[midPoint] Assigning role to user when receiving a resource

[Ivan Noris]

Hi Nicolas,

can you paste the (three) attempts how the MetaRole looks, anonymized if
necessary? Maybe I will have an idea by looking at it.

Regards,

Ivan


On 11/24/2016 09:52 PM, Nicolas Rossi wrote:
> Hi guys. We are still working on this issue. We have tried 3
> alternatives to achieve it. All of them working on the resource MetaRole:
>
> 1) Add a new association on the existing inducement constructor
> directly to the entitlement on the resource. It works fine
> (entitlement is provisioned) but we cannot see this assignment on the GUI.
>
> 2) Add an inducement to an existing role which has an assignment to
> the resource MetaRole. I can see the assignment on the GUI but the
> entitlement is not provisioned to the resource.
>
> 3) Add an inducement to an existing role which has an inducement with
> association to the entitlement on the resource. I can see the
> assignment on the GUI but the entitlement is not provisioned to the
> resource.
>
> Is there any other possible configuration ?
>
> ​Best regards,
> ​
>
>
> Ing Nicolás Rossi
> Identicum S.A.
> Jorge Newbery 3226
> Tel: +54 (11) 4552-3050
> www.identicum.com <http://www.identicum.com>
>
> On Mon, Nov 21, 2016 at 5:56 PM, Ana Pereyra <apereyra at identicum.com
> <mailto:apereyra at identicum.com>> wrote:
>
>     Hi everyone,
>
>     We are having the following issue:
>
>     We need to assign the role B to users after being created in
>     resource A, automatically. 
>
>     We are using a scripted sql driver, and a meta role for creating
>     users and groups in the database; and role B is a group in resource A.
>
>     We have been trying to assign indirectly role B to users using the
>     meta role, with no luck. Any ideas on how to approach this?
>
>     Thanks in advance.
>     Regards
>
>     -- 
>     *Ana Pereyra*
>      Identicum S.A.
>     /Jorge Newbery 3226, Argentina
>     Tel: +54 (11) //4552.3050/
>     /apereyra at identicum.com <mailto:apereyra at identicum.com>/
>     www.identicum.com <http://www.identicum.com/>
>
>     _______________________________________________
>     midPoint mailing list
>     midPoint at lists.evolveum.com <mailto:midPoint at lists.evolveum.com>
>     http://lists.evolveum.com/mailman/listinfo/midpoint
>     <http://lists.evolveum.com/mailman/listinfo/midpoint>
>
>
>
>
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> http://lists.evolveum.com/mailman/listinfo/midpoint

-- 
Ivan Noris
Senior Identity Engineer
evolveum.com

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20161124/ec166fbc/attachment.htm>