[midPoint] Integrating existing LDAP

Fabian Noll-Dukiewicz fabian.noll-dukiewicz at veryfy.gmbh
Mon Sep 11 09:52:03 CEST 2023


Hi Markus,

I think you have to setup “association” between users and groups.

  *   Documentation: https://docs.evolveum.com/connectors/resources/active-directory/group-synchronization-howto/
  *   OpenLDAP sample: https://github.com/Evolveum/midpoint-samples/blob/master/samples/evolveum/resource-openldap.xml

Hope it helps!

Kind regards,
Fabian

--
Fabian Noll-Dukiewicz
Spezialist Identity & Access Management | Geschäftsführer
Tel.: +49 152 244 63 211
Email: fabian.noll-dukiewicz at veryfy.gmbh
Web: https://veryfy.gmbh


Von: midPoint <midpoint-bounces at lists.evolveum.com> im Auftrag von Markus Calmius via midPoint <midpoint at lists.evolveum.com>
Datum: Montag, 11. September 2023 um 09:46
An: midpoint at lists.evolveum.com <midpoint at lists.evolveum.com>
Cc: Markus Calmius <markus.calmius at proton.ch>
Betreff: [midPoint] Integrating existing LDAP
Hi,

I'm trying to figure out how to best integrate an existing LDAP server that contains users and groups. The users is not a difficult problem to solve, but the groups and mainly the group-membership eats up quite some time for me.

To be fair, I am quite new to midPoint (although I have taken the fundamentals training), and I am still wrapping my head around everything.

What I want to achieve, in the long run, is for midPoint to be the authoritative source for the LDAP directory, but before getting there, I need to import everything.
Using various pages from the mailing-list and docs.evovleum.com I have managed to import all groups as roles. Which is the first step I guess, but since the midPoint Role doesn't contains "members" I got a bit stuck. The problem with searching things online is that there isn't a "best before" note on the information you find. So sometimes the information is old and dated.

So, I basically have two questions:

  1.  is there a better way to do this?
  2.  if not, how do I also get the midPoint roles to include the ldap group membership

If you can point me in the right direction I will much appreciate it.

Thanks in advance!
Markus Calmius
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.evolveum.com/pipermail/midpoint/attachments/20230911/503a3b6d/attachment.htm>


More information about the midPoint mailing list