Integrate a target system
The next thing to do is to connect your target system to midPoint. A target system is a resource that acts as a recipient of data from midPoint. It’s not authoritative, yet it has data on the same accounts that you’ve imported to midPoint from the HR system.
When a system isn’t authoritative, it means that it can’t overwrite data in midPoint. Moreover, midPoint is supposed to overwrite (read: rectify) the data on the resource if they happen to mismatch the data in midPoint. This is useful in cases when someone creates an unauthorized ("illegal") account on the target system, for example. Such an account needs to be deleted and midPoint does so as soon as it finds it, if instructed so.
As mentioned previously, the target system in this guide is an LDAP server.
|
No coin is one-sided
Target systems may not be authoritative in general, yet they sometimes contain data we don’t have in other systems and need to pull them into midPoint rather than delete them from the resource as superfluous. In the case of this guide, it’s be the situation with usernames. We’ll read the usernames from the otherwise write-only non-authoritative LDAP system. More on that in the sections about mappings and correlation rules. |