On 07/03/2018 09:01, ale...@gmail.com wrote:
I have implemented LDAPUserOwnerPropagationActions and it works perfectly when in 
syncope console on group I click Manage Resources -> Select Resource -> click 
In Active Directory (AD) managedBy is filled successfully.
Also it works when I edit group and update userOwner and any other attribute 
that is mapped in Mapping. The changes are propagated to AD successfully ( 
LDAPUserOwnerPropagationActions is triggered).
BUT when I edit group and update only userOwner, then this changes are not 
propagated to AD ( LDAPUserOwnerPropagationActions  is not triggered).

DO you have any ideas about this?

glad that almost everything is working for you now (BTW: any chance to share your use case somehow?).

About the last point, you are essentially updating a Group, and as a consequence of this, you want Users to be propagated: in the general case, Syncope does not work this way: when you modify a Group, that Group's provisioning will take place; when you modify a User, that User's provisioning will take place.

In order to trigger provisioning of a given Group's members instead, you'll need, after updating the Group itself, to explicitly invoke the "provision members" / "deprovision members" feature for the given Group. As always, you can do this either by calling the corresponding REST endpoint, e.g.

POST /groups/{key}/members/{actionType}

or via Admin Console: select the Group's row, then "provision members" / "deprovision members"  from the menu.


Francesco Chicchiriccò

Tirasa - Open Source Excellence

Member at The Apache Software Foundation
Syncope, Cocoon, Olingo, CXF, OpenJPA, PonyMail

Reply via email to