[midPoint] Troubles with Live Sync for DELETED
Ivan Noris
ivan.noris at evolveum.com
Mon May 9 17:28:36 CEST 2016
Hi,
not sure (i.e. I have not done that) how role can be automatically
unassigned after given amount of time.
But it can be assigned with assignment parameters such as validFrom /
validTo. When validTo date occurs, the role will be still assigned to
user, but effectively will act as not assigned; account(s) given by that
role would be deleted (or disabled if resource is set to disable instead
of delete); groups given by role would be unassigned.
https://wiki.evolveum.com/display/midPoint/Assignment+Configuration
https://wiki.evolveum.com/display/midPoint/Assignment+Configuration#AssignmentConfiguration-ParametricAssignments
I think someone else on the list has already done the assignment of the
role with assignment parameters, I will try to find some sample for that
anyway but I don't have it in my memory.
Regards,
Ivan
On 05/09/2016 03:54 PM, Rijndaal Ramiji wrote:
>
> Yes... You are right.
> I have to do this for my 2 resources, maybe one at 10pm and the other
> at midnight.
>
> Now… The role I will assign during the Deleted reaction should been
> deleted after a given amount of time (say 6 months).
>
> I can’t find in the wiki such mechanism (automatically remove a role
> given some criteria). Is this possible?
>
>
>
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> http://lists.evolveum.com/mailman/listinfo/midpoint
--
Ing. Ivan Noris
Senior Identity Management Engineer & IDM Architect
evolveum.com evolveum.com/blog/
___________________________________________________
"Semper ID(e)M Vix."
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20160509/65641bae/attachment.htm>
More information about the midPoint
mailing list