[midPoint] rule-based role assignment
Ivan Noris
ivan.noris at evolveum.com
Mon Sep 5 15:08:38 CEST 2016
... and for the future, we have created this feature request:
https://jira.evolveum.com/browse/MID-2840
It's waiting for funding.
Ivan
On 09/05/2016 02:48 PM, Roman Pudil - AMI Praha a.s. wrote:
> Hi Daniel,
>
> You can solve it as conditional mapping in template object.
>
> Here is example: Assign role to user only if user's attribute named
> "employeeType" has "CONTRACTOR" value.
>
> <mapping>
> <strength>strong</strength>
> <source>
> <path>employeeType</path>
> </source>
> <expression>
> <value>
> <!--<assignment>-->
> <targetRef oid="some-role-oid" type="c:RoleType"/>
> <!--</assignment>-->
> </value>
> </expression>
> <target>
> <path>assignment</path>
> </target>
> <condition>
> <script>
> <code>employeeType == 'CONTRACTOR'</code>
> </script>
> </condition>
> </mapping>
>
> More examples You can find in midPoint Project in /samples/ directory.
>
> Regards
> Roman Pudil
>
> Roman Pudil
> solution architect
>
> gsm: [+420] 775 663 666
> e-mail: roman.pudil at ami.cz <mailto:roman.pudil at ami.cz>
>
>
>
> AMI Praha a.s.
> Pláničkova 11
> 162 00 Praha 6
> tel./fax: [+420] 274 783 239
> web: www.ami.cz <http://www.ami.cz>
>
>
>
>
> <http://www.ami.cz/reseni-a-sluzby/bezpecnost-dat/identity-management>
>
> Textem tohoto e-mailu podepisující neslibuje uzavřít ani neuzavírá za
> společnost AMI Praha a.s.
> jakoukoliv smlouvu. Každá smlouva, pokud bude uzavřena, musí mít
> výhradně písemnou formu.
>
>
>
>
> ------ Původní zpráva ------
> Od: Daniel.Sommer at itconcepts.net <mailto:Daniel.Sommer at itconcepts.net>
> Komu: midpoint at lists.evolveum.com <mailto:midpoint at lists.evolveum.com>
> Odesláno: 5.9.2016 14:38:56
> Předmět: [midPoint] rule-based role assignment
>
>> Hello community,
>>
>>
>> we want to find out, whether a rule based role assignment is
>> possible. Currently i was not able to find informations about it.
>> What i want for example is to assign a role automatically depending
>> on any of a users attributes .
>>
>> Thank your for your help,
>>
>> Daniel
>>
>> Daniel Sommer
>> Office: +49 228 908733 0 | Fax: +49 228 908733 1| Mobil: +49 176
>> 162086 79
>>
>> ITConcepts Professional GmbH - In den Dauen 6 - DE 53117 Bonn
>>
>> Website www.itconcepts.net <http://www.itconcepts.net>
>>
>> <http://www.itconcepts.net/>
>> <http://www.itconcepts.net/index.php/about-cognitum>
>> Besuchen Sie uns auch auf
>> <http://www.xing.com/companies/itconceptsprofessionalgmbh/updates>
>> <http://www.linkedin.com/company/itconcepts>
>>
>> Events mit ITConcepts
>> 10.-12. Oktober: SailPoint Navigate in Berlin. Mehr Infos hier
>> <http://www.itconcepts.de/index.php/veranstaltungen/details/86-sailpoint-navigate>.
>> 13. Oktober: Ping IDENTIFY in Frankfurt. Mehr Infos hier
>> <http://www.itconcepts.de/index.php/veranstaltungen/details/89-ping-identify>.
>> 17. Oktober: Internationaler Automobil Kongress in Wolfsburg. Mehr
>> Infos hier
>> <http://www.itconcepts.de/index.php/veranstaltungen/details/88-internationaler-automobil-kongress>.
>> 18.- 20. Oktober: it-sa, IT Security Messe in Nürnberg, Mehr Infos
>> hier
>> <http://www.itconcepts.de/index.php/veranstaltungen/details/84-it-sa-2016>.
>> 18.- 20. Oktober: IZB in Wolfsburg, Mehr Infos hier
>> <http://www.itconcepts.de/index.php/veranstaltungen/details/87-izb-internationale-zuliefererboerse>.
>> 16.- 17. November: BMC Exchange in Mainz .Mehr Infos hier
>> <http://www.itconcepts.de/index.php/veranstaltungen/details/53-bmc-exchange-2016>.
>>
>> Trainings von ITConcepts
>> 17. -21. Oktober: Öffentliches Training Dell One Identity Manager 6.x
>> - Basisschulung (Kursinhalt
>> <http://tp://www.itconcepts.de/index.php/iam/dell-one-identity-manager-basisschulung>)
>>
>> ITConcepts Professional GmbH Gf.: Sven Moog, Sitz Bonn, AG Bonn HRB
>> 12947 - Ust-Id Nr: DE211482933
>> ITConcepts Automotive GmbH Gf.: Sven Moog, Sitz Wolfsburg, AG
>> Braunschweig HRB 204188 - Ust-Id Nr: DE223888748
>> ITConcepts Operations GmbH Gf.: Sven Moog, Sitz Bonn, AG Bonn HRB
>> 15454 - St.-Nr: 205/5726/0602
>>
>> Diese E-Mail enthält vertrauliche und/oder rechtlich geschützte
>> Informationen. Wenn Sie nicht der richtige Adressat sind
>> oder diese E-Mail irrtümlich erhalten haben, informieren Sie bitte
>> sofort den Absender und vernichten Sie diese Mail.
>> Das unerlaubte Kopieren sowie die unbefugte Weitergabe dieser E-Mail
>> sind nicht gestattet.
>>
>> This e-mail may contain confidential and/or privileged information.
>> If you are not the intended recipient
>> (or have received this e-mail in error) please notify the sender
>> immediately and destroy this e-mail.
>> Any unauthorised copying, disclosure or distribution of the material
>> in this e-mail is strictly forbidden.
>>
>
>
> _______________________________________________
> midPoint mailing list
> midPoint at lists.evolveum.com
> http://lists.evolveum.com/mailman/listinfo/midpoint
--
Ivan Noris
Senior Identity Engineer
evolveum.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20160905/634d01a7/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/gif
Size: 2977 bytes
Desc: not available
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20160905/634d01a7/attachment.gif>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/gif
Size: 501 bytes
Desc: not available
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20160905/634d01a7/attachment-0001.gif>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/gif
Size: 1009 bytes
Desc: not available
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20160905/634d01a7/attachment-0002.gif>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/gif
Size: 1026 bytes
Desc: not available
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20160905/634d01a7/attachment-0003.gif>
More information about the midPoint
mailing list