Add new resource to user
Hi,
I would like to assign to a Lighthouse user a new role MERC_ROLE that contains an openLDAP resource name MERC, and thus create the user account on MERC. What I did were:
1) get a user view
2) add MERC_ROLE to waveset.roles, and set values to MERC attributes
3) provision user with the following code:
<Action id='2' name='Provision' process='Provision'>
<Variable name='op' value='provision'/>
<Return from='userCreated' to='userCreated'/>
</Action>
The problem I encountered is that the user does not get created on resource MERC, it only gets created when I go to the IdM admin site, edit the user and click on 'Save' button. May I know if I am missing some attributes to set?
p/s: I am doing this in an activeSync workflow, with environment IdM 6.0 SP1. This problem appears even if I assign the resource directly to waveset.resources.
Thank you for the help!
[1161 byte] By [
steveloh] at [2007-11-26 9:12:43]
# 2
Thanks Paul ! Your suggestion works like a charm. The refresh user view in between the checkout/checkin really does the trick. (I did try before by putting refresh view after checkin but it didn't work)
I just wonder if you have any idea why Provision does not work in the activeSync update workflow?(the resource account is not created until the user is saved via edit user page) I am just a bit concerned that checkout/checkin view takes great deal out of performance.
# 5
I have found out a bug in my program that leads to the above issue.
In fact I have set waveset.disabled to <null/> value in activeSync form, and aparently IdM thinks that no assignment is set and thus no action is taken. As soon as I set it to any other string other than <s>true</s>, I successfully re-enable the user, and the new resource is assigned correctly in activeSync workflow through provision.
(this problem also applies to checkout/checkin view)
Anyway, it draws my attation with the fact that we are not allowed to assign user a new resource when the user is disabled... strange.
