You are viewing a plain text version of this content. The canonical link for it is here.

Posted to user@syncope.apache.org by Fabio Contessi <f....@gmail.com> on 2023/04/13 09:05:51 UTC

AD Connector - assign group on different OU

Hi everyone,
I'm using Apache Syncope 2.1.10 and I have a problem with the assigment of
the Active Directory Groups.

The problem is that on the AD the groups are on different OU, for example:
- CN=Group1,OU=ou1,DC=domain,DC=local
- CN=Group2,OU=ou2,DC=domain,DC=local

In the provinsioning rules of the connector if I configure one of the OU in
the Object Link only the groups in that OU will be assigne.
If I remove the Object Link no groups will be assign.

Is there a solution for my case?

Thanks
best reguards

Fabio Contessi

Re: AD Connector - assign group on different OU

Posted by Lorenzo Di Cola <lo...@apache.org>.

Hi Fabio,
I'm glad to hear your interest in Apache Syncope.
If you want to propagate with some custom logic, in general, you should
create your custom ProgatationActions, so implementing PropagationActions
class [1].
Here you can create your custom logic and so propagate informations based
on it and then you are able to propagate in different OU too.
If can help, you can take a look at this [2], it's an example of custom
PropagationActions.

HTH,
Best regards,
Lorenzo

[1]
https://github.com/apache/syncope/blob/syncope-2.1.10/core/provisioning-api/src/main/java/org/apache/syncope/core/provisioning/api/propagation/PropagationActions.java
[2]
https://github.com/apache/syncope/blob/syncope-2.1.10/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/propagation/LDAPMembershipPropagationActions.java

Il giorno gio 13 apr 2023 alle ore 11:06 Fabio Contessi <
f.contessi@gmail.com> ha scritto:

> Hi everyone,
> I'm using Apache Syncope 2.1.10 and I have a problem with the assigment of
> the Active Directory Groups.
>
> The problem is that on the AD the groups are on different OU, for example:
> - CN=Group1,OU=ou1,DC=domain,DC=local
> - CN=Group2,OU=ou2,DC=domain,DC=local
>
> In the provinsioning rules of the connector if I configure one of the OU
> in the Object Link only the groups in that OU will be assigne.
> If I remove the Object Link no groups will be assign.
>
> Is there a solution for my case?
>
> Thanks
> best reguards
>
> Fabio Contessi
>


-- 

-- 
Lorenzo Di Cola

Software Engineer @ Tirasa S.r.l.
Viale Vittoria Colonna, 97 - 65127 Pescara
Tel +39 0859116307 / FAX +39 0859111173http://www.tirasa.net

Apache Syncope Committerhttp://people.apache.org/phonebook.html?uid=loredicola