Task #1297
closed
Improve process of project setting for merge strategy use
0%
Description
On some projects we have come across the situation when imported data into IdM, then merge of AD groups doesn't work.
There are probably two usecases for that:
1) We synchronized groups membership to users and we didnt run provisioning off all users before changes on groups
2) In some stage of loading data into IdM we deleted provisioning queue
If you did one of these points, merge strategy will not work correctly.
We need to discuss possible solutions.
Related issues
Updated by Vít Švanda over 5 years ago
- Status changed from New to Needs feedback
- Assignee changed from Vít Švanda to Petr Michal
What exactly is wrong? I need some use case.
2) Clear of the provisioning queue is correct. For merge is important last value in the provisioning archive. Archive can be 'cleared' only with truncate on the DB and that operation is not allowed.
Updated by Petr Michal over 5 years ago
Result is, that removing role from user does not cause canceling membership on system.
And with point 2. At first, we already have button in IdM for truncate of provisioning, so it is allowed and it's very useful during the process of implementation and testing of a project, because deleting provisioning queue on small project take hours and sometimes it's really necessary. At least on test environment its really hard to keep this consistent.
Problem is that we must improve the process of loading data to production with points 1 and 2 to make merge strategy work. So I want to discuss the best possible solution.
Updated by Vít Švanda over 5 years ago
One important note:
The provisioning queue and provisioning archive are different entities. In IdM isn't any button for clear/truncate provisioning archive.
Updated by Vít Švanda over 5 years ago
- Target version set to Onyx (9.3.0)
- I have been discussing it with the Zdeněk, we have several scenarios that explain this behavior.
- First, but we need a specific use case for this problem (from your perspective).
Updated by Vít Švanda over 5 years ago
- Related to Task #1323: Provisioning - reimplementation of MERGE strategy added
Updated by Vít Švanda over 5 years ago
- Status changed from Needs feedback to Closed
Thank you for your cooperation :-) .