COmanage Users List

[Duncan Brown <>]

Hi Scott,

> On Apr 21, 2022, at 3:48 PM, Scott Koranda <> wrote:
> 
> Hi Duncan,
> 
> Comments inline below.
> 
>> Is it possible to restrict the ability to add and remove group to a
>> specific COU,
> 
> No.
> 
>> or is an open group open to everyone in the CO?
> 
> Yes. Any CO Person can add themselves to an open CO Group. 

Thanks, that's what I suspected.

> 
>> If the answer is "no," is there an easy way to add people from one CO
>> to a new CO without everyone having to go through the enrollment flow
>> again?
> 
> Easy? No.

mysql -u root -p...

> I have a design for an Organizational Identity Source (OIS) plugin that
> would use one CO as the source of organizationial identities for another
> CO, but it is only in the design phase and will not help you any time
> soon.

That does sound like what I need, so +1 for development.

> In the meantime, I suspect you are provisioning your first/source CO
> into LDAP.
> 
> You might then consider using those LDAP records with the LDAP Source
> OIS
> 
> https://spaces.at.internet2.edu/display/COmanage/LDAP+Source
> 
> with the second CO. There is a Search Filter configuration that should
> allow you to "cherry pick" the records you want in the second CO.

Great, thanks. I will give that a go. I need to upgrade to the latest Docker 
containers, so I'll do that first and then try the LDAP source.

Cheers,
Duncan.

> 
> Cheers,
> 
> Scott
> 
>> 
>> Cheers, Duncan.
>> 
>> -- 
>> 
>> Duncan Brown                              Room 263-1, Physics
>> Department Charles Brightman Professor of Physics     Syracuse
>> University, NY 13244 http://dabrown.expressions.syr.edu
>> (+1) 315 443 5993
>> 
>> 

-- 

Duncan Brown                              Room 263-1, Physics Department
Charles Brightman Professor of Physics     Syracuse University, NY 13244
http://dabrown.expressions.syr.edu                     (+1) 315 443 5993