Cross Reference: /forgerock/openidm-v4/openidm-zip/src/main/resources/samples/sample2c/README

	README revision 4b4c3a2028eea921136be5b4717c69c074b4982e
e9f58f98089a4e4670e5ee2d3df315561084786eRich RileySample 2c - Synchronizing LDAP Group Membership
e9f58f98089a4e4670e5ee2d3df315561084786eRich Riley-----------------------------------------------
e9f58f98089a4e4670e5ee2d3df315561084786eRich RileyCopyright (c) 2012 ForgeRock AS
e9f58f98089a4e4670e5ee2d3df315561084786eRich RileyThis work is licensed under a Creative Commons Attribution-
e9f58f98089a4e4670e5ee2d3df315561084786eRich RileyNonCommercial-NoDerivs 3.0 Unported License. See
e9f58f98089a4e4670e5ee2d3df315561084786eRich Rileyhttp://creativecommons.org/licenses/by-nc-nd/3.0/
e9f58f98089a4e4670e5ee2d3df315561084786eRich Riley
e9f58f98089a4e4670e5ee2d3df315561084786eRich RileyThis sample is the same as sample 2b except that it focuses on one special
e9f58f98089a4e4670e5ee2d3df315561084786eRich Rileyattribute, ldapGroups, which is used to synchronize LDAP group membership.
e9f58f98089a4e4670e5ee2d3df315561084786eRich Riley
e9f58f98089a4e4670e5ee2d3df315561084786eRich RileyTo run this sample, launch OpenIDM with the sample configuration as follows:
e9f58f98089a4e4670e5ee2d3df315561084786eRich Riley$ /path/to/openidm/startup.sh -p samples/sample2c
e9f58f98089a4e4670e5ee2d3df315561084786eRich Riley
e9f58f98089a4e4670e5ee2d3df315561084786eRich Rileyor follow the documentation in the Install Guide:
e9f58f98089a4e4670e5ee2d3df315561084786eRich Rileyhttp://openidm.forgerock.org/doc/install-guide/index.html#more-sample2c
e9f58f98089a4e4670e5ee2d3df315561084786eRich Riley
e9f58f98089a4e4670e5ee2d3df315561084786eRich RileyThe sample configuration connects to a local OpenDJ with the following parameters:
e9f58f98089a4e4670e5ee2d3df315561084786eRich Riley
e9f58f98089a4e4670e5ee2d3df315561084786eRich Riley"host" : "localhost",
e9f58f98089a4e4670e5ee2d3df315561084786eRich Riley"port" : 1389,
e9f58f98089a4e4670e5ee2d3df315561084786eRich Riley"principal" : "cn=Directory Manager",
e9f58f98089a4e4670e5ee2d3df315561084786eRich Riley"credentials" : "password",
e9f58f98089a4e4670e5ee2d3df315561084786eRich Riley
e9f58f98089a4e4670e5ee2d3df315561084786eRich RileyUnlike sample 2, this sample sync.json configuration contains two mappings from
OpenDJ to OpenIDM and back. The number of attributes mapped are limited. The
sample contains a schedule configuration which can be used to schedule
reconciliation.

New users are created from LDAP and existing users are updated and back-linked
from OpenIDM to OpenDJ. Changes on OpenIDM are now pushed into the LDAP server.

In addition to sample 2b this sample synchronizes LDAP group membership:

Add a user to an LDAP group and run reconciliation. A new attribute, ldapGroups,
is added to the user's JSON representation in the repo. This attribute contains
a list of the group DNs that the user is a memberOf.