Re: Global uniqueness requirement of username

On Fri, May 14, 2021 at 7:27 AM Francesco Chicchiriccò wrote: > > At a first glance, there seems to be some difference between > "membValue.toString()" from [4] - logged as > > uid=roger,ou=People,dc=flat,dc=https:/ > /cloud,dc=services,dc=vnet > > and "membValue" as reported by log statement at

Re: Global uniqueness requirement of username

On Mon, May 10, 2021 at 9:04 AM Francesco Chicchiriccò wrote: Got my Groovy script working, good progress! There was still one thing lingering around that I forgot the come back to: > Secondly, some of the organisation DN's contain (forward) slashes in the > dc part of their DN, which makes

Re: Global uniqueness requirement of username

On Tue, May 11, 2021 at 4:52 PM Francesco Chicchiriccò wrote: > You can have a look at what can be done in a PropagationActions class by > looking at matching classes under > > >

Re: Global uniqueness requirement of username

: > On 10/05/21 14:05, Martin van Es wrote: > > > > On Mon, May 10, 2021 at 9:07 AM Francesco Chicchiriccò < > ilgro...@apache.org> wrote: > >> On 07/05/21 19:50, Martin van Es wrote: >> >> Another question. >> How would I print debug (core.log)

Re: Global uniqueness requirement of username

On Mon, May 10, 2021 at 9:07 AM Francesco Chicchiriccò wrote: > On 07/05/21 19:50, Martin van Es wrote: > > Another question. > How would I print debug (core.log) statements in a Groovy propagation > action script? > > Not very related to the subject, but you can find a

Re: Global uniqueness requirement of username

Another question. How would I print debug (core.log) statements in a Groovy propagation action script? Best regards, Martin On Fri, May 7, 2021 at 1:49 PM Martin van Es wrote: > Hi, > > I've been playing around with Syncope again and was trying to sync a src > LDAP scheme t

Global uniqueness requirement of username

Hi, I've been playing around with Syncope again and was trying to sync a src LDAP scheme that contains multiple organizations, which contain multiple Groups and People branches. All of these branches contain organisation specific users, possibly sharing the same uid (login name). You might call

Re: Resource specific counters in Syncope

Hi Francesco, Thx for the quick reply! On Wed, Oct 7, 2020 at 11:18 AM Francesco Chicchiriccò wrote: > Hi Martin, > so you'd want to keep different counters for different External Resources, > and inject appropriate values from such counters during propagation, to > populate attributes like as

Resource specific counters in Syncope

Hi, It's been a while since I last took a look at Syncope but we have recently decided that it may fill a gap in our provisioning landscape. Our project is brought to life to enable collaborative organisations for research projects in the Netherlands. As is normal in the education world,

Re: Provisioning Realms

: InvalidEntityException: JPAGroup [InvalidName] Best regards, Martin On Tue, May 8, 2018 at 9:53 AM Martin van Es <mrva...@gmail.com> wrote: > I see that renaming Realms isn't forbidding in console, so keeping track of > the o's via entryUUID and renaming Realms should be possible if only

Re: Provisioning Realms

tin On Mon, May 7, 2018 at 4:50 PM Martin van Es <mrva...@gmail.com> wrote: > The only minor remaining problem: 'o' moves are not detected, because > there's no way I can find a way to link the realm to the source's entryUUID? > The result is there is a stale oldname realm left, and a ne

Re: Provisioning Realms

attribute in Pull Policy 'Realm' which I can apply to the REALM Resource that pulls in the realms, but I keep getting u_realm_name unique name constraints violations on all following pulls. Best regards, Martin On Thu, May 3, 2018 at 10:31 PM Martin van Es <mrva...@gmail.com> wrote: > Ok, I

Re: Provisioning Realms

Hi, On Thu, May 3, 2018 at 12:43 PM Andrea Patricelli < andreapatrice...@apache.org> wrote: > > Realms created in the root realm: > > CREATE SUCCESS (key/name): 3a3370df-3aa2-4787-b370-df3aa2278786///Foobar > > CREATE SUCCESS (key/name): 38d90785-ab9c-4fc8-9907-85ab9c2fc8e4///Foobar2 > > CREATE

Provisioning Realms

Hi, This is related to my earlier question about creating Realms based on dynamic VO's (organized as o= entities in LDAP). I'm trying to get FULL RECONCILIATION working, which succeeds for the first time, but results in unique "u_realm_name" constraint violations on second attempt, even though I

Infer (virtual) organisation from DN only

Hi, I was playing around with syncope to manage people in dynamically created virtual organisations. Would it be possible to deduce their VO and dynamically assign realm only by their DN (from ,o=,) without syncope coding effort and without having to create a new resource? Someting like a regular

Re: CSVDir pull connector challenge

On Tue, Jan 24, 2017 at 10:03 AM, Francesco Chicchiriccò wrote: >> So, you suggest I turn to Connid now for my functional issues with CSVDir? > > > I would first clarify if there is something wrong ongoing (as suggested > above), then possibly report to ConnId. I was

Re: CSVDir pull connector challenge

On Mon, Jan 23, 2017 at 4:36 PM, Francesco Chicchiriccò wrote: > but essentially, the "mandatory condition" can be specified both at Schema > level (hence value(s) must be provided globally) or at mapping level (hence > value(s) must be provided when provisioning to / from

CSVDir pull connector challenge

Hi, Finally, I've taken the time and went ahead (re)installing Syncope to try and play with 2.0. First: it's a nice improvement (on the admin interface). Well done! I've (re) created my test LDAP connector and am able to provision/activate/enable/disable users and groups/groupMembership from

Re: Multiple Role Approval Requests

Hi, On Tue, Jan 26, 2016 at 8:51 AM, Francesco Chicchiriccò <ilgro...@apache.org > wrote: > On 22/01/2016 14:11, Martin van Es wrote: > >> Hoping nobody minds stealing this thread I'd like to ask how (simple) >> approvals are enabled in the first place? I've updated to 1

Re: Remove role membership fails

Hmm... can't reproduce since Chrome update and restart. Consider mail below as unsent, or just listnoise ;) Best regards, Martin On Tue, Dec 15, 2015 at 4:00 PM, Martin van Es <mrva...@gmail.com> wrote: > Hi, > > I just reinstalled my syncope test installation (1.2.6)

Remove role membership fails

Hi, I just reinstalled my syncope test installation (1.2.6) and succesfully reconfigured LDAP provisioning including groupmembership. Getting better at this every time ;) But! If I try to remove a user from a role, the "delete" link is dead, it doesn't do anything (really nothing happpens in

Can't change admin pwd

regards, Martin van Es -- If 'but' was any useful, it would be a logic operator

Re: PWM as password manager

Hi Francesco, On Thu, Nov 6, 2014 at 4:34 PM, Francesco Chicchiriccò ilgro...@apache.org wrote: On 05/11/2014 19:09, Martin van Es wrote: Hope this clarifies my endavours a bit. Only a bit, actually :-) But still I don't get why you are not just using AES on Syncope: any propagation

Re: PWM as password manager

HI Francesco, On Thu, Nov 6, 2014 at 5:36 PM, Francesco Chicchiriccò ilgro...@apache.org wrote: Ok, then you need a synchronization action class that, when synchronizing from LDAP will inspect the password value and remove it from synchronization attributes if the password values starts with

Re: PWM as password manager

/confluence/pages/viewpage.action?pageId=27841983 On 27/10/2014 22:52, Martin van Es wrote: To answer myself, I thought I could tackle this by setting the password plaintext in LDAP using PWM (using a plaintext password_hash rule in slapd) and then sync it to Syncope and have it set by it's

Re: Can't change password.cipher.algorithm into AES in console configuration

Thx, workaround 1 did the job! ;) Regards, Martin On Mon, Oct 27, 2014 at 1:39 PM, Francesco Chicchiriccò ilgro...@apache.org wrote: On 27/10/2014 13:17, Martin van Es wrote: Hi, I've just started looking at Syncope again and installed 1.2.0 from debian packages on a fresh ubuntu 14.04LTS

PWM as password manager

Hi, I'd like to use PWM for Password Self-service management, but that will only let me set passwords for users in an LDAP server. https://code.google.com/p/pwm/ How would I make (Open)LDAP password leading for all passwords, but keep Syncope for propagating users (including passwords) to