<html>
  <head>
    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
  </head>
  <body>
    <p>Hi Gus,</p>
    <p>I don't know if you are referring to a specific sample, e.g. for
      the metarole.</p>
    <p>Sharing it would be helpful.</p>
    <p>So far my only idea is to check if the (2nd order) mapping for
      association has strong strength.</p>
    <p>Best regards,</p>
    <p>Ivan<br>
    </p>
    <div class="moz-cite-prefix">On 22. 6. 2020 1:18, Gus Lou wrote:<br>
    </div>
    <blockquote type="cite"
cite="mid:CA+XZjGStBEHcxMdP31VTABja28_qJswh4py=QtE0T9mH+QM=bA@mail.gmail.com">
      <meta http-equiv="content-type" content="text/html; charset=UTF-8">
      <div dir="ltr"><span class="gmail-tlid-translation
          gmail-translation" lang="en">Hi Guys<br>
          I need the permissions of users assigned to a Role (Rbac role
          named "Sec - SOC") to be updated after adding a new group
          (gs_spo_sec_soc) to this Role.<br>
          After adding the group to the role, I ran a recompute task, I
          expected the new group to be added to users but it didn't. If
          I add a new user to the role he receives all groups.<br>
          <br>
          Did I do something wrong, did any steps miss?<br>
          <br>
          I followed the instructions on the wiki:<br>
          <a
            href="https://wiki.evolveum.com/display/midPoint/Recompute+Task"
            moz-do-not-send="true">https://wiki.evolveum.com/display/midPoint/Recompute+Task</a><br>
          <br>
          And also in this thread:<br>
          <a
href="https://lists.evolveum.com/pipermail/midpoint/2014-November/000639.html"
            moz-do-not-send="true">https://lists.evolveum.com/pipermail/midpoint/2014-November/000639.html</a><br>
          <br>
          <b>My Lab</b><br>
          01 Midpoint 4.1<br>
          01 Active Directory (Connector Ldap / AD 3.0) Resource<br>
          01 Metarole: "Metarole for groups - AD" (inducement to Active
          Directory (LDAP) Resource<br>
          03 Groups (gs_snow_sec_soc, gs_jira_sec_soc, gs_spo_sec_soc)
          assigned to Metarole<br>
        </span>
        <div><span class="gmail-tlid-translation gmail-translation"
            lang="en">01 Rbac Role "Sec - SOC" inducements
            (gs_snow_sec_soc, gs_jira_sec_soc, gs_spo_sec_soc) <br>
          </span></div>
        <div><span class="gmail-tlid-translation gmail-translation"
            lang="en"><br>
          </span></div>
        <div><span class="gmail-tlid-translation gmail-translation"
            lang="en"><br>
          </span></div>
        <div><span class="gmail-tlid-translation gmail-translation"
            lang="en">Best Regards</span></div>
        <div><span class="gmail-tlid-translation gmail-translation"
            lang="en">Gus<br>
          </span></div>
        <div><span class="gmail-tlid-translation gmail-translation"
            lang="en"><br>
          </span></div>
      </div>
      <br>
      <fieldset class="mimeAttachmentHeader"></fieldset>
      <pre class="moz-quote-pre" wrap="">_______________________________________________
midPoint mailing list
<a class="moz-txt-link-abbreviated" href="mailto:midPoint@lists.evolveum.com">midPoint@lists.evolveum.com</a>
<a class="moz-txt-link-freetext" href="https://lists.evolveum.com/mailman/listinfo/midpoint">https://lists.evolveum.com/mailman/listinfo/midpoint</a>
</pre>
    </blockquote>
    <pre class="moz-signature" cols="72">-- 
Ivan Noris
Senior Identity Engineer
evolveum.com
</pre>
  </body>
</html>