Coder Social home page Coder Social logo

Problem with nested Groups about entracp HOT 6 CLOSED

yvand avatar yvand commented on September 14, 2024
Problem with nested Groups

from entracp.

Comments (6)

Yvand avatar Yvand commented on September 14, 2024

Hello, what version of AzureCP did you try?

from entracp.

joker-it avatar joker-it commented on September 14, 2024

i use AzureCP v11 #12

from entracp.

cblomart avatar cblomart commented on September 14, 2024

Are you sure nested groups should work?

When you set rights to a group in sharepoint i think it only reference the group by name.

In the claims augmentation i see that the groups augmentent are only the groups the user is direct member of. (AzureCP.cs:952)

from entracp.

Yvand avatar Yvand commented on September 14, 2024

I fixed nested groups in v12, which brigs many changes and is still a beta for now.
Nested groups will work only if group claims are created with the ID of groups (and not their DisplayName).
More information on https://github.com/Yvand/AzureCP/releases/tag/v12

from entracp.

joker-it avatar joker-it commented on September 14, 2024

i installed now beta version 12 of azurecp...
config Global: Display the UserPrincipalName (or DisplayName)
config ClaimType: http://schemas.microsoft.com/ws/2008/06/identity/claims/role | Group | Id | DisplayName

now when is set new permission: i got the groups with id... but permission works only with old "groups" with Claimtype = Name...

TrustedIdentityTokenIssuer Config:
DisplayName : Role
InputClaimType : http://schemas.microsoft.com/ws/2008/06/identity/claims/role
MappedClaimType : http://schemas.microsoft.com/ws/2008/06/identity/claims/role
IsIdentityClaim : False
AcceptOnlyKnownClaimValues : False
ClaimValueModificationAction : None
ClaimValueModificationArgument :
KnownClaimValues : {}
UpgradedPersistedProperties :

Any Idea what im doing wrong?

from entracp.

Yvand avatar Yvand commented on September 14, 2024

Apart from still being a beta, v12 has breaking changes compared to previous versions, especially for group permissions.
To test permissions reliably, you need to create a new site collection, so that entities already added (regardless if there where deleted or not) do not interfere with the ones you are trying now.
With v12, assuming you use default claim types configuration:

  • group permissions are created with group IDs
  • nested groups are working

Of course, for group permissions to work, augmentation must be enabled in AzureCP settings

from entracp.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.