Il 14/06/2013 10:31, Jordi Clement ha scritto:
Hi,
thanks for your quick reply!
I want provision the fact that the user is assigned a role in Syncope
to a target system. Not use the roles to assign resources and
propagate my account there (RBAC). Is it possible to just provision
the role names to an arbitrary field in the target system?
You can add a user mapping (pay attention, USER mapping) for a role
attribute (choose it by the first field of a mapping item).
Best regards,
F.
kind regards,
J.
On 14 jun. 2013, at 10:17, Fabio Martelli <[email protected]
<mailto:[email protected]>> wrote:
Il 14/06/2013 10:11, Jordi Clement ha scritto:
Hi,
I’ve a question regarding the propagation of Syncope role
memberships to a target system.
1. I’ve created a bunch of roles in Syncope using the UI. I’ve only
set the role name, nothing more. So there are no attributes, nor
resources assigned.
2. I’ve created and configured an LDAP resource. In the user schema
map I’ve configured Role - RoleName -> description (just to test)
3. I’ve then created a new user and assigned that user 2 roles, and
the LDAP resource.
The user is propagated. But I expected the names of the 2 roles to
be propagated to the description field. Unfortunately that’s not the
case. What am I doing wrong? How can I provision the Syncope
Rolenames (not the role itself) to an attribute on a target system?
Resource have to be assigned to the role.
Rgds,
F.
