Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision 		Previous revision
Next revision Both sides next revision
devel:documentation:provisioning [2019/02/01 12:53]
kotisovam admin guide section 		devel:documentation:provisioning [2019/02/27 09:22]
kotisovam [Admin guide (to be completed)] flag (to be completed) deleted
Line 5: Line 5:
 Provisioning is the propagation of entities and their attributes to managed systems. Provisioning is the propagation of entities and their attributes to managed systems.
  
-In case of Identities, only those (users) with appropriate role assigned (guaranteeing the account on the system) are provisioned.+In case of Identities, only those (users) with appropriate roles assigned (guaranteeing the account on the system) are provisioned.
  
-Our robust provisioning implementation bring following benefits:+Our robust provisioning implementation brings the following benefits:
  
-  * **Fully audited provisioning queue** - Every push operation and its result is audited and audit is available to admins via GUI. +  * **Fully audited provisioning queue** - Every push operation and its result is auditedand the audit is available to admins via GUI. 
-  * **Retry mechanism** - Provisioning queue pushes the data into managed systems. If the system encounters any problem or is just offline, the data stay in queue and tries the operation again in a while until the system is available. +  * **Retry mechanism** - Provisioning queue pushes the data into managed systems. If the system encounters any problem or is currently offline, the data stays in queue and tries the operation again in a while when the system is available. 
-  * **Read only systems** - If the system is in read only mode, all operation are stored in provisioning queue. Administrator can see changes, but nothing is sent. This is very useful for new managed system link-up and cutover or e.g. debugging. +  * **Read only systems** - If the system is in read-only mode, all operations are stored in provisioning queue. Administrators can see changes, but nothing is sent. This is very useful for new managed system link-upcutoveror debugging. 
-  * **Disabled systems** - Operations are stored in the provisioning queue, no transformation on attributes is computed until the system is switched back into enabled state. +  * **Disabled systems** - Operations are stored in the provisioning queue, no transformation of attributes is computed as long as the system is not switched back into an enabled state. 
-  * **Asynchronous systems** - System can be switched to asynchronous state. In that case, all operations are stored in the provisioning queue and then pulled from queue by appropriate periodical [[devel:documentation:scheduled_task|scheduled task]]. This principal is perfect for systems that handles requests slowly.+  * **Asynchronous systems** - System can be switched to an asynchronous state. In that case, all operations are stored in provisioning queue and then pulled from the queue by appropriate periodical [[devel:documentation:scheduled_task|scheduled task]]. This principal is very convenient for systems that handle requests slowly.
  
 {{ :devel:documentation:provisioning.png | Provisioning to multiple systems}} {{ :devel:documentation:provisioning.png | Provisioning to multiple systems}}
Line 19: Line 19:
 ===== Provisioning queue ===== ===== Provisioning queue =====
  
-When system is flagged as asynchronous, read only or disabled. Operations are placed into provisioning queue. From the queue operations are pulled either by scheduled task or manually by admin in CzechIdM GUI.+When system is flagged as asynchronous, read only or disabled operations are placed into provisioning queue. From the queueoperations are pulled either by scheduled task or manually by admin in CzechIdM GUI.
  
 {{ :devel:documentation:provisioning_queue.png | AD Provisioning queue}} {{ :devel:documentation:provisioning_queue.png | AD Provisioning queue}}
Line 26: Line 26:
 ===== Admin tutorials ===== ===== Admin tutorials =====
   * [[tutorial:adm:provisioning | Provisioning - general configuration options]]   * [[tutorial:adm:provisioning | Provisioning - general configuration options]]
-  * [[tutorial:adm:create_provisioning_break| Provisioning brake - monitor operation sent to connected system]]+  * [[tutorial:adm:create_provisioning_break| Provisioning brake - monitor operation sent to the connected system]]
   * [[tutorial:adm:manage_ldap| LDAP - how to connect and configure]]   * [[tutorial:adm:manage_ldap| LDAP - how to connect and configure]]
   * [[tutorial:adm:connect_a_db_system| Database - how to connect and configure]]   * [[tutorial:adm:connect_a_db_system| Database - how to connect and configure]]
Line 32: Line 32:
   * [[tutorial:adm:password_provisioning| Password provisioning and transformation]]   * [[tutorial:adm:password_provisioning| Password provisioning and transformation]]
  
-===== Admin guide (to be completed) =====+===== Admin guide =====
   * [[.adm:provisioning|Provisioning overview]]   * [[.adm:provisioning|Provisioning overview]]
  
  • by svandav