Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Last revision Both sides next revision | ||
devel:documentation:adm:export_import [2020/04/02 13:47] svandav [Authorization policies] |
devel:documentation:adm:export_import [2021/09/17 15:21] apeterova [Systems] |
||
---|---|---|---|
Line 50: | Line 50: | ||
* **Advanced paring fields** - Defines fields in DTO, where we need to use advanced paring strategy. It means that we need to check if UUID exists in target system. If not, we will use DTO from embedded map and try to find DTO by code. | * **Advanced paring fields** - Defines fields in DTO, where we need to use advanced paring strategy. It means that we need to check if UUID exists in target system. If not, we will use DTO from embedded map and try to find DTO by code. | ||
* **Optional** - If is true and DTO will cannot be persisted, because some relation was not found, then only warning will be logged, but batch can continue. | * **Optional** - If is true and DTO will cannot be persisted, because some relation was not found, then only warning will be logged, but batch can continue. | ||
+ | * **Excluded fields** - Defines fields in DTO, which will be excluded during the import. It means this fields will be not changed on target IdM. If entity will not exists, then that fields will set to null. For example, the token in sync definition is excluded. | ||
+ | |||
+ | <note important> | ||
Line 55: | Line 58: | ||
Version **10.2.0** implements export of **roles**, **systems**, | Version **10.2.0** implements export of **roles**, **systems**, | ||
- | <note important> | + | <note important> |
==== Roles ==== | ==== Roles ==== | ||
Line 73: | Line 76: | ||
==== Systems ==== | ==== Systems ==== | ||
+ | |||
<note tip> | <note tip> | ||
Systems are exports with this related objects: | Systems are exports with this related objects: | ||
- | * **Connector configuration** (authoritative mode = **off**) | + | |
- | * **Connector pooling configuration** (authoritative mode = **on**) | + | * **Connector pooling configuration** |
- | * **Provisioning brake** (authoritative mode = **on**) - Relations to a receivers are mandatory. It means a identities or roles using as receivers must exists in target IdM. | + | * **Provisioning brake** |
- | * **System scheme** (authoritative mode = **on**) | + | * **System scheme** |
- | * **System scheme attributes** (authoritative mode = **on**) | + | * **System scheme attributes** |
- | * **Mapping** (authoritative mode = **on**) | + | * **Mapping** |
- | * **Attributes mapping** (authoritative mode = **on**) - If a particular attribute maps an EAV attribute to an entity (such as identity), then **the attribute definition is also added to the export**. | + | * **Attributes mapping** |
- | * **Role assigns account in systems** (authoritative mode = **on**, optional = **on**) - Relations between system and roles are exports as optional. It means if some of a role isn't found on target IdM, then is that relation skipped (import will be continue). Within exporting of this relations are role-defined attributes also exported (authoritative mode = **on**, optional = **on**). | + | * **Role assigns account in systems** |
- | * **Sync configuration** (authoritative mode = **on**) | + | * **Sync configuration** |
+ | <note important> | ||
+ | |||
+ | <note tip> | ||
==== Application configuration ==== | ==== Application configuration ==== | ||
Line 96: | Line 104: | ||
* Permission to autocomplete and read, update and create export batch: **Export/ | * Permission to autocomplete and read, update and create export batch: **Export/ | ||
- | * Permission to see a progress bar: **Scheduler (IdmLongRunningTask)** | Read | BasePermissionEvaluator. | + | * Permission to see a progress bar: **Scheduler (IdmLongRunningTask)** | Autocomplete| BasePermissionEvaluator. |
* Permission for read exported object. For example: To export a application configurations you need: **Configuration (app) (IdmConfiguration)** | Read | BasePermissionEvaluator. | * Permission for read exported object. For example: To export a application configurations you need: **Configuration (app) (IdmConfiguration)** | Read | BasePermissionEvaluator. | ||
Line 109: | Line 117: | ||
**For execute an import action you will need to have:** | **For execute an import action you will need to have:** | ||
- | * App admin permission: **App configuration** | Administration (all) | BasePermissionEvaluator. | + | * Permission to admin export batch: **Export/ |
- | <note important> | + | <note important> |
Line 148: | Line 156: | ||
==== No skip implemented | ==== No skip implemented | ||
<note important> | <note important> | ||
+ | |||
+ | ==== Virtual systems | ||
+ | |||
+ | <note tip > Full support of the virtual system export and import has been available since version 11.1. Following workaround should not be necessary anymore. </ | ||
+ | |||
+ | When importing a virtual system, you must make some further adjustments so the imported system behaves in the same way as the exported system. Especially if you use the " | ||
+ | * Go to **Settings -> Form definitions**, | ||
+ | * Go to **Form attributes**, | ||
+ | |||
+ | More info [[https:// | ||
+ | |||
+ | |||