Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
devel:documentation:provisioning [2019/04/23 05:31] kopro [Admin guide] |
devel:documentation:provisioning [2020/08/28 11:20] (current) svandav [Admin guide] |
||
|---|---|---|---|
| Line 5: | Line 5: | ||
| Provisioning is the propagation of entities and their attributes to managed systems. | Provisioning is the propagation of entities and their attributes to managed systems. | ||
| - | In case of Identities, only those (users) with appropriate roles assigned (guaranteeing the account on the system) are provisioned. | + | In the case of Identities, only those (users) with appropriate roles assigned (guaranteeing the account on the system) are provisioned. |
| Our robust provisioning implementation brings the following benefits: | Our robust provisioning implementation brings the following benefits: | ||
| Line 11: | Line 11: | ||
| * **Fully audited provisioning queue** - Every push operation and its result is audited, and the audit is available to admins via GUI. | * **Fully audited provisioning queue** - Every push operation and its result is audited, and the audit is available to admins via GUI. | ||
| * **Retry mechanism** - Provisioning queue pushes the data into managed systems. If the system encounters any problem or is currently offline, the data stays in a queue and tries the operation again in a while when the system is available. | * **Retry mechanism** - Provisioning queue pushes the data into managed systems. If the system encounters any problem or is currently offline, the data stays in a queue and tries the operation again in a while when the system is available. | ||
| - | * **Read only systems** - If the system is in a read-only mode, all operations are stored in a provisioning queue. Administrators can see changes, but nothing is sent. This is very useful for new managed system link-up, cutover, or debugging. | + | * **Read-only systems** - If the system is in a read-only mode, all operations are stored in a provisioning queue. Administrators can see changes, but nothing is sent. This is very useful for new managed system link-up, cutover, or debugging. |
| * **Disabled systems** - Operations are stored in the provisioning queue, no transformation of attributes is computed as long as the system is not switched back into an enabled state. | * **Disabled systems** - Operations are stored in the provisioning queue, no transformation of attributes is computed as long as the system is not switched back into an enabled state. | ||
| - | * **Asynchronous systems** - System can be switched to an asynchronous state. In that case, all operations are stored in a provisioning queue and then pulled from the queue by appropriate periodical [[devel: | + | * **Asynchronous systems** - System can be switched to an asynchronous state. In that case, all operations are stored in a provisioning queue and then pulled from the queue by appropriate periodical [[devel: |
| {{ : | {{ : | ||
| Line 19: | Line 19: | ||
| ===== Provisioning queue ===== | ===== Provisioning queue ===== | ||
| - | When a system is flagged as asynchronous, | + | When a system is flagged as asynchronous, |
| {{ : | {{ : | ||
| Line 35: | Line 35: | ||
| * [[.adm: | * [[.adm: | ||
| * [[.adm: | * [[.adm: | ||
| + | * [[.adm: | ||
| ===== Devel guide ===== | ===== Devel guide ===== | ||