Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision Both sides next revision
tutorial:dev:ad_groups_sync_workflow [2019/08/29 13:35]
stloukalp 		tutorial:dev:ad_groups_sync_workflow [2019/11/18 09:34]
stloukalp [Set aplication properties]
Line 51: Line 51:
 With button **Add** you can add any property described bellow and configure workflow. With button **Add** you can add any property described bellow and configure workflow.
   * **idm.pub.acc.syncRole.role.canBeRequested** - (true/false, default: false) - sets to all roles, if the role can be requested by identity   * **idm.pub.acc.syncRole.role.canBeRequested** - (true/false, default: false) - sets to all roles, if the role can be requested by identity
 +  * **idm.pub.acc.syncRole.role.update.manageCanBeRequested** - (true/false, default: false) - enable/disable setting can-be-requested role attribute
   * **idm.pub.acc.syncRole.system.mapping.objectClassName** - (default: \_\_ACCOUNT\_\_) this is important to provisioning member attribute of identity. It is an object class name of identity schema. It supposedly can stay as "\_\_ACCOUNT\_\_"   * **idm.pub.acc.syncRole.system.mapping.objectClassName** - (default: \_\_ACCOUNT\_\_) this is important to provisioning member attribute of identity. It is an object class name of identity schema. It supposedly can stay as "\_\_ACCOUNT\_\_"
   * **idm.pub.acc.syncRole.system.mapping.attributeMemberOf** - (default: ldapGroups) - it is the name of an attribute in a mapping of identity provisioning. It is usually memberOf or ldapGroup. This attribute will be added to role's mapping with tramsformation script (which will be set later). -    * **idm.pub.acc.syncRole.system.mapping.attributeMemberOf** - (default: ldapGroups) - it is the name of an attribute in a mapping of identity provisioning. It is usually memberOf or ldapGroup. This attribute will be added to role's mapping with tramsformation script (which will be set later). - 
   * **idm.pub.acc.syncRole.system.mapping.attributeRoleIdentificator** - (default: distinguishedName) - the name of an attribute in the connector, which holds the distinguished name of a role.   * **idm.pub.acc.syncRole.system.mapping.attributeRoleIdentificator** - (default: distinguishedName) - the name of an attribute in the connector, which holds the distinguished name of a role.
-  * **idm.pub.acc.syncRole.provisioningOfIdentities.system.code** - (default: null) - it is code (name) of the system, where identities have provisioning.+  * **idm.pub.acc.syncRole.provisioningOfIdentities.system.code** - (default: null, _**mandatory**_) - it is code (name) of the system, where identities have provisioning.It is now mandatory attribute, otherwise workflow will not be working
   * **idm.pub.acc.syncRole.identity.eav.externalIdentifier.code** - (default: null) - code of eav of a distinguished name of identities. it is used in creating entity in the situation of a Missing entity. It is important when groups in AD already have members and some of the identities DNs cannot be calculated again.   * **idm.pub.acc.syncRole.identity.eav.externalIdentifier.code** - (default: null) - code of eav of a distinguished name of identities. it is used in creating entity in the situation of a Missing entity. It is important when groups in AD already have members and some of the identities DNs cannot be calculated again.
   * **idm.pub.acc.syncRole.roleCatalog.ResolveCatalog** - (true/false, default: true) - This property will disable creating of catalogue.   * **idm.pub.acc.syncRole.roleCatalog.ResolveCatalog** - (true/false, default: true) - This property will disable creating of catalogue.
  • by apeterova