You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@syncope.apache.org by Mikael Ekblom <mi...@arcada.fi> on 2017/03/01 07:29:25 UTC
RE: Creating a virtual schema type ->empty type list
Hi,
OK, so that was the logic behind it! Now I start to have all the dependencies clear. Tested it and now everything makes sense.
Our deployment is pretty small though. Only 200 + personnel + some 2000 students. But I’ll check the postgress option. The core seems to be configured by default towards the Postgress option.
I like the way you can augment Syncope if needed in a strongly typed language. Maybe we’ll even be able to remove the existing php-based “IDM”, which is more of a plain sync engine with no editable business logic capabilities what so ever. Not my production though…
It might be that we will end up with a *nix environment in the end.
Thanks a lot!
Regards,
Mikael
From: Francesco Chicchiriccò [mailto:ilgrosso@apache.org]
Sent: tiistai 28. helmikuuta 2017 17.54
To: user@syncope.apache.org
Subject: Re: Creating a virtual schema type ->empty type list
On 28/02/2017 16:26, Mikael Ekblom wrote:
Hi,
We are currently evaluating Syncopy as a candidate for our future IDM.
Hi,
glad to hear that :-)
We have some choices on the table and we are even considering writing our own IDM from scratch, but that is something I would like to avoid for practical reasons…☺ I think that would be inventing the wheel again nowadays. Our neighbor Helsinki University is implementing the same solution, so I thought that I will join the community regarding this one.
Anyhow, I have a working Syncopy 2.0.2 running on a Windows server 2012 R2 with mysql as the backbone. It is setup and configured via Apache Maven and is running with Tomcat 8.5 as the container. Everything seems to be working.
I have managed to create the connector to our AD with the built in/shipped connector. I have also assigned a resource to that connector. Via that resource, we will pull information from our AD as an initial test. The connector reports that it works.
Very nice, indeed.
One note: while it is perfectly fine for evaluation, I would personally prefer PostgreSQL over MySQL / MariaDB, as some of my customers have been reporting complaints about search performances.
We have been constantly providing enhancements and fixes about that, but there have been simply no issues in all the PostgreSQL-based deployments - some of them being very large in numbers.
One problem though. I have been able to create all schema types but the virtual one. When I’m supposed to create a virtual schema type for attributes that Syncope will not own and set the ad-resource as the de facto resource, the type drop down list for the virtual schema is empty and just states “Choose one”.
What am I missing here? Some schema definition topic missed somewhere? This is not a panic question, as we are just evaluating, but I figure that I might save some time to ask via the mailing list first. I do have my own abstractions to do for our own maybe to come IDM…☺
I am assuming you are using the Admin UI here.
If so, you need first to select a Resource (among the ones available) and then the Type combo will be populated with all the provision rules defined for that Resource.
Finally, you will need to provide the external attribute to which the new Virtual Schema's attributes will be linked.
More details available at:
https://syncope.apache.org/docs/reference-guide.html#virtual
HTH
Regards.
--
Francesco Chicchiriccò
Tirasa - Open Source Excellence
http://www.tirasa.net/
Member at The Apache Software Foundation
Syncope, Cocoon, Olingo, CXF, OpenJPA, PonyMail
http://home.apache.org/~ilgrosso/
Re: Creating a virtual schema type ->empty type list
Posted by Francesco Chicchiriccò <il...@apache.org>.
On 03/03/2017 08:49, Mikael Ekblom wrote:
>
> Hi,
>
> Sorry, I don't get this last point: FYI, Syncope can be deployed and
> run in Windows environments too.
>
> I was referring to the fact that it might be that we will jump over to
> deploy Syncope on some Linux-distribution. But as you said, it is
> deployed already on a Windows server and works fine.
>
> What we need to check is how to connect to office365 PowerShell and
> automatically assign licenses through the IDM if possible.
>
> Synchronization with Azure AD should work out of the box through sync
> with AD -> Azure AD connect , but assigning licenses is something
> else. This should also be role based. I must see what I can find for
> that or maybe write my own bundle
>
Now I understand, interesting.
FYI, verifying the connection with Office365 is on my (quite long ATM)
TODO list, too :-)
Regards.
> *From:*Francesco Chicchiricc� [mailto:ilgrosso@apache.org]
> *Sent:* keskiviikko 1. maaliskuuta 2017 16.30
> *To:* user@syncope.apache.org
> *Subject:* Re: Creating a virtual schema type ->empty type list
>
> On 01/03/2017 08:29, Mikael Ekblom wrote:
>
> Hi,
>
> OK, so that was the logic behind it! Now I start to have all the
> dependencies clear. Tested it and now everything makes sense.
>
>
> That's great to hear.
>
>
> Our deployment is pretty small though. Only 200 + personnel + some
> 2000 students. But I\u2019ll check the postgress option. The core seems
> to be configured by default towards the Postgress option.
>
>
> Yes, it is :-)
>
>
> I like the way you can augment Syncope if needed in a strongly
> typed language. Maybe we\u2019ll even be able to remove the existing
> php-based \u201cIDM\u201d, which is more of a plain sync engine with no
> editable business logic capabilities what so ever. Not my
> production though\u2026
>
> It might be that we will end up with a *nix environment in the end.
>
>
> Sorry, I don't get this last point: FYI, Syncope can be deployed and
> run in Windows environments too.
>
> Regards.
>
>
> *From:*Francesco Chicchiricc� [mailto:ilgrosso@apache.org]
> *Sent:* tiistai 28. helmikuuta 2017 17.54
> *To:* user@syncope.apache.org <ma...@syncope.apache.org>
> *Subject:* Re: Creating a virtual schema type ->empty type list
>
> On 28/02/2017 16:26, Mikael Ekblom wrote:
>
> Hi,
>
> We are currently evaluating Syncopy as a candidate for our
> future IDM.
>
>
> Hi,
> glad to hear that :-)
>
>
>
> We have some choices on the table and we are even considering
> writing our own IDM from scratch, but that is something I
> would like to avoid for practical reasons\u2026J I think that would
> be inventing the wheel again nowadays. Our neighbor Helsinki
> University is implementing the same solution, so I thought
> that I will join the community regarding this one.
>
> Anyhow, I have a working Syncopy 2.0.2 running on a Windows
> server 2012 R2 with mysql as the backbone. It is setup and
> configured via Apache Maven and is running with Tomcat 8.5 as
> the container. Everything seems to be working.
>
> I have managed to create the connector to our AD with the
> built in/shipped connector. I have also assigned a resource to
> that connector. Via that resource, we will pull information
> from our AD as an initial test. The connector reports that it
> works.
>
>
> Very nice, indeed.
>
> One note: while it is perfectly fine for evaluation, I would
> personally prefer PostgreSQL over MySQL / MariaDB, as some of my
> customers have been reporting complaints about search performances.
> We have been constantly providing enhancements and fixes about
> that, but there have been simply no issues in all the
> PostgreSQL-based deployments - some of them being very large in
> numbers.
>
>
>
> One problem though. I have been able to create all schema
> types but the virtual one. When I\u2019m supposed to create a
> virtual schema type for attributes that Syncope will not own
> and set the ad-resource as the de facto resource, the type
> drop down list for the virtual schema is empty and just states
> \u201cChoose one\u201d.
>
> What am I missing here? Some schema definition topic missed
> somewhere? This is not a panic question, as we are just
> evaluating, but I figure that I might save some time to ask
> via the mailing list first. I do have my own abstractions to
> do for our own maybe to come IDM\u2026J
>
>
> I am assuming you are using the Admin UI here.
> If so, you need first to select a Resource (among the ones
> available) and then the Type combo will be populated with all the
> provision rules defined for that Resource.
> Finally, you will need to provide the external attribute to which
> the new Virtual Schema's attributes will be linked.
>
> More details available at:
>
> https://syncope.apache.org/docs/reference-guide.html#virtual
>
> HTH
> Regards.
>
--
Francesco Chicchiricc�
Tirasa - Open Source Excellence
http://www.tirasa.net/
Member at The Apache Software Foundation
Syncope, Cocoon, Olingo, CXF, OpenJPA, PonyMail
http://home.apache.org/~ilgrosso/
RE: Creating a virtual schema type ->empty type list
Posted by Mikael Ekblom <mi...@arcada.fi>.
Hi,
Sorry, I don't get this last point: FYI, Syncope can be deployed and run in Windows environments too.
I was referring to the fact that it might be that we will jump over to deploy Syncope on some Linux-distribution. But as you said, it is deployed already on a Windows server and works fine.
What we need to check is how to connect to office365 PowerShell and automatically assign licenses through the IDM if possible.
Synchronization with Azure AD should work out of the box through sync with AD -> Azure AD connect , but assigning licenses is something else. This should also be role based. I must see what I can find for that or maybe write my own bundle.
Regards,
Mikael
From: Francesco Chicchiriccò [mailto:ilgrosso@apache.org]
Sent: keskiviikko 1. maaliskuuta 2017 16.30
To: user@syncope.apache.org
Subject: Re: Creating a virtual schema type ->empty type list
On 01/03/2017 08:29, Mikael Ekblom wrote:
Hi,
OK, so that was the logic behind it! Now I start to have all the dependencies clear. Tested it and now everything makes sense.
That's great to hear.
Our deployment is pretty small though. Only 200 + personnel + some 2000 students. But I’ll check the postgress option. The core seems to be configured by default towards the Postgress option.
Yes, it is :-)
I like the way you can augment Syncope if needed in a strongly typed language. Maybe we’ll even be able to remove the existing php-based “IDM”, which is more of a plain sync engine with no editable business logic capabilities what so ever. Not my production though…
It might be that we will end up with a *nix environment in the end.
Sorry, I don't get this last point: FYI, Syncope can be deployed and run in Windows environments too.
Regards.
From: Francesco Chicchiriccò [mailto:ilgrosso@apache.org]
Sent: tiistai 28. helmikuuta 2017 17.54
To: user@syncope.apache.org<ma...@syncope.apache.org>
Subject: Re: Creating a virtual schema type ->empty type list
On 28/02/2017 16:26, Mikael Ekblom wrote:
Hi,
We are currently evaluating Syncopy as a candidate for our future IDM.
Hi,
glad to hear that :-)
We have some choices on the table and we are even considering writing our own IDM from scratch, but that is something I would like to avoid for practical reasons…☺ I think that would be inventing the wheel again nowadays. Our neighbor Helsinki University is implementing the same solution, so I thought that I will join the community regarding this one.
Anyhow, I have a working Syncopy 2.0.2 running on a Windows server 2012 R2 with mysql as the backbone. It is setup and configured via Apache Maven and is running with Tomcat 8.5 as the container. Everything seems to be working.
I have managed to create the connector to our AD with the built in/shipped connector. I have also assigned a resource to that connector. Via that resource, we will pull information from our AD as an initial test. The connector reports that it works.
Very nice, indeed.
One note: while it is perfectly fine for evaluation, I would personally prefer PostgreSQL over MySQL / MariaDB, as some of my customers have been reporting complaints about search performances.
We have been constantly providing enhancements and fixes about that, but there have been simply no issues in all the PostgreSQL-based deployments - some of them being very large in numbers.
One problem though. I have been able to create all schema types but the virtual one. When I’m supposed to create a virtual schema type for attributes that Syncope will not own and set the ad-resource as the de facto resource, the type drop down list for the virtual schema is empty and just states “Choose one”.
What am I missing here? Some schema definition topic missed somewhere? This is not a panic question, as we are just evaluating, but I figure that I might save some time to ask via the mailing list first. I do have my own abstractions to do for our own maybe to come IDM…☺
I am assuming you are using the Admin UI here.
If so, you need first to select a Resource (among the ones available) and then the Type combo will be populated with all the provision rules defined for that Resource.
Finally, you will need to provide the external attribute to which the new Virtual Schema's attributes will be linked.
More details available at:
https://syncope.apache.org/docs/reference-guide.html#virtual
HTH
Regards.
--
Francesco Chicchiriccò
Tirasa - Open Source Excellence
http://www.tirasa.net/
Member at The Apache Software Foundation
Syncope, Cocoon, Olingo, CXF, OpenJPA, PonyMail
http://home.apache.org/~ilgrosso/
Re: Creating a virtual schema type ->empty type list
Posted by Francesco Chicchiriccò <il...@apache.org>.
On 01/03/2017 08:29, Mikael Ekblom wrote:
>
> Hi,
>
> OK, so that was the logic behind it! Now I start to have all the
> dependencies clear. Tested it and now everything makes sense.
>
That's great to hear.
> Our deployment is pretty small though. Only 200 + personnel + some
> 2000 students. But I\u2019ll check the postgress option. The core seems to
> be configured by default towards the Postgress option.
>
Yes, it is :-)
> I like the way you can augment Syncope if needed in a strongly typed
> language. Maybe we\u2019ll even be able to remove the existing php-based
> \u201cIDM\u201d, which is more of a plain sync engine with no editable business
> logic capabilities what so ever. Not my production though\u2026
>
> It might be that we will end up with a *nix environment in the end.
>
Sorry, I don't get this last point: FYI, Syncope can be deployed and run
in Windows environments too.
Regards.
> *From:*Francesco Chicchiricc� [mailto:ilgrosso@apache.org]
> *Sent:* tiistai 28. helmikuuta 2017 17.54
> *To:* user@syncope.apache.org
> *Subject:* Re: Creating a virtual schema type ->empty type list
>
> On 28/02/2017 16:26, Mikael Ekblom wrote:
>
> Hi,
>
> We are currently evaluating Syncopy as a candidate for our future IDM.
>
>
> Hi,
> glad to hear that :-)
>
>
> We have some choices on the table and we are even considering
> writing our own IDM from scratch, but that is something I would
> like to avoid for practical reasons\u2026J I think that would be
> inventing the wheel again nowadays. Our neighbor Helsinki
> University is implementing the same solution, so I thought that I
> will join the community regarding this one.
>
> Anyhow, I have a working Syncopy 2.0.2 running on a Windows server
> 2012 R2 with mysql as the backbone. It is setup and configured via
> Apache Maven and is running with Tomcat 8.5 as the container.
> Everything seems to be working.
>
> I have managed to create the connector to our AD with the built
> in/shipped connector. I have also assigned a resource to that
> connector. Via that resource, we will pull information from our AD
> as an initial test. The connector reports that it works.
>
>
> Very nice, indeed.
>
> One note: while it is perfectly fine for evaluation, I would
> personally prefer PostgreSQL over MySQL / MariaDB, as some of my
> customers have been reporting complaints about search performances.
> We have been constantly providing enhancements and fixes about that,
> but there have been simply no issues in all the PostgreSQL-based
> deployments - some of them being very large in numbers.
>
>
> One problem though. I have been able to create all schema types
> but the virtual one. When I\u2019m supposed to create a virtual schema
> type for attributes that Syncope will not own and set the
> ad-resource as the de facto resource, the type drop down list for
> the virtual schema is empty and just states \u201cChoose one\u201d.
>
> What am I missing here? Some schema definition topic missed
> somewhere? This is not a panic question, as we are just
> evaluating, but I figure that I might save some time to ask via
> the mailing list first. I do have my own abstractions to do for
> our own maybe to come IDM\u2026J
>
>
> I am assuming you are using the Admin UI here.
> If so, you need first to select a Resource (among the ones available)
> and then the Type combo will be populated with all the provision rules
> defined for that Resource.
> Finally, you will need to provide the external attribute to which the
> new Virtual Schema's attributes will be linked.
>
> More details available at:
>
> https://syncope.apache.org/docs/reference-guide.html#virtual
>
> HTH
> Regards.
>
--
Francesco Chicchiricc�
Tirasa - Open Source Excellence
http://www.tirasa.net/
Member at The Apache Software Foundation
Syncope, Cocoon, Olingo, CXF, OpenJPA, PonyMail
http://home.apache.org/~ilgrosso/