Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Feature request: System role mapping #1174

Open
kkiiskin opened this issue Dec 5, 2019 · 6 comments
Open

Feature request: System role mapping #1174

kkiiskin opened this issue Dec 5, 2019 · 6 comments
Assignees
@audrieMSFT
Labels
Feature - user sync Issue type - enhancement request New feature being requested outside of original scope. Plugin - local_o365 Status - queued / not yet started The request is clear, but the work has yet to be scheduled.

Comments

@kkiiskin
Copy link

kkiiskin commented Dec 5, 2019

In LDAP plugin settings there is a possibility to map certain LDAP contexts to system roles like Manager and Course Creator.

Could this be implemented in Azure AD integration too? For example based on O365 groups or user attributes.
@swinster swinster mentioned this issue Dec 11, 2019
Closed
@tmuras tmuras added the Issue type - enhancement request New feature being requested outside of original scope. label Jan 16, 2020
@kkiiskin
Copy link
Author

Any comment or progress on this?

Like I mentioned, it is a standard feature in LDAP authetication, so when transfering from LDAP->OIDC, you lose an important functionality that people are used to.

@tekhnee
Copy link

tekhnee commented Dec 25, 2020
edited
Loading

This is a solid request — but why limit it to LDAP databases? It would make sense to map a moodle_role OIDC attribute, regardless of the location of the user database (LDAP, KeyCloak, etc.).

@weilai-irl weilai-irl added Feature - user sync Status - queued / not yet started The request is clear, but the work has yet to be scheduled. labels Jul 28, 2021
@kkiiskin
Copy link
Author

Hi @audrieMSFT

I see you have been assigned to this, do you think there will be progress? :)

@weilai-irl
Copy link
Collaborator

Hi @kkiiskin,

I can understand how LDAP does it - all manager or course creator users can be put into separate contexts. How do you have it done in your case? Are they put into different groups? In that case, is the request to assign system context roles to users from configured groups?

Regards,
Lai

@kkiiskin
Copy link
Author

Hi @weilai-irl

having managers/course creators in specified M365 group would propably be the most convenient way, yes.

@weilai-irl weilai-irl mentioned this issue May 23, 2022
Open
@rodrigolangella
Copy link

1 more vote to this.

Having to assign roles manually is not ideal.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@audrieMSFT audrieMSFT

Labels
Feature - user sync Issue type - enhancement request New feature being requested outside of original scope. Plugin - local_o365 Status - queued / not yet started The request is clear, but the work has yet to be scheduled.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
7 participants
@tekhnee @tmuras @weilai-irl @nenorojas @kkiiskin @audrieMSFT @rodrigolangella