mkdir /var/lib/ldap/evolveum-net chown openldap:openldap /var/lib/ldap/evolveum-net slapdconf create-suffix dc=evolveum,dc=net --dbDir=/var/lib/ldap/evolveum-net --rootPassword secret slapdconf add-schema -f samples/evolveum/midpoint.schema ldapadd -H ldapi:/// -D "cn=admin,dc=evolveum,dc=net" -w secret -f samples/evolveum/evolveum-net.ldif slapdconf set-suffix-acis dc=evolveum,dc=net < samples/evolveum/evolveum-net.aci
Evolveum Demo Sample
This is a description of the samples in:
The demo shows a small organization using Evolveum team members as examples. The goal is to show midPoint features such as:
Import all the XML files from the sample directory.
midPoint setup up:
Setup up user template in the system configuration
Setup up org template in the system configuration
Set up role catalog in system configuration (<roleManagement><roleCatalogRef oid="00000000-ee88-6666-0000-c00000000000"/></roleManagement>)
CSV resource that contains simple employee data.
CSV file setup
Copy hr.csv file from
DN suffix: dc=evolveum,dc=net
manager of serveral orgs
There are several job roles that are automatically assigned: CEO, Software Developer, IDM Engineers, etc.
These roles are automatically assigned in the user template based on the value of
This property is inbound mapped from the HR
There is a functional organizational structure with divisions and departments.
Some organizational units have managers (semancik, ifarinic; they have
The managers are delegated administrators and approvers.
They can see people in their parts of organizational structure.
Functional organizational structure membership is automatically assigned in user template based on the value of
This is inbound mapped from HR
There is also project organizational structure. But this not really used now.
There is a simple role catalog with couple of applications. The roles in "Jira" application also have corresponding LDAP groups. The devel, admin ans write roles are subject to approval. The reader roles do not have approval. The aditor roles are not requestable at all.