On 16/04/2013 18:10, Nik wrote:
Hi,
I'm new to syncope, but I like what I'm seeing already, this is a
nifty open source offering, thanks.
Hi Nik, and welcome to Syncope!
I have a requirement which no doubt others may have had.
Can I create a role in syncope which will be propagated to opendj ldap
(group x, y or z)?
Absolutely yes: starting with 1.1.0, role provisioning to external
resources is fully supported.
Details:
in such a fashion that syncope (role create process) does an ldap add
(propagate) of that role to an ldap base group e.g.
ou=groups,o=usharesoft, and just for fun be able to add that role (+
other roles) to a new user which will be propagated to the ldap at the
same time "atomically"?
Thinking about it, it could be a 3 step work flow a) create role(s) and
b) assign role(s) to user(s)
c) send to ldap.
I tried to follow the doc but got lost with inputting the "virtual
value" for an rvirtualdata. Any tips, clarifications, syncope roles
specific blogs or RTFM
Since you are new to Syncope, I'd rather suggest to download [1] the
1.1.0 standalone distribution: if you take a look at what is included
[2], you will notice that there is an LDAP resource provided by
ApacheDS, fully configured to achieve the goals you report above.
You can take the LDAP configuration of the standalone distribution as
reference for your own use case with OpenDJ.
I will try in the coming weeks to post something about this with some
detailed instructions - or barely extend [3] for 1.1.0 - but until then
I think you'd better take inspiration from the standalone distribution's
LDAP configuration.
Regards.
[1] http://syncope.apache.org/downloads.html
[2]
https://cwiki.apache.org/confluence/display/SYNCOPE/Run+Syncope+standalone+distribution
[3]
https://cwiki.apache.org/confluence/display/SYNCOPE/Configure+an+LDAP+resource
--
Francesco Chicchiriccò
ASF Member, Apache Syncope PMC chair, Apache Cocoon PMC Member
http://people.apache.org/~ilgrosso/
