Page tree
Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 4 Next »

Synchronization mechanism makes sure that the state of accounts corresponds to the state of the user that owns them with respect to the configured policies. For this to work properly there needs to be a way how to set which user owns which account. Account linking is used as a primary mechanisms for this. The links are created automatically when account is created as a consequence of user modification (e.g. a role is assigned to the user).

However, there may be accounts that existed before the IDM solution was deployed. Or there may be accounts that were created outside midPoint. It is possible to manage these accounts manually by linking them to corresponding users. But this solution does not scale and is not efficient. Therefore midPoint has a mechanism how to correlate users and accounts automatically.

TODO: picture

Correlation Expression

The goal of correlation expression is to (quickly and efficiently) find a list of candidate owners. Correlation expression is in fact just a (parametric) search query. See midPoint Query Language page for more details.

Confirmation Expression

TODO

  • No labels