Details
-
Type:
Bug
-
Status: Closed
-
Priority:
Major
-
Resolution: Fixed
-
Affects Version/s: 2.2 (Crius)
-
Fix Version/s: 2.2 (Crius)
-
Component/s: None
-
Labels:None
-
Git Revision:git-midpoint-2.2rc2-14-g7bd34e1
Description
Resource is set as follows:
<reaction>
<situation>unmatched</situation>
<action ref="http://midpoint.evolveum.com/xml/ns/public/model/action-2#disableAccount"/>
</reaction>
There is an unmatched account on the resource.
The notification is set as follows:
<simpleAccountNotifier name='Notify system administrator about accounts'> <recipientExpression> <value>admin@example.com</value> </recipientExpression> <subjectExpression> <script> <code> if (event.isSuccess()) tmpText = "[IDM] SUCCESS: Account " + event?.getChangeType() + " operation succeeded for " else if (event.isFailure()) tmpText = "[IDM] ERROR: Account " + event?.getChangeType() + " operation failed for " else tmpText = "[IDM] IN PROGRESS: Account " + event?.getChangeType() + " operation in progress for " r = requestee?.getName()?.getOrig() if (r == null) r = '(unknown)' <!-- Reconciliation and unmatched accounts --> tmpText + r </code> </script> </subjectExpression> <transport>mail</transport> </simpleAccountNotifier>
The notification is sent each time the recon runs (3600 seconds):
============================================ Fri Aug 16 12:30:11 CEST 2013 Message{to='[admin@example.com]', subject='[IDM] SUCCESS: Account MODIFY operation succeeded for (unknown)', contentType='text/plain', body='Notification about account-related operation User: unknown Notification created on: Fri Aug 16 12:30:11 CEST 2013 Resource: CSV-1 (oid 10000000-9999-9999-0000-a000ff000002) Account: hacker The account has been successfully modified on the resource. Modified attributes are: - Administrative Status: - REPLACE: DISABLED '} ============================================ Fri Aug 16 13:30:11 CEST 2013 Message{to='[admin@example.com]', subject='[IDM] SUCCESS: Account MODIFY operation succeeded for (unknown)', contentType='text/plain', body='Notification about account-related operation User: unknown Notification created on: Fri Aug 16 13:30:11 CEST 2013 Resource: CSV-1 (oid 10000000-9999-9999-0000-a000ff000002) Account: hacker The account has been successfully modified on the resource. Modified attributes are: - Administrative Status: - REPLACE: DISABLED '} ============================================ Fri Aug 16 14:30:11 CEST 2013 Message{to='[admin@example.com]', subject='[IDM] SUCCESS: Account MODIFY operation succeeded for (unknown)', contentType='text/plain', body='Notification about account-related operation User: unknown Notification created on: Fri Aug 16 14:30:11 CEST 2013 Resource: CSV-1 (oid 10000000-9999-9999-0000-a000ff000002) Account: hacker The account has been successfully modified on the resource. Modified attributes are: - Administrative Status: - REPLACE: DISABLED '}
The account is already disabled, so what is being replaced and why?