[midPoint] how to synchronize roles the same way as users?
Radovan Semancik
radovan.semancik at evolveum.com
Thu Nov 21 13:14:16 CET 2013
Hi Jerzy,
The short answer is: Possible but somehow difficult in version 2.2
(latest stable version). Possible and quite easy in version 2.3 (planned
for spring 2014)
Currently midPoint 2.2 is implemented to synchronize just users and
accounts. But midpoint is programmable. There is a Java API and
webservice. REST is comming very soon. Therefore you can write a short
program or script to do the synchronization. This is good for simple
cases. But it may be quite difficut to handle all the synchronization
cases correctly.
The plan for midPoint 2.3 is to extend this synchronization to be much
more generic. Therefore in version 2.3 you will be able to write a
connector for your other IDM system. The connector will present these
legacy roles as "entitlements". And then you can use regular midPoint
synchronization mechanisms to synchronize such "entitlements" and
midPoint roles.
--
Radovan Semancik
Software Architect
evolveum.com
On 11/20/2013 12:42 PM, Jerzy Krolak wrote:
> Dear all,
>
> I am in the middle of evaluating midPoint as our new IDM, and I ran
> into a problem:
>
> I have successfully synchronized users with AD using midPoint. However
> the second step is to synchronize the roles with another IDM system.
>
> Is this possible with midPoint? And, if yes, are there any examples or
> documentation available?
>
> Best regards,
> JK
>
>
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> http://lists.evolveum.com/mailman/listinfo/midpoint
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20131121/fc4bec94/attachment.htm>
More information about the midPoint
mailing list