Task #2006
closed
Add config property to update groups only via WinRM
100%
Description
There will be new configuration property, which can enable option to update groups only via WinRM.
In connector we will check for value of this property and if it's true then we will execute update via AD without ldapGroups attribute
This is needed for managing cross domain groups from IdM. Because if we use update via AD and WinRM then AD will fail because it can't assign roles from other domain.
In the end this will work that all other attributes will updated via AD connector as usually and ldapGroups will be updated via WinRM
Default value of this attribute will be false so if you are not using cross domain everything will work as in previous versions of connector
Updated by Roman Kučera almost 5 years ago
- % Done changed from 0 to 50
Developing in branch https://git.bcvsolutions.eu/modules/winrm-ad-connector/commits/2006-ldapgroups-only-winrm
together with script for ad
Updated by Roman Kučera over 4 years ago
- Status changed from In Progress to Closed
- % Done changed from 50 to 100