This blog post was first published @ www.fedji.com, included here with permission.
For those interested to know how to configure Roles in ForgeRock OpenIDM, here’s my Christmas gift. A video at the end of this post will walk you through the installation of both ForgeRock OpenIDM and ForgeRock OpenDJ, configure the latter as an external resource in OpenIDM, performing reconciliation to bring in users from OpenDJ to OpenIDM. That’s not it, because all of that I’ve shown you earlier as well. Then, what’s more? Here it is:
So we go on and create Roles in OpenIDM, which has Managed Assignments that in turn has Attributes associated with an external resource (ForgeRock OpenDJ). So when a Role is assigned to a user in OpenIDM, based on the value of Attribute that is attached to the Role, the user will be subscribed to a group in the OpenDJ. If it sounds confusing,please don’t waste time reading it again, instead watch the video below, it’ll all be crystal clear.