[midPoint] Enforce full on entitlement / groups membership
Alcides Carlos de Moraes Neto
alcides.neto at gmail.com
Wed Dec 20 18:52:44 CET 2017
Hello list,
I have a working Org. Unit -> AD group mapping, with an AssociationFromLink
inducement for members.
However, I would like Midpoint to also remove members of the AD group that
are added manually, that don't match members of the Org. Unit.
I tried using
<assignmentPolicyEnforcement>full</assignmentPolicyEnforcement>
inside the Schema Handling for the entitlement, but it didn't work.
Any leads?
Thanks in advance.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20171220/8d7ba382/attachment.htm>
More information about the midPoint
mailing list