The Synchronization Editor tool is used to configure the Amazon (S3 and AWS) connector to support entitlements for User.
To configure Amazon S3 AWS connector to support entitlements for User:
Open the Synchronization Editor.
Open the specific synchronization project.
Navigate to the Mappings tab and select User.
Remove vrtEntitlements from the One Identity Manager side in the Mapping window.
In the Property mapping rules section, add the new mapping rule Value Comparison Rule, with the value vrtProfiles <--> Entitlements~value.
Run the synchronization.
The users and entitlements that exist on the target system instance are synchronized with One Identity Manager.
To configure the Amazon (S3 and AWS) connector to support entitlements for Group, create a custom process using the Designer tool and then configure the connector using the Synchronization Editor.
To configure the Amazon S3 AWS Connector to support entitlements for Group, do the following:
The Designer tool is used to create a custom process for Group.
NOTE:Refer to the default custom process for User. For more information, see Viewing the default custom process for User.
To create a custom process for Amazon S3 AWS connector to support entitlements for Group:
Process properties |
Value |
---|---|
Name |
UCI_UCIGroupHasItem_Update |
Table |
UCIGroupHasItem |
Pre-script for generating |
If Not CBool(Connection.Variables("FULLSYNC")) AndAlso _ Not CBool(Connection.Variables("PendingChangeReady")) AndAlso _ Not $FK(UID_UCIGroup).FK(UID_UCIRoot).IsManualProvisioning:Bool$ Then Imports System.Collections.Generic Dim data As IDictionary(Of String,string) = Nothing values("AdHocDataFound") = False values("NeedExecute") = true ' try to get UCI data Try Dim myUCIGroup As ISingleDbObject = Connection.CreateSingle("UCIGroup",$UID_UCIGroup$) data = DPR_GetAdHocData($FK(UID_UCIGroup).FK(UID_UCIRoot).XObjectKey$,"SCIM","","Update",myUCIGroup.GetEntity()) Catch ex As AdHocDataException End Try If Not data is Nothing values("AdHocDataFound") = True values("ObjectKey") = New DbObjectKey("UCIGroup",$UID_UCIGroup$).ToXmlString() values("UID_DPRSystemVariableSet") = data("VariableSetUID") values("UID_DPRProjectionConfiguration") = data("ProjectionConfigUID") values("UID_QBMServer") = data("ExecutionServerUID") End if End If |
Generating condition |
Value = Not CBool(Connection.Variables("FULLSYNC")) AndAlso _ Not CBool(Connection.Variables("PendingChangeReady")) AndAlso _ Not $FK(UID_UCIGroup).FK(UID_UCIRoot).IsManualProvisioning:Bool$ AndAlso _ CBool(values("AdHocDataFound")) Andalso _ UCI_TargetUsesProfiles($FK(UID_UCIGroup).UID_UCIRoot$) |
In the Edit event window, click + next to the Object Event field.
The Edit object event window is displayed
Select Database| Compile Database in the Designer tool.
Use the Synchronization Editor Tool to create a new mapping for Group. For more information, see Configuring Amazon S3 AWS connector to support entitlements for Group using the Synchronization Editor
The Synchronization Editor tool is used to configure the Amazon (S3 and AWS) connector to support entitlements for Group.
NOTE: Create a multivalued array property to hold entitlements for Group.
To configure Amazon S3 AWS connector to support entitlements for Group:
Open the Synchronization Editor tool.
Open the specific synchronization project.
Navigate to Configuration | One Identity Manager Connection |Update Schema.
|
Run the synchronization.
The groups and entitlements that exist on target system instance are synchronized with One Identity Manager.
© 2024 One Identity LLC. ALL RIGHTS RESERVED. 使用条款 隐私 Cookie Preference Center