Hyland Community
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Provide Custom information to Activiti-app using Activiti-LDAP Sync

dilip_chenani
Champ in-the-making
Champ in-the-making

‎10-19-2015 06:31 AM

Hi Folks,

I have configured OpenDJ LDAP server with my Activiti-app. Have provided all the necessary properties in activiti-ldap.properties file and was able to successfully sync all Users from LDAP server to Activiti-app. All the users are now available in 'users' table.

Here i have one custom requirement. I want to Sync tenantId information from my LDAP to Activiti so that tenantId column in 'users' table as well as 'tenants' table carries the tenant ID passed from LDAP server. How can we achieve it?

As a workaround, I checked class LdapSyncService and LdapSettingsManager are majorly responsible for LDAP syncing. Is there any way to extend the functionality and implement my own custom one.

Regards
Dilip
Labels:
0 Kudos
9 REPLIES 9

jbarrez
Star Contributor
Star Contributor

‎10-20-2015 11:18 AM

No, that's currently not possible. The tenantId is a database generated identifier.
What you could do (but that is custom coding) is to use the name or add a new column to the tenant table to sync and match your tenant information.
0 Kudos

dilip_chenani
Champ in-the-making
Champ in-the-making

‎10-20-2015 12:46 PM

Yes I understand I can use the tenant Id name column to put my specific tenant Id and the activiti-app tenant Id is auto-generated.
But how to even sync the tenant name. Currently activiti ldap sync takes the id of the tenant-admin to assign the same tenant to all users. How can I sync tenant_id specific to each user. Mine is a multi-tenant system. And I will be using the same activiti-ldap.properties file for syncing all users. Currently it allows me to supply only one tenant-admin and hence only one tenant information to sync users with at one time.
Let us visualise it like this. After Activiti-LDAP sync, my users table should contain tenantId column filled with specific tenant ID's that were supplied by ldap.

Please advise how can we achieve this. I tried some solutions provided on the forum, but none seem to be solving the above problem.
0 Kudos

jbarrez
Star Contributor
Star Contributor

‎10-28-2015 12:44 PM

I do understand your problem, but it would need custom coding to get it done. Currently, the LDAP synchronisation uses a provided tenant Id for all the users it finds in the LDAP server. The default one won't allow to change that.

In the upcoming 1.4 release, we've extracted the LDAP sync into an interface and abstract superclass you can use to match what you need: it will allow you (with a bit of custom code, not much) to set the tenant Id specifically for the user. In the upcoming 1.4 docs, this is documented in the section 'Custom Identity Synchronization'.
0 Kudos

dilip_chenani
Champ in-the-making
Champ in-the-making

‎12-17-2015 01:18 AM

Thanks. Can I know the tentative date when 1.4 will get released?

Also, Current version of Activiti-Admin does not provides LDAP sync as Activiti-App does. How can we achieve same sync functionality in Activiti-Admin as well?

0 Kudos

jbarrez
Star Contributor
Star Contributor

‎12-22-2015 05:54 AM

1.4 has been released in the meantime (last week Friday) 🙂

No, the admin app doesn't have syncing: the reasoning is that only a handful of people have access to the admin app. And it would complicate the setup a lot too.
0 Kudos

dilip_chenani
Champ in-the-making
Champ in-the-making

‎01-17-2016 10:19 AM

If tenant id information is included as a User information such as email,firstname,lastname.., In that case will this new extension "Custom Identity Synchronization" helpful to me? I think in that case i would have to write LdapUser.java with my custom attributes . Will that be a good design. Where can i find example for Custom Identity Synchronization?

Also its not allowing me to create my custom LdapSyncService as explained in docs. Its throwing BeanCreationException : expected single matching bean but found 2: bpmLDAPSyncService,ldapSyncService
0 Kudos

jbarrez
Star Contributor
Star Contributor

‎01-21-2016 02:00 AM

You can't define a new LDAPSyncService, but you can define a class that calls the regular one, while looping over all tenants in the system and calling the sync service for each of them.
0 Kudos

pteki
Champ in-the-making
Champ in-the-making

‎06-23-2016 10:16 AM

we have the LDAP full sync set up and has been working fine with the users query. modified the query,  as not all app level users are getting pulled into activiti and all the manually added users are becoming inactive after the sync. The query is pulling the process users, but still these ids becoming inactive. Can you help where is the gap is?
0 Kudos

jbarrez
Star Contributor
Star Contributor

‎06-27-2016 04:44 AM

The ldap sync will disable any users that are defined, but are not in LDAP. They are treated like this, because this is effectively seen as a delete from LDAP. However, this only should happen with users who have an 'externalId' defined. If they don't have an externalId, the user won't be deactivated.
0 Kudos
Getting started

Tags

Find what you came for

We want to make your experience in Hyland Connect as valuable as possible, so we put together some helpful links.

Copyright © 2024 Khoros, LLC