You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@syncope.apache.org by Fabio Martelli <fa...@gmail.com> on 2013/07/04 16:27:46 UTC

Re: provisioning of role membership

Il 17/06/2013 08:52, Fabio Martelli ha scritto:
> Il 14/06/2013 17:14, Jordi Clement ha scritto:
>> The suggested mapping does not yield results though. When I provision 
>> a user, with 2 roles, the description field is not populated 
>> (confirmed in the logfiles).
>
> Hi Jordi, this sounds a little bit strange.
> Have you tried yet with a single role? Please, let me know and post 
> your log files.
Hi Jordi, just fixed a bug really close to your issue.
Please take a look at SYNCOPE-399.

Best regards,
F.

>
> Best regards,
> F.
>>
>> kind regards.
>>
>> Jordi
>>
>> On 14 jun. 2013, at 11:00, Fabio Martelli <fabio.martelli@gmail.com 
>> <ma...@gmail.com>> wrote:
>>
>>> Il 14/06/2013 10:56, Jordi Clement ha scritto:
>>>> I’m not sure I understand what I need to do. Please see the 
>>>> screenshot attached. Is that what you mean?
>>> correct.
>>>>
>>>> kind regards,
>>>>
>>>> J.
>>>>
>>>> <Mail Attachment.png>
>>>> On 14 jun. 2013, at 10:36, Fabio Martelli <fabio.martelli@gmail.com 
>>>> <ma...@gmail.com>> wrote:
>>>>
>>>>> Il 14/06/2013 10:31, Jordi Clement ha scritto:
>>>>>> Hi,
>>>>>>
>>>>>> thanks for your quick reply!
>>>>>>
>>>>>> I want provision the fact that the user is assigned a role in 
>>>>>> Syncope to a target system. Not use the roles to assign resources 
>>>>>> and propagate my account there (RBAC). Is it possible to just 
>>>>>> provision the role names to an arbitrary field in the target system?
>>>>> You can add a user mapping (pay attention, USER mapping) for a 
>>>>> role attribute (choose it by the first field of a mapping item).
>>>>> Best regards,
>>>>> F.
>>>>>>
>>>>>> kind regards,
>>>>>>
>>>>>> J.
>>>>>>
>>>>>> On 14 jun. 2013, at 10:17, Fabio Martelli 
>>>>>> <fabio.martelli@gmail.com <ma...@gmail.com>> wrote:
>>>>>>
>>>>>>> Il 14/06/2013 10:11, Jordi Clement ha scritto:
>>>>>>>> Hi,
>>>>>>>>
>>>>>>>> I’ve a question regarding the propagation of Syncope role 
>>>>>>>> memberships to a target system.
>>>>>>>>
>>>>>>>> 1. I’ve created a bunch of roles in Syncope using the UI. I’ve 
>>>>>>>> only set the role name, nothing more. So there are no 
>>>>>>>> attributes, nor resources assigned.
>>>>>>>> 2. I’ve created and configured an LDAP resource. In the user 
>>>>>>>> schema map I’ve configured Role - RoleName -> description (just 
>>>>>>>> to test)
>>>>>>>> 3. I’ve then created a new user and assigned that user 2 roles, 
>>>>>>>> and the LDAP resource.
>>>>>>>>
>>>>>>>> The user is propagated. But I expected the names of the 2 roles 
>>>>>>>> to be propagated to the description field. Unfortunately that’s 
>>>>>>>> not the case. What am I doing wrong? How can I provision the 
>>>>>>>> Syncope Rolenames (not the role itself) to an attribute on a 
>>>>>>>> target system?
>>>>>>> Resource have to be assigned to the role.
>>>>>>> Rgds,
>>>>>>> F.
>>>>>>
>>>>>
>>>>>
>>>>
>>>
>>>
>>
>