[midPoint] LiveSync ActiveDirectory
Marco Benucci
m.benucci at nsr.it
Tue Apr 4 12:40:25 CEST 2017
Hi all,
I am using midpoint 3.4.1.
In my setup there is an AD/Exchange resource with the ExchangeConnector
v1.4.1.20257.
With this setup, I would like to discover thanks to livesync if an
account on AD is removed from or added to a group(s).
Now, I have successfully created the LiveSync Task: it can recognise
attribute chage (name, surname, extensionAttributes...) but I think it
can not discover change on the "icfs:groups" attribute.
It seems to me that the liveSync is based on the "usnChange" attribute
of the AD account, and this value does not update when the account is
added to or removed from a group. Moreover, I have found that the
"usnChange" attribute of the involved group does.
Is this the aspected behavior? What can I do to detect account's group
change?
Thank you,
Marco
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20170404/68a36faa/attachment.htm>
More information about the midPoint
mailing list