[midPoint] Org structure visibility

Michalis Siochos msiochos at gmail.com
Thu Oct 6 08:23:53 CEST 2016


Hello,

Problem solved. I was testing with "End User" role assigned which 
provided more authorizations than I expected.
When I unassigned and fine tuned my own role, it worked as expected.

Thanks!

On 10/06/2016 07:04 AM, Мамаева Сауле Сериковна wrote:
> Hi, I'm also interested in this case. I faced the same problem.
>
> Best regards,
> Saule Mamayeva
> s.mamayeva at ktg.kz
>
> -----Original Message-----
> From: midPoint [mailto:midpoint-bounces at lists.evolveum.com] On Behalf Of Michalis Siochos
> Sent: Wednesday, October 05, 2016 3:18 PM
> To: midpoint at lists.evolveum.com
> Subject: [midPoint] Org structure visibility
>
> Hi All,
>
> I'm trying to achieve something really straightforward with MidPoint 3.4.1 I would like an OU Manager to be able to see the org structure but only the OU(s) or subtree(s) he's managing.
>
> I've been following this story:
> https://evolveum.com/blog/midpoint-goes-multitenant/
>
> However, when I add the following authorizations, the manager gets full view of the org structure <action>http://midpoint.evolveum.com/xml/ns/public/security/authorization-ui-3#orgStruct</action>
> <action>http://midpoint.evolveum.com/xml/ns/public/security/authorization-ui-3#orgTree</action>
>
> I have tried tenant orgs but no luck.
>
> It seems that I miss something. Could you please advise?
>
> Thanks!
> Michalis
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> http://lists.evolveum.com/mailman/listinfo/midpoint
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> http://lists.evolveum.com/mailman/listinfo/midpoint




More information about the midPoint mailing list