Uploaded image for project: 'MidPoint'
  1. MidPoint
  2. MID-1551

Reconciliation calling disableAccount tries to disable the account each time (already disabled)

    XMLWordPrintable

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Fixed
    • 2.2 (Crius)
    • 2.2 (Crius)
    • None
    • None
    • git-midpoint-2.2rc2-14-g7bd34e1

    Description

      Resource is set as follows:

      <reaction>
  <situation>unmatched</situation>
  <action ref="http://midpoint.evolveum.com/xml/ns/public/model/action-2#disableAccount"/>
</reaction>

      There is an unmatched account on the resource.

      The notification is set as follows:

        <simpleAccountNotifier name='Notify system administrator about accounts'>
    <recipientExpression>
        <value>admin@example.com</value>
    </recipientExpression>
    <subjectExpression>
      <script>
        <code>
if (event.isSuccess())
        tmpText = "[IDM] SUCCESS: Account " + event?.getChangeType() + " operation succeeded for "
else if (event.isFailure())
        tmpText = "[IDM] ERROR: Account " + event?.getChangeType() + " operation failed for "
else  tmpText = "[IDM] IN PROGRESS: Account " + event?.getChangeType() + " operation in progress for "

r = requestee?.getName()?.getOrig()
if (r == null) r = '(unknown)' <!-- Reconciliation and unmatched accounts -->
tmpText + r
        </code>
      </script>
    </subjectExpression>
    <transport>mail</transport>
  </simpleAccountNotifier>

      The notification is sent each time the recon runs (3600 seconds):

      ============================================ Fri Aug 16 12:30:11 CEST 2013
Message{to='[admin@example.com]', subject='[IDM] SUCCESS: Account MODIFY operation succeeded for (unknown)', contentType='text/plain', body='Notification about account-related operation

User: unknown
Notification created on: Fri Aug 16 12:30:11 CEST 2013

Resource: CSV-1 (oid 10000000-9999-9999-0000-a000ff000002)
Account: hacker

The account has been successfully modified on the resource. Modified attributes are:
 - Administrative Status:
   - REPLACE: DISABLED

'}

============================================ Fri Aug 16 13:30:11 CEST 2013
Message{to='[admin@example.com]', subject='[IDM] SUCCESS: Account MODIFY operation succeeded for (unknown)', contentType='text/plain', body='Notification about account-related operation

User: unknown
Notification created on: Fri Aug 16 13:30:11 CEST 2013

Resource: CSV-1 (oid 10000000-9999-9999-0000-a000ff000002)
Account: hacker

The account has been successfully modified on the resource. Modified attributes are:
 - Administrative Status:
   - REPLACE: DISABLED

'}

============================================ Fri Aug 16 14:30:11 CEST 2013
Message{to='[admin@example.com]', subject='[IDM] SUCCESS: Account MODIFY operation succeeded for (unknown)', contentType='text/plain', body='Notification about account-related operation

User: unknown
Notification created on: Fri Aug 16 14:30:11 CEST 2013

Resource: CSV-1 (oid 10000000-9999-9999-0000-a000ff000002)
Account: hacker

The account has been successfully modified on the resource. Modified attributes are:
 - Administrative Status:
   - REPLACE: DISABLED

'}

      The account is already disabled, so what is being replaced and why?

      Attachments

        Activity

          People

            vix Ivan Noris
            vix Ivan Noris
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: