Uploaded image for project: 'MidPoint'
  1. MidPoint
  2. MID-1891

Dry-run reconciliation does not store intent in shadow

    XMLWordPrintable

Details

    • Bug
    • Status: Closed
    • Blocker
    • Resolution: Fixed
    • 3.0 (Newton)
    • 3.0 (Newton)
    • Provisioning
    • None

    Description

      Use case: running dry-run reconciliation to see if my matching rules are ok.
      The resource is configured to have multiple account types (various intents) and multiple other objects/intents (entitlements, generic, etc. based on generic synchronization contept).

      I have configured protected accounts in schema handling for VARIOUS intents. That means, each account intent has DIFFERENT protected accounts in schema handling.

      When running dry-run recon, shadows are created in midPoint, kind=account, but the intent information is missing. So how does provisioning even know which accounts are protected...?

      This, coupled with the Resource-Accounts page allows the administrator to delete/disable protected accounts if the shadows don't have intent stored...

      Attachments

        Activity

          People

            vix Ivan Noris
            vix Ivan Noris
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: