[midPoint] Managing projects and premissions with midPoint

Jason Everling jeverling at bshp.edu
Fri Dec 16 17:05:52 CET 2016

What about midpoint org units for 'projects' and roles for 'permissions'?
How many users are in a project, is it 1 or 2 , or is many, hundreds,
thousands, etc.. same for permissions, how many users would be assigned a
permission? it could be reversed if permissions have many more users than a
project would contain. I think I would base it off that but that is just my

We use org units for different things, some are used for AD security
groups, distribution lists, etc.. and others are used for actual ou's
(containers in AD) , each has their own 'root' of course in midpoint. For
example, our domain itself has a root, then 'Security Groups' is another
root, and 'DL Groups' is another root. Each contains their own items. It
was based off midpoint 3.2 before you could see 'members' of a role like
you can now in the later versions.


On Fri, Dec 16, 2016 at 12:55 AM, Aivo Kuhlberg <aivo.kuhlberg at rmit.ee>

> Hi,
> I am planning to manage database tables data with ScriptedSQL connector.
> This database has users (table USERS), projects (table USER_PROJECTS) and
> permissions (table PROJECT_PERM). Before I start to set up connector I
> would like to know how should I manage these structures in midPoint? My
> current idea is to map users to midpoint users, projects to midPoint roles
> but what about project permissions? Should I map them to roles too or is
> there better way how to manage them?
> Thanks,
> Aivo Kuhlberg
> ------------------------------
> Käesolev e-kiri võib sisaldada asutusesiseseks kasutamiseks tunnistatud
> teavet.
> This e-mail may contain information which is classified for official use.
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> http://lists.evolveum.com/mailman/listinfo/midpoint


This e-mail together with any attachments is proprietary and confidential; 
intended for only the recipient(s) named above and may contain information 
that is privileged. You should not retain, copy or use this e-mail or any 
attachments for any purpose, or disclose all or any part of the contents to 
any person. Any views or opinions expressed in this e-mail are those of the 
author and do not represent those of the Baptist School of Health 
Professions. If you have received this e-mail in error, or are not the 
named recipient(s), you are hereby notified that any review, dissemination, 
distribution or copying of this communication is prohibited by the sender 
and to do so might constitute a violation of the Electronic Communications 
Privacy Act, 18 U.S.C. section 2510-2521. Please immediately notify the 
sender and delete this e-mail and any attachments from your computer. 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.evolveum.com/pipermail/midpoint/attachments/20161216/7d465ab3/attachment-0001.html>

More information about the midPoint mailing list