Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision		 Previous revision
devel:documentation:provisioning [2019/04/23 05:31] – [Admin guide] koprodevel:documentation:provisioning [2020/08/28 11:20] (current) – [Admin guide] svandav
Line 5: Line 5:
 Provisioning is the propagation of entities and their attributes to managed systems. Provisioning is the propagation of entities and their attributes to managed systems.
  
-In case of Identities, only those (users) with appropriate roles assigned (guaranteeing the account on the system) are provisioned.+In the case of Identities, only those (users) with appropriate roles assigned (guaranteeing the account on the system) are provisioned.
  
 Our robust provisioning implementation brings the following benefits: Our robust provisioning implementation brings the following benefits:
Line 11: Line 11:
   * **Fully audited provisioning queue** - Every push operation and its result is audited, and the audit is available to admins via GUI.   * **Fully audited provisioning queue** - Every push operation and its result is audited, and the audit is available to admins via GUI.
   * **Retry mechanism** - Provisioning queue pushes the data into managed systems. If the system encounters any problem or is currently offline, the data stays in a queue and tries the operation again in a while when the system is available.   * **Retry mechanism** - Provisioning queue pushes the data into managed systems. If the system encounters any problem or is currently offline, the data stays in a queue and tries the operation again in a while when the system is available.
-  * **Read only systems** - If the system is in a read-only mode, all operations are stored in a provisioning queue. Administrators can see changes, but nothing is sent. This is very useful for new managed system link-up, cutover, or debugging.+  * **Read-only systems** - If the system is in a read-only mode, all operations are stored in a provisioning queue. Administrators can see changes, but nothing is sent. This is very useful for new managed system link-up, cutover, or debugging.
   * **Disabled systems** - Operations are stored in the provisioning queue, no transformation of attributes is computed as long as the system is not switched back into an enabled state.   * **Disabled systems** - Operations are stored in the provisioning queue, no transformation of attributes is computed as long as the system is not switched back into an enabled state.
-  * **Asynchronous systems** - System can be switched to an asynchronous state. In that case, all operations are stored in a provisioning queue and then pulled from the queue by appropriate periodical [[devel:documentation:scheduled_task|scheduled task]]. This principal is very convenient for systems that handle requests slowly.+  * **Asynchronous systems** - System can be switched to an asynchronous state. In that case, all operations are stored in a provisioning queue and then pulled from the queue by appropriate periodical [[devel:documentation:scheduled_task|scheduled task]]. This principle is very convenient for systems that handle requests slowly.
  
 {{ :devel:documentation:provisioning.png | Provisioning to multiple systems}} {{ :devel:documentation:provisioning.png | Provisioning to multiple systems}}
Line 19: Line 19:
 ===== Provisioning queue ===== ===== Provisioning queue =====
  
-When a system is flagged as asynchronous, read only or disabled operations are placed into a provisioning queue. From the queue, operations are pulled either by a scheduled task or manually by admin in CzechIdM GUI.+When a system is flagged as asynchronous, read-only or disabled operations are placed into a provisioning queue. From the queue, operations are pulled either by a scheduled task or manually by admin in CzechIdM GUI.
  
 {{ :devel:documentation:provisioning_queue.png | AD Provisioning queue}} {{ :devel:documentation:provisioning_queue.png | AD Provisioning queue}}
Line 35: Line 35:
   * [[.adm:provisioning|Provisioning overview]]   * [[.adm:provisioning|Provisioning overview]]
   * [[.adm:provisioning_queue|Provisioning queue]]   * [[.adm:provisioning_queue|Provisioning queue]]
 +  * [[.adm:provisioning_context|Provisioning context]]
  
 ===== Devel guide ===== ===== Devel guide =====
  • by kopro