Hi, What is the appropriate method for pushing group membership?
I tried the following: 1. Create groups in syncope 2. Add users to groups in syncope 3. Push to ldap The result of this was new groups in ldap but without members, except, oddly, the admin user added as a member. As perhaps is expected (thought not be me,) the __ENABLE__ property was not mapped to an ldap attribute automatically, and I'm not sure how to make that happen. Next: 4. Add 'description: Active' to each group in ldap directly On the next action (push, I guess) the group membership synced. Thus, my questions remain: 1. Should '__ENABLE__' be mapped to 'description' automatically and automatically set to 'Active' upon group creation in ldap (i.e.,. per resource,) and if so how is that configured to be reality? 2. Instead, if '__ENABLE__' must be configured per group, or per policy, or per realm, etc how is that achieved? 3. Why was admin user added to group? Is it because ldap 'groupOfNames' requires 'member' and requires it to have value? 4. Is the problem that 'groupOfNames' was used instead of 'groupOfUniqueNames' and if so are there extra steps to configuration to improve automated group "enabling?" 5. Is this where 'templates' come in? Thanks! Dave ----- http://analgesicsolutions.com http://github.com/Novarts/YADA -- Sent from: http://syncope-user.1051894.n5.nabble.com/
