Web Service Connector workflow guide for SOAP

This article describes how to create a new project for your data source in the Web Service Configuration Tool. Follow these steps to create a project.

1. Open the Web Service Configuration Tool. It opens a blank project.

   

2. Select SOAP Project and then select Add.

   

3. On the next page, provide the following information and then, select Next:

   • 新的 Web 服務名稱
   • Address (WSDL path) to retrieve the exposed services, endpoints, and operations
   • Namespace
   • 安全性模式 （驗證類型）

4. In this sample, the Credentials page is shown with the requirements for Basic security mode (the mode that was selected in the previous step). If "None" was specified for the security mode, then a Credentials page wouldn't be displayed. 選取 下一步。

   

5. The WSDL path is being accessed to retrieve the service information and the list of exposed functions is displayed. If the WSDL path entered is incorrect, then the configuration tool fails to retrieve the service information and throws an error.

   

6. Once the discovery is performed, then it lists the endpoint and the operations that are discovered. 選取 完成。

   

7. Compilation is performed. Compilation is a process of compiling the data contract assembly, which can be a time consuming operation. The user is informed about any compilation errors. After the discovery is performed, the tool displays the following page:

   

8. Expanding SOAP project and selecting exposed endpoint provided below screen. This screen lists the operations that are declared under the endpoint.

   

9. Expanding endpoint displays list of operations. An operation is a function declared by an Endpoint. Each operation addresses a type of task that can be performed within the service. This screen lists the arguments that are declared for the operation. These arguments are then defined when the operation is used in configuring the workflows.

   

10. Next step is to define the connector space schema, which is achieved by creating the Object Type and defining their object types. Select Object Types and then select Add. In the new window, add a new object type and provide a name. 請選擇 [確定]。

    

11. Adding an object type provides below screen.

    

12. 對應至物件類型的右窗格可讓您管理所選物件類型的屬性及其特性。 選取 ，然後新增。 A new window is opened to add attributes:

    

    

13. The following screen appears after adding all of the required attributes:

    

14. Object type and attributes once created, provides blank workflows that cater to the operations performed in Microsoft Identity Manager 2016 (MIM).

    

在 Web 服務組態工具中設定工作流程

下一個步驟是設定物件類型的工作流程。 工作流程檔案是 Web 服務連接器在運行時間使用的一系列活動。 工作流程可用來實作適當的 MIM 作業。 Web 服務組態工具可協助您建立四個不同的工作流程：

• 匯入：從數據源匯入下列兩種類型的工作流程數據：

  • Full import: A full import that can be configured.
  • Delta import: Not supported by the Web Service Configuration Tool.

• 匯出：將數據從 MIM 匯出至連接的數據源。 支援這項操作的三個動作如下。 您可以根據您的需求來設定這些動作。

  • Add
  • 刪除
  • Replace

• 密碼：執行用戶的密碼管理（物件類型）。 此作業有兩個動作可供使用：

  • 設定密碼
  • 變更密碼

• 測試連線：設定工作流程，以檢查是否已成功建立與數據源伺服器的連線。

備註

您可以設定項目的這些工作流程，或從Microsoft下載中心下載默認專案。

工作流程設計工具

工作流程設計工具會開啟工作區域，以根據需求設定工作流程。 針對每個物件類型 （新的 /existing），組態工具會提供工具所支援的工作流程節點。

工作流程設計工具是由下列 UI 元素所組成：

• 左窗格中的節點：這些可協助您選取要設計哪一個工作流程。

• 中央工作流程設計工具：您可以在這裡卸除設定工作流程的活動。 若要完成各種 MIM 作業（匯出、匯入、密碼管理），您可以使用 .NET Workflow Framework 4 的標準和自定義工作流程活動。 Web 服務組態工具會使用標準和自定義工作流程活動。 如需標準活動的詳細資訊，請參閱使用活動設計工具 。

  • 在中央工作流程設計工具中，任何活動旁邊如果有加上驚嘆號的紅色圓圈，表示操作已中斷且未被完全正確地定義。 將滑鼠停留在紅色圓圈上，以找出確切的錯誤。 正確定義活動之後，紅色圓圈會變更為黃色資訊標記。

  • 在中央工作流程設計工具中，任何活動旁的黃色三角形資訊標記表示已定義活動，但您可以執行更多動作來完成活動。 將滑鼠停留在黃色三角形上方，以查看詳細資訊。

• 工具箱：封裝所有工具，包括系統和自定義活動和預先定義的語句，以設計工作流程。 如需詳細資訊，請參閱 工具箱。

• [工具箱] 區段：[工具箱] 具有下列區段和類別：

  • 描述：工具箱的標頭。 One tab accesses the Toolbox and the properties of the selected workflow activity.

  • 匯入工作流程：設定匯入工作流程的自定義活動。

  • 匯出工作流程：設定匯出工作流程的自定義活動。

  • Common: Custom activities to configure any workflow.

  • 偵錯：在工作流程 4 中定義的系統偵錯工作流程活動。 這些活動可用於追蹤工作流程中的問題。

  • 陳述：在工作流程 4 中定義的系統工作流程活動。 如需詳細資訊，請參閱 使用活動設計工具。

• Properties: The properties tab displays the properties of a particular workflow activity that is dropped in the designer area and selected. 左邊的圖形顯示了 指派 活動的屬性。 針對每個活動，屬性會有所不同，並在設定自定義工作流程時使用。 此索引標籤可讓您定義已放入中央工作流程設計工具之所選工具的屬性。 如需詳細資訊，請參閱 屬性。

• 任務列： 任務列包含三個元素：變數、自變數和 匯入。 這些專案會與工作流程活動搭配使用。 如需詳細資訊，請參閱 .NET 4中的 Windows Workflow Foundation （WF） 開發人員簡介。

在 Web 服務組態工具中設定完整的匯入工作流程

The following steps show how to configure full import workflows for SOAP by using the Web Service Configuration Tool.

警告

此範例只會建立工作流程。 可能需要修改工作流程，例如在 API 中使用自訂邏輯。

1. 選取要設定的 [完整匯入] 工作流程。 The Arguments and Imports are already defined and are specific to the activities. 如需詳細資訊，請參閱下列畫面。

   

   

   After the reconfiguration of the calls, change the names of the attributes that change, add or change the namespace to variables that refer to the return structure of the API and object types that refers to the old namespace. 右窗格中的工具箱會保存設定所需的所有自定義工作流程特定活動。 將值指派給您要用於邏輯的變數。 移至中央工作流程設計工具的底部區段，並宣告變數。 變數會在下一個步驟中宣告。

2. Add a Sequence activity. 將 序列 活動設計工具從 工具箱 中拖曳，放入 Windows 工作流程設計工具視窗。 請參閱下列畫面。 The Sequence activity contains an ordered collection of child activities that it executes in order.

   

3. 若要新增變數，請找出 [建立變數]。 Type wsResponse for the Name, select the Variable type drop-down, and then select Browse for Types. 隨即顯示對話框。 Select generated>default>Response. 將 範圍 和 預設 值保持未選取。 或者，使用 Properties 檢視來設定這些值。

   

   

4. Now add all other variables and below is the final screen.

   

5. Drag one more Sequence activity designer from the Toolbox within already added Sequence activity.

6. 將 WebServiceCallActivity 拖曳到 [Common] 底下。 此活動可用來叫用探索之後可用的 Web 服務作業。 這是自定義活動，在不同的作業案例中很常見。

   

   若要使用 Web 服務作業，請設定下列屬性：

   • 服務名稱：輸入 Web 服務的名稱。

   • 端點名稱：指定所選服務的端點名稱。

   • 作業名稱：指定服務的個別作業。

   • 參數：選取 參數。 在下一個對話框中，指派自變數值，如下圖所示：

     

     這很重要

     請勿使用此對話框變更自變數 Name、Direction或 Type。 如果這些值有任何變更，活動就會變成無效。 Only set the Value for the argument. As shown in this figure, the value wsResponse is set.

7. 在 WebServiceCallActivity 下方新增 ForEach 活動。 此活動可用來逐一查看物件類型的所有屬性（錨點和非錨點）。 將這個活動拖曳到工作流程設計工具介面時，會自動列舉物件的所有屬性名稱。 根據下列畫面設定必要的值：

   

8. Drag a CreateCSEntryChangeScope activity within ForEach body. 此活動可用來在工作流程網域中為每個個別記錄建立 CSEntryChange 對象的實例，同時從目標數據源擷取數據。 Dragging this activity provides below screen. CreateAnchorAttribute 的活動會自動被繼承。

   

9. Set the value of the DN expression as ‘string.Concat ("Employee",item.EmployeeID)’. Set the AnchorValue for the EmployeeID to ‘Convert.tostring(item.EmployeeID)’. Set the ObjectTypeName as Employee. After making these modifications, you'll see the following screen:

   

   備註

   錨點值和物件名稱會根據公開的Web服務而有所不同。 此圖顯示範例。

10. 將 CreateAttributeChange 活動拖曳到 CreateAnchorAttribute 活動下方。 要拖曳的活動數目等於非錨點屬性的數目。 如需參考，請參閱下圖。

    

11. Drag CreateValueChangeActivity within CreateAttributeChange activity and set attribute value as per below screen.

    

    備註

    若要使用此活動，請從下拉式清單中挑選並指派個別的欄位，並指派值。 For multivalued attributes, drop multiple CreateValueChangeActivity activities inside a CreateAttributeChangeActivity activity.

12. To add conditions for an attribute, add an If activity as shown in the following figure:

    

13. Finally, add an Assign activity and set the expression, as shown in the following figure:

    

14. 將這個項目儲存在 位置 %FIM_INSTALL_FOLDER%\Synchronization Service\Extensions。

    默認專案應下載並儲存在目標系統上的位置 %FIM_INSTALL_DIR\2010\Synchronization Service\Extensions。 然後，項目會顯示在 Web 服務連接器精靈中。

    執行可執行檔時，系統會提示您指定安裝的位置。 輸入儲存位置。

    這很重要

    項目檔可以從任何位置儲存和開啟（具有其執行程式的適當訪問許可權）。 只有儲存至 Synchronization Service\Extension 資料夾的項目檔，才能在透過 MIM 同步處理 UI 存取的 Web 服務連接器精靈中選取。

    執行 Web 服務組態工具的使用者需要下列權限：

    • Full Control to the Synchronization Service Extension folder.
    • Read access to the registry key HKLM\System\CurrentControlSet\Services\FIMSynchronizationService\Parameters through which, the Extension folder path is located.

Configure export workflows in the Web Service Configuration Tool

The following sections show how to export your workflows by using the Web Service Configuration Tool.

Add workflows

Add export workflows by following these steps in the Web Service Configuration Tool.

1. Select the export workflow to configure. Under Export, select Add. The Arguments and Imports are already defined and are specific to the activities. See the following screens for reference.

   

2. Add a Sequence activity. 將 序列 活動設計工具從 工具箱 中拖曳，放入 Windows 工作流程設計工具視窗。 The Sequence activity contains an ordered collection of child activities that it executes in order. Select Create Variable. Assign the values to the variables that you're going to use for your logic.

   

   備註

   The steps to add a variable are described in the section for creating full import workflows.

3. Drag a ForEach activity within already added Sequence activity to iterate over anchor attribute values.

4. Select Properties and set the Values as per below screen. Here objectToExport is argument.

   

5. Set DisplayName as ForEach<AnchorAttribute>

   

6. Set TypeArgument as Microsoft.MetadirectoryServices.AnchorAttribute.

   

7. Add a Switch activity within the ForEach body of the AnchorAttribute.

   

8. Add an expression as per below screen.

   

9. Select Add a new case and enter a value for the EmployeeId. Drag a Sequence activity and within it add an Assign activity.

   

10. Assign the To and Value properties for the Assign activity.

    

11. The ForEach activity is used for anchor values. Add another ForEach activity to assign non-anchor values. In this example, the AttributeChange anchor is used.

    

12. Add a Switch activity within ForEach body of the AttributeChange anchor.

    

13. Add an expression as per below screen.

    

14. Select Add a new case and enter a value for the FirstName. Drag a Sequence activity and within it add an Assign activity. Assign the To and Value properties for the Assign activity.

    

15. Add values for the required attributes like LastName, Email, and so on.

    

16. Under Common, drag a WebServiceCallActivity and set Values for its Arguments.

    

    這很重要

    請勿使用此對話框變更自變數 Name、Direction或 Type。 如果這些值有任何變更，活動就會變成無效。 Only set the Value for the argument. As shown in this figure, the value wsResponse is set.

17. Finally, add an If activity to check responses that are returned from the web service operation.

Creation of the export workflow with the Add operation is complete:

將這個項目儲存在 位置 %FIM_INSTALL_FOLDER%\Synchronization Service\Extensions。

Delete workflows

Delete export workflows by following these steps in the Web Service Configuration Tool.

1. Select the export workflow to configure. Under Export, select Delete. The Arguments and Imports are already defined and are specific to the activities. See the following screens for reference.

   

2. Add a Sequence activity. Select Create Variable. 將值指派給您要用於邏輯的變數。

   

   備註

   The steps to add a variable are described in the section for creating full import workflows.

3. Drag a ForEach activity within already added Sequence activity to iterate over anchor attribute values.

4. Select Properties and set the Values per below screen. Here objectToExport is argument.

   

5. Set the DisplayName as ForEach\<AnchorAttribute\>:

   

6. Set the TypeArgument as Microsoft.MetadirectoryServices.AnchorAttribute:

   

7. Add a Switch activity within the ForEach body of the AnchorAttribute.

   

8. Add an expression as per below screen.

   

9. Select Add a new case and enter a value for the EmployeeId. Drag a Sequence activity and within it add an Assign activity.

   

10. Assign the To and Value properties for the Assign activity.

    

11. Under Common, drag a WebServiceCallActivity and set Values for its Arguments.

    

    這很重要

    請勿使用此對話框變更自變數 Name、Direction或 Type。 如果這些值有任何變更，活動就會變成無效。 Only set the Value for the argument. As shown in this figure, the value employeeID is set.

12. Finally add an If activity to check the responses returned from the web service operation.

Deletion of the export workflow with the Delete operation is complete:

將這個項目儲存在 位置 %FIM_INSTALL_FOLDER%\Synchronization Service\Extensions。

Replace workflows

Replace export workflows by following these steps in the Web Service Configuration Tool.

1. Select the export workflow to configure. Under Export, select Replace. The Arguments and Imports are already defined and are specific to the activities. See below screen for reference.

   

2. Add a Sequence activity.

3. Drag a ForEach activity for the <AnchorAttribute>.

4. Add another ForEach<AttributeChange> activity to assign non-anchor values.

5. Finally, the screen looks like the following figure. The instructions for configuring this activity are provided in the section for adding export workflows.

   

6. Under Common, drag a WebServiceCallActivity and set Values for its Arguments.

   

   這很重要

   請勿使用此對話框變更自變數 Name、Direction或 Type。 如果這些值有任何變更，活動就會變成無效。 Only set the Value for the argument. As shown in this figure, the value employee is set.

7. Finally, add an If activity to check the responses that are returned from the web service operation.

Replacement of the export workflow with the Replace operation is complete:

將這個項目儲存在 位置 %FIM_INSTALL_FOLDER%\Synchronization Service\Extensions。

Debug activities

The following custom activities are available to help debug the workflow template.

Log activity

The Log activity is used to write text messages to the log file. For more information, see Logging.

備註

If you aren't able to easily debug your workflow, try debugging the workflow in the production environment.

To use the Log activity, set the following properties. The properties are visible when you select the activity in Workflow Designer and view the Properties for the activity.

WriteLine activity

The WriteLine activity is used to write text messages to a provider's writer. If no writer is available, the WriteLine activity writes the text to the console window.

In the text box, write the message that you want to be visible in the writer target.

這很重要

The console window can't be used for this activity. Use another window output writer for this task.

To use the WriteLine activity, set the following properties. The properties are visible when you select the activity in Workflow Designer and view the Properties for the activity.

• Log Level: Specifies the amount of content to write in the log value. 可能的值為：

  • High: Write the LogText message to the log file if the log severity is set to High.
  • Verbose: Write the LogText message to the log file if the log severity is set to Verbose.
  • Disabled: Don’t write in the log file.

• LogText: Specifies the text content to write in the log.

• Tag: Adds a tag to the text to identify the type of content that's being written in the log. The possible values are: Error, Trace, or Warning.

後續步驟

• 一般 Web 服務連接器概觀
• 安裝 Web 服務組態工具
• SOAP 部署指南
• REST 部署指南
• Web Service MA 設定