[midPoint] Sync Virtual Identities and AD Groups using roles
Marco Benucci
m.benucci at nsr.it
Tue Dec 20 11:10:10 CET 2016
I have successfully aligned AD entitlement on midpoint users using a 2
step approach.
Firstly I have made an inbound mapping of the attribute memberOf in an
extension and multivalue attribute.
Then, with an object template I have used the assignmentTargetSearch to
assign midpoint roles (my AD entitlement) to the user based on the
attribute mentioned above. I thought it could be possible to use the
assignmentTargetSearch even in inbound mapping on the resource, but I
did not tested it.
Thank you,
Marco
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20161220/a33980c6/attachment.htm>
More information about the midPoint
mailing list