Page tree

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Create new user in ou=People, dc=example, dc=com using Apache Directory Studio or use .ldif file example from pathToGit/samples/stories/unix-ldap-advanced/ldif/create-user.ldif

Result

Go to the midPoint and navigate to Users -> List Users. Search for the user using 'name' attribute for instance. One result is returned. After clicking on user details, go to the 'Assignment' tab panel. There is one assignment for role 'Unix User'. Now go to the projection. There is one projection which corresponds to the account in OpenLDAP decorated with posixAccount auxiliary object class.

...

curl --user administrator:5ecr3t -H "Content-Type: application/xml" -X PATCH/POST http://localhost:8080/midpoint/ws/rest/users/9a316a63-271e-4974-8ca5-e2baaf4d03a5 -d @pathToMidpointGit/samples/stories/unix-ldap-advanced/modification-unassignassign-parametric-role-valid-to.xml -v

Result

After clicking on user details go to the Assignment tab panel. There is one assignment 'Machine Admin - Machine Set1 (Machine Auditor - Machine Set2). Now go to the Projection tab panel.There is no projection and no account in OpenLDAP (with intent default). Open Apache Directory Studio and search for the user aM1Admin. There is no such user. Check groups for Machine Set 1, in any of them there is no memberUid with value aM1Admin.

...