* + +demo in browser: + +` resource, guest db, configuration in UI, in XML + +` import task, operation statistics + +. + +- - - +_2023-02-08 11:37:46 references and links_ + +https://docs.evolveum.com/connectors/connectors/org.identityconnectors.databasetable.DatabaseTableConnector/ + +https://docs.evolveum.com/connectors/resources/databasetable/ + +https://docs.evolveum.com/midpoint/reference/resources/connector-setup/ + + +https://evolveum.com/blog/ + + +- - - +_2022-09-19 13:08 chad redman developing SCIM 2 server_ + +part of the Grouper roadmap for 2.7 is to rewrite the SCIM server. The current implementation uses a 3rd party library written for J2EE, which is why Grouper runs under TomEE and not regular Tomcat. There are a few options for replacement libraries, so this should be a reachable goal. + +If the Grouper SCIM server is rewritten, the endpoints should not change significantly, but the object data is likely to change. The current service expresses objects in ways that differ from the published SCIM RFC's [1][2], and a different solution would adhere more closely to the standards. An example of some ways SCIM in Grouper is non-standard and would change: + +- extensions are wrapped in an "extensions" node (includes group name or subject id, so essential fields) + +- userName is not present in user objects and is required + +- unknown attribute baseUrn + +- inconsistent use of group and subject ids vs. uuids + +- /Schemas endpoint is broken (infinite loop that eventually aborts) + +- no PATCH or BulkRequest support + +Changes would impact integrations already in production, so the Grouper team is looking to hear from current users of the SCIM server. + +Starting a conversation with the current users, as well as users holding back because of current limitations, would also be a good opportunity to make improvements to the system. BulkRequest isn't supported, so large change sets are inefficient. PATCH operations are not currently supported, which means memberships can't be managed through the group object. Instead, multiple calls potentially need to be made to look up uuids for the group, subject, and membership. That illustrates how cumbersome it is to work with uuids for groups and subjects in general, and maybe there is some opportunity to switch to more friendly subject ids and group names as resource keys. + +So, if you are using the SCIM service in Grouper, or want to use a more standard version, please comment or let the Grouper team know, so that the needs can be better known. + +- - - +_2022-09-14 17:37 schema mapping, csv connector template_ + +- - - +_2022-05-19 09:43 utility for prompted user input in CLI scripts (for use in soliciting configuration items and choices)_ + +https://github.com/SBoudrias/Inquirer.js + <- + +https://github.com/mokkabonna/inquirer-autocomplete-prompt + <- + + +- - - +_2022-05-15 17:10 continue work on csv connector_ TBD: SoR person to mP user schema mapping utility Next resource definition: develop, test, document SIS resource creation using the 100-student csv sample from BennO's mock data sets /Users/khazelton/opt/non.adoc/sis.csv +sorid +GivenName +MiddleInitial +Surname +Birthday +EmailAddress +TelephoneCountryCode +TelephoneNumber +NationalID +Occupation +Company + + + +- - - +_2022-05-13 05:50 continue work on csv connector_ + +working example: +/Users/khazelton/opt/non.adoc/source-hr.csv + - - - https://github.com/Evolveum/midpoint-samples/blob/master/samples/evolveum/object-template-user.xml - <= user template + + <- user template + A user template may be applied globally by including the following snippet in xref:/midpoint/reference/concepts/system-configuration-object/just after the "logging" element: +``` +``` System configuration xml; after logging element: - ``` UserType - + ``` That template ref, oid="8098b124-c20c-4965-8adf-e528abedf7a4", points to ../objects/objectTemplates/UserTemplate.xml which assigns the unique name and uid + ``` uid,firstname,lastname,department,mail,validFrom,validTo E600001,John R,Smith,HR_SOR,xjsmith@example.com,2018-01-01,9999-12-31 @@ -40,7 +115,6 @@ E600002,Alice,Anderson,HR_SOR,xaanderson@example.com,2016-03-15,9999-12-31 E600003,Ellen,Johnson,HR_SOR,xejohnson@example.com,2019-10-01,2019-12-31 E600004,Ron,Vasquez,HR_SOR,xrvasquez@example.com,2019-01-01,2019-10-31 ``` - csv resource def template: ../non.adoc/extCsvResourceA.xml Resource on Aktis: 'HR SOR Source' @@ -67,28 +141,28 @@ tree . -L 2 ├── cs-portal.csv ├── faculty-portal.csv ├── icf-connectors -│   ├── connector-grouper-rest-0.7.jar -│   ├── connector-rest-wordpress-.23-SNAPSHOT.jar -│   ├── connector-sympa-1.0.2-connector.jar -│   └── net.tirasa.connid.bundles.db.scriptedsql-2.2.6-SNAPSHOT.jar +│ ├── connector-grouper-rest-0.7.jar +│ ├── connector-rest-wordpress-.23-SNAPSHOT.jar +│ ├── connector-sympa-1.0.2-connector.jar +│ └── net.tirasa.connid.bundles.db.scriptedsql-2.2.6-SNAPSHOT.jar ├── mailing-lists.csv ├── post-initial-objects -│   ├── archetypes -│   ├── bulkActions -│   ├── functionLibraries -│   ├── objectTemplates -│   ├── ordering.txt -│   ├── orgs -│   ├── resources -│   ├── roles -│   ├── securityPolicy -│   ├── systemConfigurations -│   ├── tasks -│   └── users +│ ├── archetypes +│ ├── bulkActions +│ ├── functionLibraries +│ ├── objectTemplates +│ ├── ordering.txt +│ ├── orgs +│ ├── resources +│ ├── roles +│ ├── securityPolicy +│ ├── systemConfigurations +│ ├── tasks +│ └── users ├── res -│   └── sis-persons +│ └── sis-persons ├── schema -│   └── internet2.xsd <= example schema extension file ──────────────────────────────── +│ └── internet2.xsd <- example schema extension file ──────────────────────────────── ├── source-external.csv └── staff-portal.csv ``` @@ -118,7 +192,7 @@ _2022-04-27 18:44 CSV connector how-to_ https://www.evolveum.com/downloads/midpoint/4.1/midpoint-4.1-schemadoc/http---midpoint-evolveum-com-xml-ns-public-common-common-3/object/UserType.html -userAttr.ods <= midPoint User Attribute Groups + +userAttr.ods <- midPoint User Attribute Priority Categorization + ==== CSV Connector Work Plan @@ -142,27 +216,26 @@ Then click “UserType” Starting from a template xml file (TBD), map the information from the schema document into the matching XML elements in the sections on , , , , and (See sisSorResourceDef.xml) -Next step is to debug Resource Tasks -Import (and Reconcile) +Next step is to debug Resource Tasks + +Import (and Reconcile) + Recompute -TBD -Build and test Synchronization Task +TBD + +Build and test Synchronization Task + Live sync: Work with Ethan - - - _2022-05-13 05:48 references and links_ https://github.com/Evolveum/midpoint-samples - <= + + <- + https://github.com/Evolveum/midpoint-samples/tree/master/samples/contrib/bshp - <= Jason Everling, Bishop examples + + <- Jason Everling, Bishop examples + - - - _2022-04-05 13:59 csv connector how-to_ [source,xml] -----