Setting sub e-groups as roles

ibatas · December 11, 2019, 5:11pm

Hello everyone,

I use the “Automatic role population from simpleSAMLphp attributes” (/admin/config/people/simplesamlphp_auth/sync) so that I can assign roles to e-groups. I use an e-group that has two members and a sub-group of members. The problem is that the system gives the role only to the two members and not to the members of the subgroup. Do you know why this happens and how I can solve it?

Kind regards,
Ioannis

iposadat · December 12, 2019, 8:01am

Hi Ioannis,

I can confirm you later on, but e-groups sync just unroll first level of users.It does not unroll sub e-groups.

Cheers,
Ismael

sboutas · December 12, 2019, 8:16am

Ioanni in that case just map the second e-group to the same role. Then it will work just fine.

ibatas · December 13, 2019, 9:59am

Hello,

The problem was that the machine names under “Automatic role population from simpleSAMLphp attributes” were probably populated wrongly during the migration.

In my case, the “Egroup name (my-egroup-name)” was populated as ~~egroup_name_(my-egroup-name)~~ instead of egroup_name_my_egroup_name_, which I found out was the correct machine name.

Kind regards,
Ioannis

CERN Accelerating science

Setting sub e-groups as roles