[midPoint] AD Connector on v3.0
Tim Tompkins
trench4g63 at gmail.com
Thu Jun 5 16:34:23 CEST 2014
By all means, please use it as you wish.
Tim
On Thu, Jun 5, 2014 at 9:30 AM, Pavol Mederly <mederly at evolveum.com> wrote:
> Hello Tim,
>
> thank you very much for the sample. I'll have a look at it shortly. If you
> don't mind, I would include it (perhaps with slight modifications) into our
> wiki and/or samples directory.
>
> Best regards,
> Pavol Mederly
>
> Hi,
>
> After too much time searching back and forth between sources and the
> HOWTOs; and a lot of trial and error, I finally managed to get AD to sync
> with group membership entitlements working.
> I have been able to create roles that have "inducements" that create an
> active directory account that includes group membership. Removing
> membership from the group in AD will show as removed under the AD account
> in midPoint. (I did set the Default AD GPO to no restrictions on passwords
> and have not tested anything to do with passwords at this point.)
>
> Below I am including the XML in the hope that it will save someone else
> some time, if anyone finds any bugs or improvements please let me know.
>
> Cheers,
> <SNIP>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20140605/32d93f36/attachment.htm>
More information about the midPoint
mailing list