Project

General

Profile

Actions
Copy link

Task #1298

closed

Merge strategy does not support change of value for system

Added by Petr Michal over 5 years ago. Updated over 5 years ago.

Status:
Closed
Priority:
High
Assignee:
Vít Švanda
Category:
Provisioning
Target version:
Onyx (9.3.0)
Start date:
10/08/2018
Due date:
% Done:

0%

Estimated time:
Owner:

Description

Common usecase with managing AD groups is, that we support change of group DN on system. DN is synchronized by system for groups synchronization.
This DN is provisioned in memberOf attribute to users.

Current merge strategy does not support DN change, because new value is not in users provisioning history.
For example if group DN is changed, then deleting relevant role from user will not remove his group on AD.

This can also easily happen on other systems.

We need to discuss possible solutions.

Related issues

Related to IdStory Identity Manager - Defect #1250: End of contract didn't remove roles from the systemClosedVít Švanda09/12/2018

Actions
Related to IdStory Identity Manager - Task #1323: Provisioning - reimplementation of MERGE strategy ClosedVít Švanda10/16/2018

Actions
Actions
Copy link

Also available in: Atom PDF