Provision users from WSO2IS to Active Directory
Question
we would keep our user base in WSO2IS internal repository and we would like to provision users to an Active Directory ldap following our workflow, like Midpoint Evolveum or Apache Syncope do.
The use case is this: we have a new user, mr. Foo. He has a role in the company:
- external user: he is added to WSO2IS and he can access webmail (webmail server uses some protocol to communicate to WSO2IS)
- internal user: he is added to WSO2IS, then WSO2IS provisions Foo to the company Active Directory.
Is it possible with WSO2 Identity Server?
Thanks, Mario
1 answers
solution1
0 2017-09-17 01:36:03
WSO2 IS has rule based provisioning, where you can define rules to which User Store a user can be provisioned.
What you need to do is to set an attribute on the new user, which signifies the user is internal or external, after execution of your workflow. Then this attribute can be evaluated at XACML level to do the selective provisioning.
Following links might help.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.