[midPoint] Delete LDAP associations in unassign inducement operation.
IDM
proyectos_idm at corenetworks.es
Fri Oct 27 14:34:48 CEST 2017
We have defined a role association in Schema Handling of LDAP for UserTpes,
that is a group in LDAP. When we assign an inducement role to
organization and recompute the users, the role is given to users, and the
association on the LDAP group too, but when we unassign the same inducement
role, and recompute the users, the association in users are not deleted.
We have checked the user XML and we do not see roleMembershipRef of this
role. We have tried several configurations and we do not get to delete the
association.
The defition of the asociation in the resource xml is this :
===
Entitlement
Object to Subject
member
Value : dn
Explicit ref. integrity: true
===
Exclusive Strong: true Tolerant: true
Fetch Strategy : choose one
Matching Rule: StringIgnoreCase
Is There some parameters or configuration to fix this problem?
Thanks a lot and regards
--
Segun el Articulo 5 de la L.O.P.D, le informamos que sus datos constan en
un fichero titularidad de CORE NETWORKS, S.L., cuya finalidad es la gestion
administrativa. Podra ejercer su derecho de acceso, rectificacion,
cancelacion y oposicion mediante correo postal a C/ Serrano Galvache, 56,
Edificio Olmo, 1 Planta - C.P. 28033 (MADRID), o enviando un correo
electrónico a info at corenetworks.es.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20171027/4609c3bc/attachment.htm>
More information about the midPoint
mailing list