<html>
  <head>
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
  </head>
  <body text="#000000" bgcolor="#FFFFFF">
    <p>Hello Seth,</p>
    <p>what you see is Superuser role. It can be assigned to any
      account, effectively providing that account with "root"
      privileges.</p>
    <p>In fact, there's nothing hardcoded. The role can have any name,
      any OID. What is important, is</p>
    <p><tt><span style="font-size:12.8px"><authorization><br>
              <action></span></tt><tt><a
href="http://midpoint.evolveum.com/xml/ns/public/security/authorization-3#all"
          target="_blank" style="font-size:12.8px">http://midpoint.<wbr>evolveum.com/xml/ns/public/<wbr>security/authorization-3#all</a></tt><tt><span
          style="font-size:12.8px"></</span></tt><tt><span
          style="font-size:12.8px">action><br>
          </authorization></span></tt></p>
    <p>(The URI ...#all is a predefined constant in midPoint, giving all
      access within the system.)</p>
    <hr size="2" width="100%">Anyway, midPoint is far too complex to be
    understood by exploring its GUI. I would strongly recommend reading
    this e-book that will provide you with solid understanding of basic
    concepts: <a moz-do-not-send="true"
href="https://evolveum.com/midpoint/midpoint-guide-about-practical-identity-management/">https://evolveum.com/midpoint/midpoint-guide-about-practical-identity-management/</a>.
    And, as midPoint in latest version (3.7) is really easy to install,
    it is the best to install a "playground" midPoint instance and
    explore it without fear of breaking anything. <br>
    <div dir="ltr"><span style="font-size:12.8px"></span></div>
    <pre class="moz-signature" cols="72">Pavol Mederly
Software developer
evolveum.com
</pre>
    <div class="moz-cite-prefix">On 23.01.2018 1:01, Seth McCombs wrote:<br>
    </div>
    <blockquote type="cite"
cite="mid:CADJZ1sZ5_afXcuuedvJQ5RuYfrmQUfh7H8VZDmR+zt-P1ekbTw@mail.gmail.com">
      <div dir="ltr"><span style="font-size:12.8px">Hey All, </span>
        <div style="font-size:12.8px"><br>
        </div>
        <div style="font-size:12.8px">I inherited a running MidPoint
          install, and while all is working well, I am trying to learn
          as much about the system as I can. One thing I have found is
          that when I provide my account with SuperUser access (after
          logging in as root account), I then log back in a day or two
          later, and my super user access is gone. I've only just
          started digging through configs and logs, but I have little
          idea where to start, one thing I have found is this XML file -
          (See output below) </div>
        <div style="font-size:12.8px"><br>
        </div>
        <br style="font-size:12.8px">
        <span style="font-size:12.8px"><role
          oid=“00000000-0000-0000-0000-</span><wbr
          style="font-size:12.8px"><span style="font-size:12.8px">000000000004”</span><br
          style="font-size:12.8px">
        <span style="font-size:12.8px">xmlns=“</span><a
          href="http://midpoint.evolveum.com/xml/ns/public/common/common-3"
          target="_blank" style="font-size:12.8px"
          moz-do-not-send="true">http://midpoint.<wbr>evolveum.com/xml/ns/public/<wbr>common/common-3</a><span
          style="font-size:12.8px">"></span><br
          style="font-size:12.8px">
        <span style="font-size:12.8px"><name>Superuser</name></span><br
          style="font-size:12.8px">
        <span style="font-size:12.8px"><description>Role that
          gives user full authorization in MidPoint.</description></span><br
          style="font-size:12.8px">
        <span style="font-size:12.8px"><authorization></span><br
          style="font-size:12.8px">
        <span style="font-size:12.8px"><action></span><a
href="http://midpoint.evolveum.com/xml/ns/public/security/authorization-3#all"
          target="_blank" style="font-size:12.8px"
          moz-do-not-send="true">http://midpoint.<wbr>evolveum.com/xml/ns/public/<wbr>security/authorization-3#all</a><span
          style="font-size:12.8px"></</span><wbr
          style="font-size:12.8px"><span style="font-size:12.8px">action></span><br
          style="font-size:12.8px">
        <span style="font-size:12.8px"></authorization></span><br
          style="font-size:12.8px">
        <span style="font-size:12.8px"><roleType>system</roleType></span><br
          style="font-size:12.8px">
        <span style="font-size:12.8px"></role></span>
        <div style="font-size:12.8px"><br>
        </div>
        <div style="font-size:12.8px">It seems to me that the superuser
          is possibly hard coded, but I don't know where that above link
          leads nore how to fix this, </div>
        <div style="font-size:12.8px"><br>
        </div>
        <div style="font-size:12.8px">Any advice is MUCH appreciated! </div>
        <div style="font-size:12.8px"><br>
        </div>
        <div style="font-size:12.8px">Cheers! </div>
        <div style="font-size:12.8px"><br>
        </div>
        <div>
          <div class="gmail_signature">
            <div dir="ltr">Seth McCombs
              <div>IT Operations Engineer<br style="font-size:12.8px">
                <span style="font-size:12.8px"><span></span>+1
                  510.514.5855<span></span></span></div>
              <div><span style="font-size:12.8px"><a
                    href="mailto:seth@sourceclear.com" target="_blank"
                    moz-do-not-send="true">seth@sourceclear.com</a></span></div>
            </div>
          </div>
        </div>
      </div>
      <br>
      <fieldset class="mimeAttachmentHeader"></fieldset>
      <br>
      <pre wrap="">_______________________________________________
midPoint mailing list
<a class="moz-txt-link-abbreviated" href="mailto:midPoint@lists.evolveum.com">midPoint@lists.evolveum.com</a>
<a class="moz-txt-link-freetext" href="http://lists.evolveum.com/mailman/listinfo/midpoint">http://lists.evolveum.com/mailman/listinfo/midpoint</a>
</pre>
    </blockquote>
    <br>
  </body>
</html>