Menu
▾
▴
[Unity-idm-discuss] Mapping new users to a group
|
From: Gerben V. <ger...@su...> - 2015-09-07 09:27:21
|
Dear all, I am trying to map a remote user to a group within Unity. I am agble to successfully authenticate remotely. A newly authenticated remote user gets added to /. Also, in the logs I can see the attributes that have been requested. Instead of adding users to the Root group, I want to map users to a new group. This does not seem to work for me and I cannot figure out what I am doing wrong. Unfortunately, the log files do not provide any clues to what is really failing. I have the following translation profile: 1: Condition: true Action: mapIdentity Action parameters: unityIdentityType = userName expression = attr['urn:mace:dir:attribute-def:eduPersonPrincipalName'] credential requirement = Password requirement effect = CREATE_OR_MATCH 2: Condition: true Action: mapAttribute Action parameters: unityAttribute = cn group = /SURFconext expression = attr['urn:oid:1.3.6.1.4.1.5923.1.1.1.6'] visibility = full effect = CREATE_OR_UPDATE When the group in the second condition is set to /, then I can see the user being added to the / group. Of course after restarting the Authenticator. What else do I need to do to add remote users to the /SURFconext group, or any subgroups of /SURFconext for that matter? Cheers, Gerben | Data Services | Data & Cloud Services | SURFsara | | Science Park 140 | 1098 XG Amsterdam | www.surfsara.nl | T +31 (0)20 800 1338 | |
