Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Next revision Both sides next revision | ||
tutorial:dev:ad_groups_sync_workflow [2019/12/10 12:26] stloukalp [Set aplication properties] |
tutorial:dev:ad_groups_sync_workflow [2020/03/25 06:57] kucerar New sync options for using in multiple systems |
||
---|---|---|---|
Line 70: | Line 70: | ||
* **idm.pub.acc.syncRole.roles.update.nameOfRoles.manageSentValueOnExclusion** - (default: false) - This property will manage skip of attribute option even on update roles. | * **idm.pub.acc.syncRole.roles.update.nameOfRoles.manageSentValueOnExclusion** - (default: false) - This property will manage skip of attribute option even on update roles. | ||
* **idm.pub.acc.syncRole.roles.create.priorityOfRoles** - (default: null, values: 1,2,3,4) - This property will set priority of roles, on this autorization workflow will be changed. **Only on create.** | * **idm.pub.acc.syncRole.roles.create.priorityOfRoles** - (default: null, values: 1,2,3,4) - This property will set priority of roles, on this autorization workflow will be changed. **Only on create.** | ||
- | * **idm.pub.acc.syncRole.roles.create.garanteeOfRoles** - (default: null) - This option will set role garantee of all Ldap roles. **Only on create.** | + | * **idm.pub.acc.syncRole.roles.create.garanteeOfRoles** - (default: null) - Fiil in name of role, which will become |
+ | Since Extras version 1.8.0 you can use two new options which will help with following use case: I have more then 1 AD system connected as group source. Now the workflow has " | ||
+ | This changes are backward compatible because if you don't set these new properties the WF behavior is same as in previous version. | ||
+ | If you set this property then the new behavior will be turned on. | ||
+ | * **idm.pub.acc.syncRole.roles.catalogByCodeList** - UUID of code list for catalogs for each system. Item in code list has UUID of source system and as value they have code of role catalog | ||
+ | * **idm.pub.acc.syncRole.provisioningOfIdentities.codeList** - UUID of code list for mapped sysmtes for each system. Item in code list has UUID value of AD group system which is used for synchronization and as value UUID of AD system which is used for user provisioning | ||
===== Set attributes activity ===== | ===== Set attributes activity ===== | ||
This activity is to get some attributes from icAttributes as name and distinguished name. You can get another if they will be needed in the following activities. | This activity is to get some attributes from icAttributes as name and distinguished name. You can get another if they will be needed in the following activities. |