Versions Compared

Old Version 27

changes.mady.by.user Hyzer

Saved on

compared with

New Version 28

changes.mady.by.user Hyzer

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Configuration in grouper.base.properties

Code Block

###################################
## Deprovisioning
###################################

# if deprovisioning should be enabled
deprovisioning.enable = true

# comma separated realms for deprovisioning e.g. employee, student, etc
# these need to be alphanumeric suitable for properties keys for further config or for group extensions
deprovisioning.realms = 

# Group name of the group that identifies generally if an entity is in this realm. So if a group is deprovisioned 
# by various realms, then only deprovision if the entity in the group is not in any realm eligible group. 
# e.g. VPN is deprovisioned by realms employee and student. If the person is no longer an employee, but is still 
# a student, then dont deprovision.
# deprovisioning.realm_<realmName>.groupNameMeansInRealm = a:b:c
# deprovisioning.realm_employee.groupNameMeansInRealm = community:employee


# folder where system objects are for deprovisioning
# e.g. managersWhoCanDeprovision_<realmName>
# e.g. deprovisioning:usersWhoHaveBeenDeprovisioned_<realmName>
deprovisioning.systemFolder = $$grouper.rootStemForBuiltinObjects$$:deprovisioning

# autocreate the deprovisioning groups
deprovisioning.autocreate.groups = true

# users in this group who are admins of a realm but who are not Grouper SysAdmins, will be 
# able to deprovision from all grouper groups/objects, not just groups they have access to UPDATE/ADMIN
deprovisioning.admin.group = $$deprovisioning.systemFolder$$:deprovisioningAdmins

# number of days in deproivisioning group.  Should be the amount of time for systems of record to catch up and
# for people to change external systems of record in manual processes
deprovisioning.defaultNumberOfDaysInDeprovisioningGroup = 14

#number of groups shown in the body of deprovisioning email
deprovisioning.email.group.count = 100

#deprovisioning reminder email subject
deprovisioning.reminder.email.subject = You have $groupCount$ groups that have suggested users to be deprovisioned

#deprovisioning reminder email body (links and groups are added dynamically)
deprovisioning.reminder.email.body = You need to review the memberships of the following groups.  Review the memberships of each group and click: More actions -> Deprovisioning -> Members of this group have been reviewed
deprovisioning.reminder.email.body.greaterThan100 = There are $remaining$ more groups to be reviewed.

Deprovisioning managers

Identify the deprovisioning managers and add them to the managers group.  e.g. if your grouper.rootStemForBuiltinObjects is "etc", and your deprovisioning realm is "employee", then the group would be:

...