Project

General

Profile

Task #2627

Wizard - MSAD - Users

Added by Vít Švanda 7 months ago. Updated 5 months ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
Wizard
Target version:
Start date:
01/05/2021
Due date:
% Done:

100%

Estimated time:
Milestones:


Related issues

Related to CzechIdM - Task #2680: Wizard - MSAD+WinRM - UsersClosed02/11/2021

History

#1 Updated by Vít Švanda 7 months ago

  • Status changed from New to In Progress

#2 Updated by Vít Švanda 7 months ago

  • I have successfuly connected BCV AD to my local enviroment. I solved problem with connection via LDAPS.

#3 Updated by Vít Švanda 7 months ago

PoC for extract certificates from host works.

#4 Updated by Vít Švanda 7 months ago

  • % Done changed from 0 to 20
  • CRT of CA from AD is exported to the IdM server.
  • CRT of CA from AD and server CA can be downloade from FE.
  • CA valid dates are formated on FE now.
  • I found big issue with obtain a CA from HTTPS in case when CRT is not in trusted store. I found solution, workaround by custom TrustManager in java.

#5 Updated by Vít Švanda 6 months ago

  • Subject changed from Wizard - MSAD to Wizard - MSAD - Users
  • % Done changed from 20 to 30

#6 Updated by Vít Švanda 6 months ago

Implemented step with create and delete test user on BE and FE.

#7 Updated by Vít Švanda 6 months ago

  • % Done changed from 30 to 40
  • System with configuration and schema is generated.
  • I added our exceptions on BE.
  • Solved problem with ldap vs ldaps protocol (refactored).
  • Investigation "Root suffixies" attribute in AD connector (root value vs full DN).

#8 Updated by Vít Švanda 6 months ago

Implemented auto attribute mapping for MSAD provisioning (with using "getFullName" script for displayName).

#9 Updated by Vít Švanda 6 months ago

  • % Done changed from 40 to 50

Generating of mapping and schema attributes, testing on AD.

#10 Updated by Vít Švanda 6 months ago

  • % Done changed from 50 to 60

Script for computing defaultDN implemented.

#11 Updated by Vít Švanda 6 months ago

  • Script for dynamic DN was tested and improved (using provisioning context now).
  • Base user search connector attribute is computed from all containers (new, deleted, exists users) now.
  • Created script for get UPN (User Principal Name). Created field domain in wizard. Value is persist in system connector options.
  • Default value for UPN suffix is get from AD (dnsHostName).

#12 Updated by Vít Švanda 6 months ago

  • getEnable script with support of protected account was implemented in the product.

#13 Updated by Vít Švanda 6 months ago

Implemented:

  • Pairing mapping.
  • Attributes for pairing mapping.
  • Identity EAV attribute with DN.
  • Pairing sync.
  • FE for create pairing sync.
  • Added new button for close wizard and open system.

#14 Updated by Vít Švanda 6 months ago

  • % Done changed from 60 to 70

#15 Updated by Vít Švanda 6 months ago

  • Implemented switch for enable protected mode.
  • Localization of result codes.
  • Order of EAV attributes in connector options added.

Test and documentation remains.

#16 Updated by Vít Švanda 6 months ago

  • % Done changed from 70 to 80

#18 Updated by Vít Švanda 5 months ago

  • Status changed from In Progress to Needs feedback
  • Assignee changed from Vít Švanda to Radek Tomiška

Fixed:

  • Pair implementation,
  • localization fixed,
  • pairingSync fixed,
  • personal number attribute uses startegy "send only if value exists in the IDM" now.

Commit: https://github.com/bcvsolutions/CzechIdMng/commit/c7ac9c212b0513c31e764848c6fd4b6dd14aa2da

#19 Updated by Radek Tomiška 5 months ago

  • Related to Task #2680: Wizard - MSAD+WinRM - Users added

#20 Updated by Radek Tomiška 5 months ago

  • Status changed from Needs feedback to In Progress
  • Assignee changed from Radek Tomiška to Vít Švanda
  • % Done changed from 80 to 90

I did test and code review, it works, nice, thx!

#21 Updated by Vít Švanda 5 months ago

Base tests covering creation of AD system via wizard is here (it was hard because we don't have MS AD in test evironment :-) ): https://github.com/bcvsolutions/CzechIdMng/commit/64fe6fdaaa36de0ae6018fdc7e039b0aad2715b2

Next test for pairing sync and protected mode:

https://github.com/bcvsolutions/CzechIdMng/commit/ac33966fa6f1664e3f3256cab9e54b872f46158f

#23 Updated by Vít Švanda 5 months ago

  • Status changed from In Progress to Needs feedback
  • Assignee changed from Vít Švanda to Radek Tomiška

#24 Updated by Radek Tomiška 5 months ago

  • Status changed from Needs feedback to Resolved
  • Assignee changed from Radek Tomiška to Vít Švanda
  • % Done changed from 90 to 100

Documentation is nice, thx!

#25 Updated by Radek Tomiška 5 months ago

  • Status changed from Resolved to Closed

Also available in: Atom PDF

Go to top