comanage-users - Re: [comanage-users] Group management within a COU
Subject: COmanage Users List
List archive
- From: Duncan Brown <>
- To: Scott Koranda <>
- Cc: "" <>
- Subject: Re: [comanage-users] Group management within a COU
- Date: Fri, 22 Apr 2022 12:57:45 +0000
- Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=syr.edu; dmarc=pass action=none header.from=syr.edu; dkim=pass header.d=syr.edu; arc=none
- Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=KbQnVPTIVCtsYU8XbNR967JS+IYiz2g9ObVNPXzpp0s=; b=huzJ2MS0yfZMrVrDvxzqJwlOUbUJcbEymaOqU5LLLhraEIF1MJcRF1OaPWhgAMpqmh8J6wz4yWmdyO2qBicFeyIBxA/ohLsJ6wV3GLeN97f8BRxKMWADcjoy2u97D0A3d24OwcapDknzjij9jepf8hLn3E9OxKG9b/bSn7tj9kCQh4rSzWtf+hhB9ZcjPYKfbTc50rBgyJ6pOTZNAy6dybZPNnzhYYkIb1Bj6re/OPvFbTZN8nMvjxf4pkMdK4guh8BeTmMI+tTRvjgyuWq9LcpfGnR9zLSiOYkTZC9ajJ+mVJc1e74GA+mwep2hzlEhrmmuuTdps2k9qlRfiUc9+A==
- Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=MYJU0kLNnagrxmbmuyq9Ui08EIpr27pNnC1Mgnzc6/jpO9LpXtYig2NZ8uAxrgQ1/F25lECkUnrZLXKRV7d46+B66bb6imL5EE4Su3nr8zXeGcHpgZG/C00JGSbfVE7IOccDR05HPT2NUBxdLF+AviZO3X/25SlBMRNvi+RmCmx5C0Bmx3vlfXUuporvHbFRh3xfT2yM6NmjFlnqjZTm3hsdwJhuah5bNlO9KCdzijcjjUZxpHcb7UsrtwV5BDiCNG8nbRsDvUzPteuC5IM3ZQVUqsIyVjujqCWfXB7MDxcePiwqBe39TMMDw7EJla6gXQBW4tZN3QM4n3o1BZ0ZMA==
Hi Scott,
> On Apr 21, 2022, at 3:48 PM, Scott Koranda <> wrote:
>
> Hi Duncan,
>
> Comments inline below.
>
>> Is it possible to restrict the ability to add and remove group to a
>> specific COU,
>
> No.
>
>> or is an open group open to everyone in the CO?
>
> Yes. Any CO Person can add themselves to an open CO Group.
Thanks, that's what I suspected.
>
>> If the answer is "no," is there an easy way to add people from one CO
>> to a new CO without everyone having to go through the enrollment flow
>> again?
>
> Easy? No.
mysql -u root -p...
> I have a design for an Organizational Identity Source (OIS) plugin that
> would use one CO as the source of organizationial identities for another
> CO, but it is only in the design phase and will not help you any time
> soon.
That does sound like what I need, so +1 for development.
> In the meantime, I suspect you are provisioning your first/source CO
> into LDAP.
>
> You might then consider using those LDAP records with the LDAP Source
> OIS
>
> https://spaces.at.internet2.edu/display/COmanage/LDAP+Source
>
> with the second CO. There is a Search Filter configuration that should
> allow you to "cherry pick" the records you want in the second CO.
Great, thanks. I will give that a go. I need to upgrade to the latest Docker
containers, so I'll do that first and then try the LDAP source.
Cheers,
Duncan.
>
> Cheers,
>
> Scott
>
>>
>> Cheers, Duncan.
>>
>> --
>>
>> Duncan Brown Room 263-1, Physics
>> Department Charles Brightman Professor of Physics Syracuse
>> University, NY 13244 http://dabrown.expressions.syr.edu
>> (+1) 315 443 5993
>>
>>
--
Duncan Brown Room 263-1, Physics Department
Charles Brightman Professor of Physics Syracuse University, NY 13244
http://dabrown.expressions.syr.edu (+1) 315 443 5993
- [comanage-users] Group management within a COU, Duncan Brown, 04/21/2022
- Re: [comanage-users] Group management within a COU, Scott Koranda, 04/21/2022
- Re: [comanage-users] Group management within a COU, Duncan Brown, 04/22/2022
- Re: [comanage-users] Group management within a COU, Scott Koranda, 04/21/2022
Archive powered by MHonArc 2.6.24.