Share all details about your problem, including any error messages you may have received.
Trying to create a remove provisioning request for memberOf attribute from a rule, but its not working. Getting nullpointer. ProvisioningProject ‘project’ is empty. Below is the code
Identity identity = context.getObjectByName(Identity.class, "TestUser");
ProvisioningPlan plan = new ProvisioningPlan();
String distinguishedName = "CN=TestUser,OU=Test Users,OU=Users,OU=Development,OU=App3034,OU=Services,OU=DTTL,DC=eur,DC=xyzCompany,DC=com";
AccountRequest accountRequest = new AccountRequest();
accountRequest.setOperation(AccountRequest.Operation.Modify);
accountRequest.setApplication("Active Directory");
accountRequest.setNativeIdentity(distinguishedName);
accountRequest.add(new AttributeRequest("memberOf", ProvisioningPlan.Operation.Remove, "CN=IGADEV IL P1-S 007,OU=Security Groups,OU=Groups,OU=Development,OU=App3034,OU=Services,OU=DTTL,DC=eur,DC=xyzCompany,DC=com"));
plan.add(accountRequest);
plan.setNativeIdentity(identity.getName());
plan.setIdentity(identity);
Provisioner provisioner = new Provisioner(context);
ProvisioningProject project = provisioner.compile(plan);
// provisioner.setNoLocking(true);
provisioner.execute(project); // getting null pointer. project is empty
context.saveObject(identity);
context.commitTransaction();
The NullPointerException you’re encountering is likely due to the ProvisioningProject being empty because the provisioning plan isn’t correctly constructed.
Specifically, You have set the Incorrect Native Identity. Ideally when you perform any provisioning operation like create,modify,enable,disable etc. The native Identity should be the unique attribute on the Application side not on the SailPoint side.
Below is the working version of your code -
import sailpoint.object.Identity;
import sailpoint.object.Filter;
import org.apache.log4j.Logger;
import sailpoint.object.ProvisioningPlan;
import sailpoint.object.ProvisioningPlan.AccountRequest;
import sailpoint.object.ProvisioningPlan.AttributeRequest;
import sailpoint.api.Provisioner;
import sailpoint.object.ProvisioningProject;
import sailpoint.object.Link;
String userLogin="1a2b3a";
Identity identity = context.getObjectByName(Identity.class, "1a2b3a");
// Initialize the provisioning plan and set the identity
ProvisioningPlan plan = new ProvisioningPlan();
plan.setIdentity(identity);
// Create the account request
AccountRequest accountRequest = new AccountRequest();
accountRequest.setOperation(AccountRequest.Operation.Modify);
accountRequest.setApplication("Active Directory");
// Retrieve the native identity (account ID) from the user's link to Active Directory
Link link = identity.getLink("Active Directory");
if (link != null) {
accountRequest.setNativeIdentity(link.getNativeIdentity());
} else {
System.out.println("Identity does not have an account on Active Directory");
}
// Define the group DN to remove
String groupDn = "CN=Buggy group 3,OU=Groups,DC=acme,DC=local";
// Create the attribute request to remove the group
AttributeRequest attrRequest = new AttributeRequest("memberOf", ProvisioningPlan.Operation.Remove, groupDn);
accountRequest.add(attrRequest);
// Add the account request to the plan
plan.add(accountRequest);
System.out.println(plan.toXml());
// Compile and execute the provisioning project
Provisioner provisioner = new Provisioner(context);
ProvisioningProject project = provisioner.compile(plan);
if (project != null && !project.isEmpty()) {
provisioner.execute(project);
context.saveObject(identity);
context.commitTransaction();
System.out.println("Execution Succeded.");
} else {
System.out.println("Provisioning project is empty");
}