将用户从WSO2IS部署到Active Directory
[英]Provision users from WSO2IS to Active Directory
问题描述
we would keep our user base in WSO2IS internal repository and we would like to provision users to an Active Directory ldap following our workflow, like Midpoint Evolveum or Apache Syncope do. 
我们会将用户群保留在WSO2IS内部存储库中,并且我们希望按照我们的工作流程(如Midpoint Evolveum或Apache Syncope)将用户配置到Active Directory ldap。
The use case is this: we have a new user, mr. 用例是这样的:我们有一个新用户,先生。 Foo. oo He has a role in the company: 他在公司中有一个角色:
- external user: he is added to WSO2IS and he can access webmail (webmail server uses some protocol to communicate to WSO2IS) 外部用户:他已添加到WSO2IS,并且可以访问Webmail(Webmail服务器使用某种协议与WSO2IS进行通信)
- internal user: he is added to WSO2IS, then WSO2IS provisions Foo to the company Active Directory. 内部用户:他被添加到WSO2IS,然后WSO2IS将Foo供应给公司Active Directory。
Is it possible with WSO2 Identity Server? WSO2 Identity Server是否可以?
Thanks, Mario 谢谢,马里奥
1 个解决方案
解决方案1
0 2017-09-17 01:36:03
WSO2 IS has rule based provisioning, where you can define rules to which User Store a user can be provisioned. WSO2 IS具有基于规则的供应,您可以在其中定义可以向其供应用户存储的规则。
What you need to do is to set an attribute on the new user, which signifies the user is internal or external, after execution of your workflow. 您需要做的是在执行工作流程之后,在新用户上设置一个属性,该属性表示该用户是内部用户还是外部用户。 Then this attribute can be evaluated at XACML level to do the selective provisioning. 然后,可以在XACML级别评估此属性以执行选择性配置。
Following links might help. 以下链接可能会有所帮助。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.