[midPoint] Delegated administration
Radovan Semancik
radovan.semancik at evolveum.com
Thu Nov 10 09:38:08 CET 2016
Hi,
Yes. I would say this is the best way. You would probably want to make
the OrganizationManager role parametric (using the orgRef assignment
parameter). But that's it.
--
Radovan Semancik
Software Architect
evolveum.com
On 11/10/2016 09:35 AM, Pertti Kellomäki wrote:
> Hi,
>
> I am reading up on delegated administration. We have a setup where
> there are a large number of independent organizations, and the
> organizations should be able to most of their administration by
> themselves.
>
> Am I correct in assuming that the orgRelation mechanism described in
> the Authorization Configuration wiki page would be the preferred way
> to implement it? So have a single OrganizationManager role in
> midPoint, and let the orgRelation determine whether the authorization
> is valid for any particular organization.
>
> Thanks, Pertti
>
>
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> http://lists.evolveum.com/mailman/listinfo/midpoint
More information about the midPoint
mailing list