Defect #1594
closed
Workflow for synchronization of ldap/ad groups creates wrong script in system mapping
Added by Alena Peterová about 5 years ago.
Updated about 5 years ago.
Description
Affected versions: 9.4, 9.5
The workflow syncRoleLdap in acc module, which is used for synchronization of groups, creates roles with wrong configuration - the script "transform to" contains e.g. "[cn=group1,dc=test,dc=tld]". The square brackets shouldn't be there; there must be only distinguished name of the group.
- Assignee changed from Vít Švanda to Patrik Stloukal
How to fix on affected versions without upgrade:
A) Copy the workflow to some external location, fix it there, add the path to spring.activiti.processDefinitionLocationPrefix (https://wiki.czechidm.com/devel/documentation/application_configuration/dev/backend?s[]=template#activiti_workflow).
The workflow will be updated automatically after restart.
B) Copy the workflow, rename it (code and name), fix it, deploy it to IdM from GUI. Change the configuration of Synchronization to this workflow.
Problematic line:
execution.setVariable("transformationScript", MessageFormat.format(" \"[{0}]\"", distinguishedName));
- Status changed from New to Needs feedback
- Assignee changed from Patrik Stloukal to Ondřej Kopr
- % Done changed from 0 to 90
- Status changed from Needs feedback to Resolved
- Assignee changed from Ondřej Kopr to Patrik Stloukal
- Target version set to Pyrite (9.5.1)
- % Done changed from 90 to 100
I checked you changes and seems ok. Thanks for fix. Branch was merged into develop and hotfix branch 9.5.1. Thank you.
- Subject changed from Workflow for synchronization of groups creates wrong roles to Workflow for synchronization of ldap/ad groups creates wrong script in system mapping
- Status changed from Resolved to Closed
Also available in: Atom
PDF
