Uploaded image for project: 'MidPoint'
  1. MidPoint
  2. MID-1551

Reconciliation calling disableAccount tries to disable the account each time (already disabled)

    XMLWordPrintable

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Fixed
    • 2.2 (Crius)
    • 2.2 (Crius)
    • None
    • None
    • git-midpoint-2.2rc2-14-g7bd34e1

    Description

      Resource is set as follows:

      <reaction>
        <situation>unmatched</situation>
        <action ref="http://midpoint.evolveum.com/xml/ns/public/model/action-2#disableAccount"/>
      </reaction>
      
      

      There is an unmatched account on the resource.

      The notification is set as follows:

        <simpleAccountNotifier name='Notify system administrator about accounts'>
          <recipientExpression>
              <value>admin@example.com</value>
          </recipientExpression>
          <subjectExpression>
            <script>
              <code>
      if (event.isSuccess())
              tmpText = "[IDM] SUCCESS: Account " + event?.getChangeType() + " operation succeeded for "
      else if (event.isFailure())
              tmpText = "[IDM] ERROR: Account " + event?.getChangeType() + " operation failed for "
      else  tmpText = "[IDM] IN PROGRESS: Account " + event?.getChangeType() + " operation in progress for "
      
      r = requestee?.getName()?.getOrig()
      if (r == null) r = '(unknown)' <!-- Reconciliation and unmatched accounts -->
      tmpText + r
              </code>
            </script>
          </subjectExpression>
          <transport>mail</transport>
        </simpleAccountNotifier>
      

      The notification is sent each time the recon runs (3600 seconds):

      ============================================ Fri Aug 16 12:30:11 CEST 2013
      Message{to='[admin@example.com]', subject='[IDM] SUCCESS: Account MODIFY operation succeeded for (unknown)', contentType='text/plain', body='Notification about account-related operation
      
      User: unknown
      Notification created on: Fri Aug 16 12:30:11 CEST 2013
      
      Resource: CSV-1 (oid 10000000-9999-9999-0000-a000ff000002)
      Account: hacker
      
      The account has been successfully modified on the resource. Modified attributes are:
       - Administrative Status:
         - REPLACE: DISABLED
      
      '}
      
      ============================================ Fri Aug 16 13:30:11 CEST 2013
      Message{to='[admin@example.com]', subject='[IDM] SUCCESS: Account MODIFY operation succeeded for (unknown)', contentType='text/plain', body='Notification about account-related operation
      
      User: unknown
      Notification created on: Fri Aug 16 13:30:11 CEST 2013
      
      Resource: CSV-1 (oid 10000000-9999-9999-0000-a000ff000002)
      Account: hacker
      
      The account has been successfully modified on the resource. Modified attributes are:
       - Administrative Status:
         - REPLACE: DISABLED
      
      '}
      
      ============================================ Fri Aug 16 14:30:11 CEST 2013
      Message{to='[admin@example.com]', subject='[IDM] SUCCESS: Account MODIFY operation succeeded for (unknown)', contentType='text/plain', body='Notification about account-related operation
      
      User: unknown
      Notification created on: Fri Aug 16 14:30:11 CEST 2013
      
      Resource: CSV-1 (oid 10000000-9999-9999-0000-a000ff000002)
      Account: hacker
      
      The account has been successfully modified on the resource. Modified attributes are:
       - Administrative Status:
         - REPLACE: DISABLED
      
      '}
      
      

      The account is already disabled, so what is being replaced and why?

      Attachments

        Activity

          People

            vix Ivan Noris
            vix Ivan Noris
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: