> > 4) Role membership is working fine for propagation (create a new role + > propagate it, create a new user with that role + propagate it, and the new > role in the backend has the correct "member" entry). However, > synchronization doesn't work. If I then synchronize by running the task > again (with LDAPMembershipSyncActions), the role of the User actually > disappears. Was this working when testing or is it possibly a bug when > using "member" instead of "memberof"? >
LDAPMembershipPropagationActions has "ldapGroups" as the group member attribute name, whereas LDAPMembershipSyncActions has "uniquemember". Is there a reason why it is different in both cases? Shouldn't they also check the value of the "groupMemberAttribute" property of the LDAP Connector? Colm. On Fri, Feb 15, 2013 at 3:48 PM, Colm O hEigeartaigh <cohei...@apache.org>wrote: > Hi all (Francesco), > > I've been experimenting with propagating/synchronizing roles from an LDAP > backend on trunk...here are some questions: > > 1) When specifying the "Account Id", where does the "name" come from? For > example, for user mapping it's "username", for the role mapping it's > "name", which is a bit confusing (I would have guessed "rolename"). > > 2) If I create a new Role and propagate it with > LDAPMembershipPropagationActions, it selects the principal specified in the > Connector as the member in the backend resource. Is this expected behaviour? > > 3) Are role hierarchies supported for either propagation or > synchronization? They don't appear to be, but thought I'd check anyway. > > 4) Role membership is working fine for propagation (create a new role + > propagate it, create a new user with that role + propagate it, and the new > role in the backend has the correct "member" entry). However, > synchronization doesn't work. If I then synchronize by running the task > again (with LDAPMembershipSyncActions), the role of the User actually > disappears. Was this working when testing or is it possibly a bug when > using "member" instead of "memberof"? > > Thanks, > > Colm. > > > -- > Colm O hEigeartaigh > > Talend Community Coder > http://coders.talend.com > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
