Differences

This shows you the differences between two versions of the page.

--- tutorial:dev:ad_groups_sync_workflow [2019/11/18 09:34]
stloukalp [Set aplication properties]
+++ tutorial:dev:ad_groups_sync_workflow [2019/12/10 12:26]
stloukalp [Set aplication properties]
@@ Line 1: / Line 1: @@
 ====== Systems - Groups synchronization workflow ======
+{{tag>workflow ad ldap roles groups synchronization member memberOf}}
+<note important>Current stable version of this workflow can be found in [[devel:documentation:modules_extras|extras module]]. Please **is highly recommended** use version from extras instead of core version.</note>
 This tutorial is intended as a guide to modify workflow for synchronization groups from Active Directory.
@@ Line 61: / Line 64: @@
   * **idm.pub.acc.syncRole.roles.allToOneCatalog** - (default: null) - Add name of catalog. all roles will be added to this 'folder'
   * **idm.pub.acc.syncRole.roles.attributeNameOfMembership** - (default: member) - it is name of attribute of role in source system, which holds identificators of identities
-  * **idm.pub.acc.syncRole.roleCatalog.catalogueTreeInOneCatalog** - (default: null) - if creating of catalog like DN is enabled, this property will create tree of catalogues under root catalog. Name of this root catalog set in this property.
+  * **idm.pub.acc.syncRole.roleCatalog.catalogueTreeInOneCatalog** - (default: null) - if creating of catalog like DN is enabled, this property will create tree of catalogues under root catalog. Name of this root catalog set in this property. Catalogue folder have to and will be created in workflow process. If this property will be changed, new catalog folder will be created. Name of catalogues can be changed in IdM.
   * **idm.pub.acc.syncRole.roleSystem.forwardManagement.value** - (default: false) - When role is created with connected system and it manages membership. In this case there is option 'forward management'. This property will set this option.
   * **idm.pub.acc.syncRole.roleSystem.update.manageforwardManagement** - (default: false) - This property will manage 'forward management' option even on update roles.
   * **idm.pub.acc.syncRole.roles.nameOfRoles.doNotSentValueOnExclusion** - (default: null) - On role create with connected system and system attribute, there is option, this attribute will be skipped on excluded contract. Add to this property names of roles separeted with comma. (does not work with roles, which has comma in name)
   * **idm.pub.acc.syncRole.roles.update.nameOfRoles.manageSentValueOnExclusion** - (default: false) - This property will manage skip of attribute option even on update roles.
+  * **idm.pub.acc.syncRole.roles.create.priorityOfRoles** - (default: null, values: 1,2,3,4) - This property will set priority of roles, on this autorization workflow will be changed. **Only on create.**
+  * **idm.pub.acc.syncRole.roles.create.garanteeOfRoles** - (default: null) - This option will set role garantee of all Ldap roles. **Only on create.**
 ===== Set attributes activity =====