Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision Both sides next revision
tutorial:dev:ad_groups_sync_workflow [2019/03/04 14:16]
hanakp [Set aplication properties] 		tutorial:dev:ad_groups_sync_workflow [2019/03/06 09:59]
hanakp [Set aplication properties]
Line 48: Line 48:
  
 With button **Add** you can add any property described bellow and configure workflow. With button **Add** you can add any property described bellow and configure workflow.
-  * **idm.pub.acc.syncRole.role.canBeRequested** - (true/false) - sets to all roles, if the role can be requested by identity +  * **idm.pub.acc.syncRole.role.canBeRequested** - (true/false, default: false) - sets to all roles, if the role can be requested by identity 
-  * **idm.pub.acc.syncRole.system.mapping.objectClassName** - this is important to provisioning member attribute of identity. It is an object class name of identity schema. It supposedly can stay as "\_\_ACCOUNT\_\_" +  * **idm.pub.acc.syncRole.system.mapping.objectClassName** - (default: \_\_ACCOUNT\_\_) this is important to provisioning member attribute of identity. It is an object class name of identity schema. It supposedly can stay as "\_\_ACCOUNT\_\_" 
-  * **idm.pub.acc.syncRole.system.mapping.attributeMemberOf** - it is the name of an attribute in a mapping of identity provisioning. It is usually memberOf or ldapGroup. This attribute will be added to role's mapping with tramsformation script (which will be set later). -  +  * **idm.pub.acc.syncRole.system.mapping.attributeMemberOf** - (default: ldapGroups) - it is the name of an attribute in a mapping of identity provisioning. It is usually memberOf or ldapGroup. This attribute will be added to role's mapping with tramsformation script (which will be set later). -  
-  * **idm.pub.acc.syncRole.system.mapping.attributeRoleIdentificator** - the name of an attribute in the connector, which holds the distinguished name of a role. +  * **idm.pub.acc.syncRole.system.mapping.attributeRoleIdentificator** - (default: distinguishedName) - the name of an attribute in the connector, which holds the distinguished name of a role. 
-  * **idm.pub.acc.syncRole.provisioningOfIdentities.system.code** - it is code (name) of the system, where identities have provisioning. +  * **idm.pub.acc.syncRole.provisioningOfIdentities.system.code** - (default: null) - it is code (name) of the system, where identities have provisioning. 
-  * **idm.pub.acc.syncRole.identity.eav.externalIdentifier.code** - code of eav of a distinguished name of identities. it is used in creating entity in the situation of a Missing entity. It is important when groups in AD already have members and some of the identities DNs cannot be calculated again. +  * **idm.pub.acc.syncRole.identity.eav.externalIdentifier.code** - (default: null) - code of eav of a distinguished name of identities. it is used in creating entity in the situation of a Missing entity. It is important when groups in AD already have members and some of the identities DNs cannot be calculated again. 
-  * **idm.pub.acc.syncRole.roleCatalog.ResolveCatalog** - (true/false) - This property will disable creating of catalogue. +  * **idm.pub.acc.syncRole.roleCatalog.ResolveCatalog** - (true/false, default: true) - This property will disable creating of catalogue. 
-  * **idm.pub.acc.syncRole.update.resolveMembership** - (true/false) - With this property you can turn on resolving memberships of roles even in other situation than creating role. This is usually used, when connecting system for synchronization of roles, when you forgot configure 'externalIdentifier'+  * **idm.pub.acc.syncRole.update.resolveMembership** - (true/false, default: false) - With this property you can turn on resolving memberships of roles even in other situation than creating role. This is usually used, when connecting system for synchronization of roles, when you forgot configure 'externalIdentifier'
-  * **idm.pub.acc.syncRole.roles.allToOneCatalog** - Add name of catalog. all roles will be added to this 'folder' +  * **idm.pub.acc.syncRole.roles.allToOneCatalog** - (default: null) - Add name of catalog. all roles will be added to this 'folder' 
-  * **idm.pub.acc.syncRole.roles.attributeNameOfMembership** - Default value 'member', it is name of attribute of role in source system, which holds identificators of identities+  * **idm.pub.acc.syncRole.roles.attributeNameOfMembership** - (default: member) - it is name of attribute of role in source system, which holds identificators of identities
  
  
  • by apeterova