Re: group membership via cmd-connector

Fri, 09 Sep 2016 07:07:30 -0700 

On 08/09/2016 22:51, Jonas Israelsson wrote:

Greetings.
I have an old propriety system that I need to include in the provisioning. The only way I will be able to communicate with it, is via the cmd-connector.
While I have got creation and deletion of both users ans groups working, I fail to figure out how to get a hold of the group membership.
I don't understand how or what to map for the membership to be presented to the connector.
If anyone could point me in the right direction, I would be most grateful. 

Hi,
great that you've been able to put the CMD connector at work, it's not an easy beast.
The concept of "memberships" as assignment of users to groups is absent in ConnId, it's more something that Syncope adds on top.
Some connectors (LDAP, Active Directory, ...) provide "special attributes" with purpose of carrying out such information, but this needs anyway some sort of special handling on Syncope side, e.g. Propagation [1] and Pull [2] actions.
Example: the LDAP connector can be instructed, when querying for users, to return the LDAP_GROUPS special attribute for each user, which contains all the DNs of the groups that user is member of. Conversely, when creating / updating an user on LDAP, Syncope can populate the LDAP_GROUPS attribute, and the LDAP connector will take care of assigning at LDAP level.
You can take a look at how the membership action classes work for LDAP: [3] when sending during propagation and [4] when pulling users and groups. 

HTH
Regards.

[1] http://syncope.apache.org/docs/reference-guide.html#propagationactions
[2] http://syncope.apache.org/docs/reference-guide.html#pullactions
[3] https://github.com/apache/syncope/blob/master/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/propagation/LDAPMembershipPropagationActions.java [4] https://github.com/apache/syncope/blob/master/core/provisioning-java/src/main/java/org/apache/syncope/core/provisioning/java/pushpull/LDAPMembershipPullActions.java 

--
Francesco Chicchiriccò

Tirasa - Open Source Excellence
http://www.tirasa.net/

Involved at The Apache Software Foundation:
member, Syncope PMC chair, Cocoon PMC, Olingo PMC,
CXF Committer, OpenJPA Committer, PonyMail PPMC
http://home.apache.org/~ilgrosso/

Reply via email to