I think these are two different kind of ideas or requirements.
Yes, you may leave the HR department out of the loop as far as IT is
concerned. But image this: The HR deparment “accidentially” changing the
mobile number of a user. Thus they will break the IT functionality.
After all, they are responsible for the authentication to work properly,
since they are responsible for assigning the right SMS token (a.k.a.
mobile number) to the users
The 2nd thought sill has the HR department responsible for
authentication but it is a technical nice idea having all users simply
have an SMS token.
But you can do this today by running a script using the REST API like
this:
- find all users without a token
- assign an SMS token to those users
Helping with such integrations and automations is one part of the
services the NetKNights provides.
https://netknights.it/en/leistungen/one-time-services/
Kind regards
CorneliusAm Dienstag, den 19.01.2016, 06:38 -0800 schrieb MKS:
All users personal info is stored in LDAP, it may or may not be
changed, but it’s good when this information stored in one central
place.
Also it’s better to keep HR persons away from IT systems, and if we
force them “to do their work twice” whey will be very unhappy. )
More over, I think it would be good to have one universal SMS token
for all users within realm (in additional to present SMS token
scheme), so all new users would be able to use SMS tokens immediately
after creation, without any actions from privacyIDEA admins side.
On Tuesday, January 19, 2016 at 3:30:41 PM UTC+2, Cornelius Kölbel wrote:
Why?
Do the mobile numbers of the users change so often?
Do you have so many users, so that you want the HR to handle
this?
In this case a HR employee could simply change the mobile
number and
reroute authentication to any other mobile phone.
I just want to understand your needs and intention.
Kind regards
Cornelius
Am Dienstag, den 19.01.2016, 04:26 -0800 schrieb MKS:
> On Tuesday, January 19, 2016 at 2:23:50 PM UTC+2, Cornelius Kölbel wrote:
>
> Do you mean you want the mobile phone number
dynamically to be
> looked up
> whenever an SMS is to sent?
>
> Yes, exactly.
>
>
> --
> You received this message because you are subscribed to the
Google
> Groups "privacyidea" group.
> To unsubscribe from this group and stop receiving emails
from it, send
> an email to privacyidea...@googlegroups.com.
> To post to this group, send email to
priva...@googlegroups.com.
> To view this discussion on the web visit
>
https://groups.google.com/d/msgid/privacyidea/be6c3663-fbe4-4d36-8816-98e23f859551%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.
--
Cornelius Kölbel
corneliu...@netknights.it
+49 151 2960 1417
NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798
Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel
–
You received this message because you are subscribed to the Google
Groups “privacyidea” group.
To unsubscribe from this group and stop receiving emails from it, send
an email to privacyidea+unsubscribe@googlegroups.com.
To post to this group, send email to privacyidea@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/privacyidea/b78e7d4c-9466-4f0b-b104-29f31085c1cf%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
–
Cornelius Kölbel
@cornelinux
+49 151 2960 1417
NetKnights GmbH
http://www.netknights.it
Landgraf-Karl-Str. 19, 34131 Kassel, Germany
Tel: +49 561 3166797, Fax: +49 561 3166798
Amtsgericht Kassel, HRB 16405
Geschäftsführer: Cornelius Kölbel
signature.asc (836 Bytes)