Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
tutorial:adm:ad_groups_sync [2019/08/22 16:26]
apeterova group search filter
tutorial:adm:ad_groups_sync [2019/08/22 20:22] (current)
apeterova tips
Line 92: Line 92:
 <note tip> In user provisioning system'​s configuration **Base context of groups** should be filled too, for correctly provisioning memberships</​note>​ <note tip> In user provisioning system'​s configuration **Base context of groups** should be filled too, for correctly provisioning memberships</​note>​
 <note tip> In user provisioning system'​s schema and mapping should have attribute memberOf/​ldapGroups and **Strategy** as "​Merge"​.</​note>​ <note tip> In user provisioning system'​s schema and mapping should have attribute memberOf/​ldapGroups and **Strategy** as "​Merge"​.</​note>​
 +
 +
 +===== Tips =====
 +
 +You can create a new security group in Active Directory with the Apache Directory Studio by following these steps:
 +
 +  - Select an existing group
 +  - Right click on the group name -> New -> New entry
 +  - Check the "Use existing entry as template"​ and click Next
 +  - Object classes: Write "​group"​ and click Add -> group and top are added to "​Selected object classes"​ -> Next
 +  - Distinguished Name: Set the value of RDN to your choice -> Next
 +  - A warning is displayed - click Cancel
 +  - Set instanceType = 4
 +  - Set sAMAccountName to your choice (right click -> Edit values)
 +  - Delete values (right click -> Delete values) of these attributes:
 +    - nTSecurityDescriptor
 +    - objectCategory
 +    - member (if you don't want to copy members)
 +    - sAMAccountType
 +
 +{{:​tutorial:​adm:​new_entry_attributes.png?​400|}}
 +
 +Finally, click Finish
 +
 +