Actions
Defect #3309
closed
Undefined account type: new group or password is not provisioned, account can't be edited after upgrade to 13
Start date:
03/22/2023
Due date:
% Done:
100%
Estimated time:
Description
Tested on 13.0.1
Accounts that existed before upgrade from version 11 to 13 have undefined Account detail: "enums.AccountTypeEnum.undefined"
In such case, there are multiple issues:
Accounts that existed before upgrade from version 11 to 13 have undefined Account detail: "enums.AccountTypeEnum.undefined"
In such case, there are multiple issues:
- provisioning for these accounts is not executed in following situations:
- password change
- adding a new role that fills a multivalued merge attribute (typically: AD group)
- accounts can't be directly edited in the new GUI for the account detail
Note:
Executing provisioning (e.g. bulk action Provision without account recalculation) for these accounts seems to repair all of it - it adds "systemMapping" to the AccAccount. Please try to find some way to do migration for existing accounts without the need to execute provisioning for all accounts.
Files
Related issues
Updated by Tomáš Doischer about 1 year ago
- Status changed from New to Needs feedback
- Target version set to 13.0.2
- % Done changed from 0 to 80
I was able to come up with a migration SQL script. It is implemented in exactly the same way as it is when recalculation accounts implemented in #3161.
I tested it and I think it works fine but @sourek can you test it as well?
UPDATE acc_account SET system_mapping_id = (
SELECT
mapping.id
FROM
sys_schema_obj_class AS schema_object
LEFT JOIN acc_account AS account ON account.system_id = schema_object.system_id
LEFT JOIN sys_system_mapping AS mapping ON mapping.object_class_id = schema_object.id
WHERE mapping.operation_type = 'PROVISIONING' AND account.entity_type = mapping.entity_type
LIMIT 1
);
Updated by Peter Štrunc about 1 year ago
Looks fine. I think that it should be a part of the migration guide. Could you add it there?
Updated by Peter Štrunc about 1 year ago
- Status changed from Needs feedback to In Progress
- Assignee changed from Peter Štrunc to Tomáš Doischer
- % Done changed from 80 to 90
Updated by Tomáš Doischer about 1 year ago
- Status changed from In Progress to Resolved
- % Done changed from 90 to 100
Thanks, I added the script plus some extra information to the migration guide.
Updated by Tomáš Doischer about 1 year ago
- Status changed from Resolved to Closed
Updated by Alena Peterová about 1 year ago
- Related to Defect #3336: Wrong provisioning mapping and mixed identifiers after migrating accounts to version 13 added
Actions