none
Authorization To View Details on FIM Portal

    Question

  • Hi Everyone,

    I have FIM 2010 R2 up and running in an environment under single domain e.g.

    xyzGroupIndia.com

    We have only one PeopleSoft datatable from where the information about the users and their companies is coming (there are multiple companies under the xyzGroup group)

    Now we want to authorized people to only access the information of the same company users.

    i.e. If my company Attribute in FIM Portal is ABC then I can only view User with ABC company Attributes

    

    Regards~
    Deepak Arora
    -------------------------------------
    If you Find the Answer | Article | Blog Helpful Please Vote As Helpful / Mark As Answer

    samedi 4 mai 2013 07:51

Toutes les réponses

  • You would need to configure Read MPRs for each company. Create a set of users in each company, and then create an MPR that grants users in that set rights to read the attributes you want of other objects in that set.

    My Book - Active Directory, 4th Edition
    My Blog - www.briandesmond.com

    dimanche 5 mai 2013 19:24
    Modérateur
  • Hi Deepak

    If you have huge number of companies and you cannot create MPRs for each company, Another simple way would be to

    Edit the 'All Users' Search Scope and

    Under the 'Search Definition' use the following 'Search Scope Filter'

              /Person[starts-with(Company,'%Attribute_Company%') and ends-with(Company,'%Attribute_Company%')]

    Reset IIS

    Now your users will only be able to see users from their company only.


    Regards Furqan Asghar

    lundi 6 mai 2013 07:08