Task #2041
closed
Added support into extrasSyncRoleLdap for creating diffrent catalog for diffrent AD systems
100%
Description
Use case - I have more then 1 AD system connected as group source. Now the workflow has "global" configuration via application properties so I am not able to run scheduled synchronization and put group from on AD to catalog "one" and from second AD to catalog "two".
Solution is new configuration property - idm.pub.acc.syncRole.roles.catalogByCodeList where you put code of code list. Item in code list has uuid of source system and as value they have code of role catalog. In this case during catalog creation, all roles from the system will be under the catalog which is specified in the code list.
eg. from ad one they will be in catalog "one" and from ad two they will be in catalog "two"
This change is backward compatible because if you don't set this new property the WF behavior is same as in previous version.
If you set this property then the new behavior will be turned on.
Related issues
Updated by Roman Kučera almost 5 years ago
- Related to Task #2030: Group membership in cross domain AD added
Updated by Roman Kučera almost 5 years ago
- % Done changed from 0 to 90
Updated by Roman Kučera almost 5 years ago
Together with this is implemented similar feature which take code list from idm.pub.acc.syncRole.provisioningOfIdentities.codeList
Point of this second feature is usability for multiple systems and create system mapping for each of them to different system.
Updated by Roman Kučera over 4 years ago
Updated by Roman Kučera over 4 years ago
- Status changed from In Progress to Resolved
- % Done changed from 90 to 100