On 03/06/2014 11:03, Bruno SyncopeDev wrote:
Hi,
Ok, you did summarize very well my mail. I didn't want to insult
Syncope. Sorry.
Hi Bruno,
no problems at all!
I told you that our docs are quite sparse, and this is probably the
result: I encourage you to try things directly on your Syncope instance,
if you don't find anything in the docs.
It is more a problem of wording.
And I'll move to dev@ sorry.
Great.
Regards.
2014-06-03 8:55 GMT+02:00 Francesco Chicchiriccò <[email protected]
<mailto:[email protected]>>:
Hi,
what a miserable IdM would be Syncope without bearing the basic
concepts of identity and accounts!
Mapping the internal identities (not only users, but also roles)
to accounts and groups residing on external resources is probably
the core job that Syncope does. An high level explanation of this
concept can be found at
https://cwiki.apache.org/confluence/display/SYNCOPE/Schema%2C+attributes+and+mapping
towards the end of page.
When any user or role is modified, the web admin console reports
the result of such modification of either Syncope (e.g. the
identity) and all resources assigned (e.g. the accounts).
A brief outlook of all possibilities provided by Syncope about
provisioning are reported at
https://cwiki.apache.org/confluence/display/SYNCOPE/Provisioning
Some interesting enhancements that can be summarized from your
suggestions below:
1. the "orphan account detection" feature (affecting both core
and console)
2. a better GUI for managing user and role relationships with
external resources (console only)
But again, why are we discussing this at user@? dev@ would be more
appropriate.
Regards.
On 02/06/2014 23:27, SyncopeDev wrote:
Hi,
In Syncope, it seems that an identity (namely HR identity), is
linked to one account (General model).
But, there is a use case that drive to consider that a HR
identity can own several accounts.
Is there a possibility for Syncope to support these needs :
- Manage a link between a HR identity and its personnal accounts
- Manage a link between a HR identity and team accounts
- Rendering those links/attachements in Syncope Console
Purpose : Determine who is the responsible of the accounts.
That could be interesting for orphan detections.
Start a specific workflow if the team account have lost his
last owner...
This could be interesting also for auditing.
Maybe Syncope already have this functionnality.
Is it typically a feature that should be implemented in a
Third Party Application ?
Or could it be integrated in Syncope ?
Regards
--
Francesco Chicchiriccò
Tirasa - Open Source Excellence
http://www.tirasa.net/
Involved at The Apache Software Foundation:
member, Syncope PMC chair, Cocoon PMC, Olingo PMC
http://people.apache.org/~ilgrosso/
