Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision | Next revision Both sides next revision | ||
tutorial:adm:how_to_identity_sync [2019/01/02 10:09] kotisovam [Frequent errors] |
tutorial:adm:how_to_identity_sync [2019/01/24 13:36] kotisovam |
||
---|---|---|---|
Line 1: | Line 1: | ||
+ | ====== Systems - CSV: Source of identities ====== | ||
+ | |||
+ | ===== Introduction ===== | ||
+ | This tutorial will show you how to connect csv files as a source of users with CzechIdM. We will use the default CSVDirConnector from connid. | ||
+ | |||
+ | ===== Data source ===== | ||
+ | Our sample source file has just three columns that are login, firstname and lastname. | ||
+ | |||
+ | <code csv> | ||
+ | login, | ||
+ | edwardw, | ||
+ | adaml, | ||
+ | </ | ||
+ | |||
+ | Move your source file onto the server on which IdM is running. It's a good practice to put CSV files of every project into an " | ||
+ | Set permissions so that the CzechIdM server will be able to read this file. **Also, it must be able to write into the folder where the file is located because the connector needs to create temporary files when processing csv into its location.** (chmod 750 for folder permissions) | ||
+ | |||
+ | |||
+ | ===== Basic information ===== | ||
+ | |||
+ | Go to the **Systems** tab in the main menu, then click on the **Add** button, right above the listed current systems. On the first page, just fill the system name, and since you are connecting csv as a source file, you can set the system as **Read-only**. Then save the system settings - to make other options available. | ||
+ | |||
+ | |||
+ | ===== Connector configuration ===== | ||
+ | |||
+ | In the next step, switch to the **Configuration** tab of your new system. First, you need to choose a connector; in this case, it is the **CSV connector**. This will present you with the specific configuration for that choice. | ||
+ | |||
+ | Fill the important fields: | ||
+ | * **Source path**: path to your csv file | ||
+ | * **File mask**: file name | ||
+ | * **Key column name**: (multi) - column name of your unique identifier | ||
+ | * **Column names**: (multi) - All columns of your file including the identifier | ||
+ | * **Ignore header**: true | ||
+ | |||
+ | <note important> | ||
+ | |||
+ | |||
+ | |||
+ | //Sample configuration for our file:// {{: | ||
+ | |||
+ | ===== Scheme ===== | ||
+ | Next, go to the **Scheme** menu item of your selected system. | ||
+ | |||
+ | Have CzechIdM generate a scheme for you by clicking on the **Generate scheme** button. | ||
+ | Alternately, | ||
+ | |||
+ | * Use the **Add** button to create a new scheme. For users, you need to name it " | ||
+ | * Add all file columns you want to work with. Instead of the name of your identifier column use the Connid constant " | ||
+ | * Set all attributes as **Able to read** | ||
+ | |||
+ | //Sample scheme:// {{: | ||
+ | |||
+ | ===== Mapping ===== | ||
+ | |||
+ | Now go to the **Mapping** menu item. Set how the file data is to be passed to CzechIdM. | ||
+ | |||
+ | First, set the following: | ||
+ | * **Operation type:** Synchronization | ||
+ | * **Object name:** \_\_ACCOUNT\_\_ | ||
+ | * **Entity type:** Identity | ||
+ | * As **Mapping name** set whatever you want to, for example Synchronization of users. | ||
+ | |||
+ | Then map all columns as entity attributes the way you see it in the picture below. Set **\_\_NAME\_\_** | ||
+ | |||
+ | //Sample attribute mapping:// {{: | ||
+ | |||
+ | ===== Synchronization ===== | ||
+ | |||
+ | Finally, go to the **Synchronization** tab and add a new one, setting its **Name** and the fields as follows: | ||
+ | |||
+ | * **Allowed: | ||
+ | * **Reconciliation: | ||
+ | * **Set of mapped attributes: | ||
+ | * **Correlation attribute: | ||
+ | |||
+ | For the rest of the configuration, | ||
+ | |||
+ | Afterwards, go back to the **Synchronization** menu and run the synchronization you've just created. You can check its result if you click on the **Logs** tab of your synchronization. | ||
+ | |||
+ | //Sample synchronization results:// {{: | ||
+ | |||
+ | ===== Frequent errors ===== | ||
+ | If the import does not go as expected, these are the things to check out: | ||
+ | * Database connection | ||
+ | * Permission of the folder with CSV files should be set to reading, writing and execution | ||
+ | * Owner of the CSV files and folder, including these files, has to be tomcat: | ||
+ | |||
+ | **Valid CSV:** | ||
+ | * Same count of columns in header and in individual records | ||
+ | * No duplicates in identifier that you chose in the system configuration as unique | ||
+ | * No missing unique identifiers | ||
+ | * No empty columns in the header definition | ||
+ | |||
+ | |||