mederly on master
Fix requestee.name reference in… (compare)
skublik on master
removing of duplicate (compare)
skublik on master
adding of tests for attachments Merge remote-tracking branch 'r… (compare)
skublik on admin-dashboard
sending jasper and dashboard re… (compare)
mederly on master
Fix TestNotifications Merge remote-tracking branch 'o… (compare)
PetrGasparik on master
Translation update, WIP (compare)
mederly on master
Fix YAML !!binary tag treatment… Merge remote-tracking branch 'o… (compare)
KaterynaHonchar on master
MID-5116 Admin GUI support for … Merge branch 'master' of https:… (compare)
mederly on master
Implement easy parsing of xsd:a… (compare)
mederly on master
Add skeleton for notification a… Merge remote-tracking branch 'o… (compare)
KaterynaHonchar on master
induced entitlement fixes fix for expression panel Merge branch 'master' of https:… (compare)
skublik on master
removing css issue in debug pag… adding attachments to mail noti… Merge remote-tracking branch 'r… and 2 more (compare)
mederly on master
Adapt admin-gui tests Now we c… Merge remote-tracking branch 'o… (compare)
mederly on netid-fixes
Add assignment path variables t… Merge branch 'support-3.9' into… (compare)
KaterynaHonchar on master
MID-5121 Induced entitlement er… Merge branch 'master' of https:… (compare)
semancik on master
Improved archetype sample (MID-… (compare)
semancik on master
Archetype UX experiments and sa… (compare)
katkav on gui-wrapper
gui prism panels and wrappers r… (compare)
semancik on master
Fixed handling of secondary ide… (compare)
KaterynaHonchar on master
more authorization checks for r… (compare)
Hi everyone. When we implement MidPoint for our clients, we take full advantage of the RBAC capabilities by applying inducements to the org hierarchy orgs and other roles. This grants a standard set of access to the identities by way of things like a person's job title/position. Since there are exceptions to every rule, occasionally identities have direct assignments of specific roles.
The user assignments page is great in that it shows all assignments a user has - broken down by both direct and indirect assignments (granted through the org/role inducements).
Our current challenge is that occasionally, a user's direct assignment may be elevated to a standard indirect assignment by way of org/role inducements (e.g. the exception becomes part of the RBAC - no longer an exception). In such scenarios, we'd like the direct assignment to somehow be auto lifted, but we're finding it difficult to get at the direct/indirect assignment information that the user assignments tab presents.
Is there midpoint utility or model that easily calculates or otherwise reports all direct and indirect assignments (and which they are) to be used in such a scenario? (note, user role membership refs don't inform how the role got there, just that it is there)
Hi everyone. Is there any effort being made or planned to release the MidPoint Client Library (https://github.com/Evolveum/midpoint-client-java) for midPoint version 4.4? We are hoping to leverage the library, but it seems the current release is 4.3 (and 4.3-M3 at that). Additionally, i'm having trouble importing it because of internal dependencies on non-existent SNAPSHOT versions from the Evolveum nexus-release repository (e.g. Could not find artifact com.evolveum.midpoint.infra:schema-pure-jaxb:pom:4.3-SNAPSHOT in nexus-release).
Any thoughts?
Hello everyone,
I have a quick question about the LDAP group assignment. I'm not sure if it's a bug.
Let's assume the following : OU for users are ou=People,dc=corp,dc=com
User 1 is uid=user1,ou=People,dc=corp,dc=com and Group1 is cn=Group1,ou=Groups,dc=corp,dc=com
The LDAP Group Metarole is working correctly, and successfully creates LDAP group based on the roles that have the "LDAP Group Metarole".
However, when User1 is assigned the group "Group 1", in the projection of the group (i.e. the OpenLDAP server), the member attribute is "uid=user1,ou=people,dc=corp,dc=com" instead of "uid=user1,ou=People,dc=corc,dc=com" (The upper case letter of "People" is missing).
Is this a bug on the projection detection or is it intended ? I noticed this issue now and it can cause issues with case sensitive systems using LDAP
@semancik @igor-farinic I have also released a new connector, SmartHR Connector.
https://github.com/openstandia/connector-smarthr
Could you add it to the connector list?
Note: SmartHR is HR cloud service optimized for labor management solutions in Japan.
https://smarthr.co.jp/en/
Hi everyone! Has anyone tried to connect OpenLDAP to MidPoint with sshPublicKey stored in LDAP? I am receiving the error trying to list accounts - "Couldn't convert resource object from ConnID to midPoint: Name=Attribute: {Name=NAME, Value=[uid=username,ou=users,dc=company,dc=test]}} refers to auxiliary object class {http://midpoint.evolveum.com/xml/ns/public/resource/instance-3}ldapPublicKey which is not in the schema"
What am I doing wrong? Basically as a part of PoC I am trying to replicate similar behaviour that is in Demo - so that account,groups and OU are synced