[midPoint] Synchronization of accounts created in midpoint
Cameron Miller
cameron.miller at cogitogroup.co.nz
Fri Feb 12 00:56:14 CET 2016
Hi Ivan,
Thank you for your response. That sounds like what I’m trying to achieve.
Regards,
Cameron
From: midPoint [mailto:midpoint-bounces at lists.evolveum.com] On Behalf Of Ivan Noris
Sent: Friday, 12 February 2016 10:17 AM
To: midpoint at lists.evolveum.com
Subject: Re: [midPoint] Synchronization of accounts created in midpoint
Hi Cameron,
not sure if I understand. But if I had many users in midPoint and wished to provision them to LDAP, probably I'd do something like this:
- create role with construction to create account on LDAP
- create user template which will assign the role to provision account to LDAP server. Alternatively you can assign just the account (if you can't create role)
- the mapping in the user template can have condition if you don't want to assign the role to all users
- set the user template as global in System Configuration
- go to Server Tasks and create Recomputation task and let it run for all UserType objects (clickable/selectable in the task GUI)
This should process all the users in midPoint and provision LDAP accounts for them by automatic assignment of the role in the user template.
Of course you need to set at least the mandatory attributes in LDAP resource schema handling (outbound).
Regards,
Ivan
On 02/11/2016 09:21 PM, Cameron Miller wrote:
Hi,
I’ve got a heap of accounts that have been created in midPoint and need to sync them to an LDAP server. Adding projections or resource account assignments to the accounts doesn’t seem to work – although I don’t have inbound/outbound mappings set up. Is it possible to do this or do the accounts need to be created in LDAP first.
Regards,
Cameron Miller
This email, and any attachment, is confidential and also privileged. If you have received it in error, please notify me immediately and delete it from your system along with any attachments. You should not copy or use it for any purpose, nor disclose its contents to any other person.
_______________________________________________
midPoint mailing list
midPoint at lists.evolveum.com<mailto:midPoint at lists.evolveum.com>
http://lists.evolveum.com/mailman/listinfo/midpoint
--
Ing. Ivan Noris
Senior Identity Management Engineer & IDM Architect
evolveum.com evolveum.com/blog/
___________________________________________________
"Semper Id(e)M Vix."
This email, and any attachment, is confidential and also privileged. If you have received it in error, please notify me immediately and delete it from your system along with any attachments. You should not copy or use it for any purpose, nor disclose its contents to any other person.
This email, and any attachment, is confidential and also privileged. If you have received it in error, please notify me immediately and delete it from your system along with any attachments. You should not copy or use it for any purpose, nor disclose its contents to any other person.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20160211/8fef7edd/attachment.htm>
More information about the midPoint
mailing list