comanage-users - Re: [comanage-users] Group management within a COU
Subject: COmanage Users List
List archive
- From: Scott Koranda <>
- To: Duncan Brown <>
- Cc: "" <>
- Subject: Re: [comanage-users] Group management within a COU
- Date: Thu, 21 Apr 2022 14:48:43 -0500
- Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=illinois.edu; dmarc=pass action=none header.from=illinois.edu; dkim=pass header.d=illinois.edu; arc=none
- Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=kOtVGKP1HPOTbwYRutUOS7mvcU4XE0O+IWHBQnawX1I=; b=bw8pEwp77MLfDMY/iUnc8TGF30BHWKvJzBi2QZQIytOzMtTsVQ75DAI5LF2BE9AD0lgQWnWNkU9kh0yuhREO6jmSR0UNWRGVs7tSLCS93cvKmBxJFGKwi/+F8ugYf1PWnVqj829NNEtctFCOUt0GzbddcwVzKBT20B3i44HToaHdGLErhopRFQSU0uuP9QiTuQr4U+zEmVkqeZFmG4BHuaNj8XDnLkvusMsS6gUioRIemTe826DlDPlN2heQ/4w5lAriCJZsza410CKq4a/JnS1gIAMvLNfqMwZQkQvZn6ACkc4crHBciQNk1CFbU4WTRoZNY1adprMLKYPJYqvu3g==
- Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=PIb6LEbkAoAmyyzQ0QUrHBBUwrkeWGZInQphze7laR69ikbxYd32ix0jmFMgGhpfR7WyZc/hxYRob33YtpoYjUdlPEhRyD2BzZxkceG3qrHYn3xJdQkeqcFScoEo6EzwTMuPhf19qmgcwB/VbMlKpwEtcMDP1aFSPk3d9WpS4BIfYV03beYjW9ZX00QyjaKTasFijE9t49lflUR7AU2g6QNCAxhMf3ZPzaxSNlG3Pjsue2IemvZLhZYQe2qxIsSwv/II3Xp9LkE8+2xL0o2tjDYBxl9CsHIzrAm+mO+gurxqsq4QAiL7sP8vBZKKZgCA8ArDvminn8ljtP92ozZo1w==
Hi Duncan,
Comments inline below.
> Is it possible to restrict the ability to add and remove group to a
> specific COU,
No.
> or is an open group open to everyone in the CO?
Yes. Any CO Person can add themselves to an open CO Group.
> If the answer is "no," is there an easy way to add people from one CO
> to a new CO without everyone having to go through the enrollment flow
> again?
Easy? No.
I have a design for an Organizational Identity Source (OIS) plugin that
would use one CO as the source of organizationial identities for another
CO, but it is only in the design phase and will not help you any time
soon.
In the meantime, I suspect you are provisioning your first/source CO
into LDAP.
You might then consider using those LDAP records with the LDAP Source
OIS
https://spaces.at.internet2.edu/display/COmanage/LDAP+Source
with the second CO. There is a Search Filter configuration that should
allow you to "cherry pick" the records you want in the second CO.
Cheers,
Scott
>
> Cheers, Duncan.
>
> --
>
> Duncan Brown Room 263-1, Physics
> Department Charles Brightman Professor of Physics Syracuse
> University, NY 13244 http://dabrown.expressions.syr.edu
> (+1) 315 443 5993
>
>
- [comanage-users] Group management within a COU, Duncan Brown, 04/21/2022
- Re: [comanage-users] Group management within a COU, Scott Koranda, 04/21/2022
- Re: [comanage-users] Group management within a COU, Duncan Brown, 04/22/2022
- Re: [comanage-users] Group management within a COU, Scott Koranda, 04/21/2022
Archive powered by MHonArc 2.6.24.