How to use TEWS to execute the "Synchronize User With Roles" task
Article ID: 97740
Updated On:
Products
CA Identity Manager
CA Identity Governance
CA Identity Portal
Issue/Introduction
The IM task "Synchronize User With Roles" cannot be executed via Bulk Load or Bulk Task because this task has two checkboxes for Add Missing Accounts and Remove Extra Accounts and at least one of these checkboxes must be selected for this task to perform any work. These checkboxes can be set when using the IM User Console or when using TEWS but cannot be set when using the Bulk Load with a csv file.
Is there an example of the XML for TEWS to execute the "Synchronize User With Roles" task?
Is there an example of the XML for TEWS to execute the "Synchronize User With Roles" task?
Environment
Release:
Component: IDMGR versions 14.1, 14.2, 14.4
Resolution
Below is an example showing the expected input for executing the "Synchronize User With Roles" with TEWS. Note that the BindUser, BindPassword, and TestUser values would need to be adjusted and that you may only need to set either addMissing, deleteExtra, or both to true depending on what you want to do.
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wsdl="http://tews6/wsdl">
<soapenv:Body>
<admin_id xmlns="http://tews6/xsd/types">uid=BindUser,ou=people,ou=im,ou=ca,o=com</admin_id>
<admin_password xmlns="http://tews6/xsd/types">BindPassword</admin_password>
<wsdl:DoSynchUserRoles>
<wsdl:DoSynchUserRolesSearch>
<wsdl:Filter index="0">
<wsdl:Field>%USER_ID%</wsdl:Field>
<wsdl:Op>EQUALS</wsdl:Op>
<wsdl:Value>TestUser</wsdl:Value>
</wsdl:Filter>
</wsdl:DoSynchUserRolesSearch>
<wsdl:DoSynchUserRolesDoSynchUserRolesTab>
<wsdl:addMissing>true</wsdl:addMissing>
<wsdl:deleteExtra>true</wsdl:deleteExtra>
</wsdl:DoSynchUserRolesDoSynchUserRolesTab>
</wsdl:DoSynchUserRoles>
</soapenv:Body>
</soapenv:Envelope>
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wsdl="http://tews6/wsdl">
<soapenv:Body>
<admin_id xmlns="http://tews6/xsd/types">uid=BindUser,ou=people,ou=im,ou=ca,o=com</admin_id>
<admin_password xmlns="http://tews6/xsd/types">BindPassword</admin_password>
<wsdl:DoSynchUserRoles>
<wsdl:DoSynchUserRolesSearch>
<wsdl:Filter index="0">
<wsdl:Field>%USER_ID%</wsdl:Field>
<wsdl:Op>EQUALS</wsdl:Op>
<wsdl:Value>TestUser</wsdl:Value>
</wsdl:Filter>
</wsdl:DoSynchUserRolesSearch>
<wsdl:DoSynchUserRolesDoSynchUserRolesTab>
<wsdl:addMissing>true</wsdl:addMissing>
<wsdl:deleteExtra>true</wsdl:deleteExtra>
</wsdl:DoSynchUserRolesDoSynchUserRolesTab>
</wsdl:DoSynchUserRoles>
</soapenv:Body>
</soapenv:Envelope>
Additional Information
This was enhanced in version 14.3 and we now offer the option to check those boxes for bulk imports automatically in the
Synchronize User with Roles
admin task:
14.3 Release Notes - Product Enhancements
Synchronize User with Roles in Bulk
The Bulk Loader functionality now allows you to synchronize user with roles in bulk. Two new configuration properties are added to the
Synchronize User with Roles
admin task that lets you add missing accounts and delete extra accounts on endpoints. For information about how to synchronize user with roles in bulk, see
Synchronization User with Roles in Bulk
section in Synchronize Users with Roles.
Feedback
Yes
No
Powered by
