[midPoint] rule-based role assignment

Roman Pudil - AMI Praha a.s. roman.pudil at ami.cz
Mon Sep 5 14:48:15 CEST 2016 

Hi Daniel,

You can solve it as conditional mapping in template object.

Here is example: Assign role to user only if user's attribute named 
"employeeType" has "CONTRACTOR" value.

     <mapping>
		<strength>strong</strength>
    	<source>
    		<path>employeeType</path>
    	</source>
    	<expression>
            <value>
            	<!--<assignment>-->
					<targetRef oid="some-role-oid" type="c:RoleType"/>
				<!--</assignment>-->
            </value>    	
    	</expression>
    	<target>
    		<path>assignment</path>
    	</target>
    	<condition>
    		<script>
            	<code>employeeType == 'CONTRACTOR'</code>
            </script>
		</condition>
    </mapping>

More examples You can find in midPoint Project in /samples/ directory.

Regards
Roman Pudil

Roman Pudil
solution architect

gsm: [+420] 775 663 666
e-mail: roman.pudil at ami.cz


AMI Praha a.s.
Pláničkova 11
162 00 Praha 6
tel./fax: [+420] 274 783 239
web: www.ami.cz





Textem tohoto e-mailu podepisující neslibuje uzavřít ani neuzavírá za 
společnost AMI Praha a.s.
jakoukoliv smlouvu. Každá smlouva, pokud bude uzavřena, musí mít 
výhradně písemnou formu.



------ Původní zpráva ------
Od: Daniel.Sommer at itconcepts.net
Komu: midpoint at lists.evolveum.com
Odesláno: 5.9.2016 14:38:56
Předmět: [midPoint] rule-based role assignment

>Hello community,
>
>
>we want to find out, whether a rule based role assignment is possible. 
>Currently i was not able to find informations about it.
>What i want for example is to assign a role  automatically depending on 
>any of a users attributes.
>
>Thank your for your help,
>
>Daniel
>Daniel Sommer
>Office: +49 228 908733 0 | Fax: +49 228 908733 1 | Mobil: +49 176 
>162086 79
>
>ITConcepts Professional GmbH -  In den Dauen 6 - DE 53117 Bonn
>
>Website www.itconcepts.net
>
>
>Besuchen Sie uns auch auf
>
>Events mit ITConcepts
>10.-12. Oktober: SailPoint Navigate in Berlin. Mehr Infos hier.
>13. Oktober: Ping IDENTIFY in Frankfurt. Mehr Infos hier.
>17. Oktober: Internationaler Automobil Kongress in Wolfsburg. Mehr 
>Infos hier.
>18.- 20. Oktober: it-sa, IT Security Messe in Nürnberg, Mehr Infos 
>hier.
>18.- 20. Oktober: IZB in Wolfsburg, Mehr Infos hier.
>16.- 17. November: BMC Exchange in Mainz .Mehr Infos hier.
>
>Trainings von ITConcepts
>17. -21. Oktober: Öffentliches Training Dell One Identity Manager 6.x - 
>Basisschulung (Kursinhalt)
>
>ITConcepts Professional GmbH Gf.: Sven Moog, Sitz Bonn, AG Bonn HRB 
>12947 - Ust-Id Nr: DE211482933
>ITConcepts Automotive GmbH Gf.: Sven Moog, Sitz Wolfsburg, AG 
>Braunschweig HRB 204188 - Ust-Id Nr: DE223888748
>ITConcepts Operations GmbH Gf.: Sven Moog, Sitz Bonn, AG Bonn HRB 15454 
>- St.-Nr: 205/5726/0602
>
>Diese E-Mail enthält vertrauliche und/oder rechtlich geschützte 
>Informationen. Wenn Sie nicht der richtige Adressat sind
>oder diese E-Mail irrtümlich erhalten haben, informieren Sie bitte 
>sofort den Absender und vernichten Sie diese Mail.
>Das unerlaubte Kopieren sowie die unbefugte Weitergabe dieser E-Mail 
>sind nicht gestattet.
>
>This e-mail may contain confidential and/or privileged information. If 
>you are not the intended recipient
>(or have received this e-mail in error) please notify the sender 
>immediately and destroy this e-mail.
>Any unauthorised copying, disclosure or distribution of the material in 
>this e-mail is strictly forbidden.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20160905/6a55eb15/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ITConcepts.gif
Type: image/gif
Size: 2977 bytes
Desc: not available
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20160905/6a55eb15/attachment.gif>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: COGNITUM.gif
Type: image/gif
Size: 501 bytes
Desc: not available
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20160905/6a55eb15/attachment-0001.gif>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: xing20.gif
Type: image/gif
Size: 1009 bytes
Desc: not available
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20160905/6a55eb15/attachment-0002.gif>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: linkedin20.gif
Type: image/gif
Size: 1026 bytes
Desc: not available
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20160905/6a55eb15/attachment-0003.gif>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 4060 bytes
Desc: not available
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20160905/6a55eb15/attachment.bin>

More information about the midPoint mailing list