.gitignore

+.directory
+build

.readthedocs.yaml

+# Read the Docs configuration file for Sphinx projects
+# See https://docs.readthedocs.io/en/stable/config-file/v2.html for details
+
+# Required
+version: 2
+
+# Set the OS, Python version and other tools you might need
+build:
+  os: ubuntu-22.04
+  tools:
+    python: "3.11"
+    # You can also specify other tool versions:
+    # nodejs: "20"
+    # rust: "1.70"
+    # golang: "1.20"
+
+# Build documentation in the "docs/" directory with Sphinx
+sphinx:
+  configuration: source/conf.py
+  # You can configure Sphinx to use a different builder, for instance use the dirhtml builder for simpler URLs
+  # builder: "dirhtml"
+  # Fail on all warnings to avoid broken references
+  # fail_on_warning: true
+
+# Optionally build your docs in additional formats such as PDF and ePub
+# formats:
+#    - pdf
+#    - epub
+
+# Optional but recommended, declare the Python requirements required
+# to build your documentation
+# See https://docs.readthedocs.io/en/stable/guides/reproducible-builds.html
+python:
+  install:
+    - requirements: source/requirements.txt

Changelog.md

+## %"FusionDirectory 1.5" - 2025-02-24
+
+### Added
+
+#### user-manual
+- user-manual#175 add the new fonctionnality to desactivate supann tab in supann plugin manual
+- user-manual#176 add new configuration for supann consent in the supann tab in the configuration backend
+- user-manual#177 add new configuration for supann etiquettes for mail and tel in the supann tab in the configuration backend
+- user-manual#219 [user-manual] - updates supann-ext documentation
+- user-manual#241 add the new configuration for the fusiondirectory configuration partage backend configuration
+- user-manual#248 [Tasks] - Explaination in details with screenshots of the new tabs life cycle and the incoming notifications
+- user-manual#258 explain to user how to register the plugin in each plugin installation section
+- user-manual#263 Migration note for 1.4 to 1.5
+- user-manual#271 The task explanation page should show the full task menu and then explain the different sections
+- user-manual#276 add a sectionn for the marketplace from the dev documentation
+
+### Changed
+
+#### user-manual
+- user-manual#253 update the logo with the new one
+- user-manual#265 Add new Authors to the Manual
+- user-manual#268 Update the readme.md
+- user-manual#269 remove the part that talk about stable dev and rewrite the fixes part
+- user-manual#274 make clear that FusionDirectory only support PHP 7.4 and that FusionDirectory Orchestrator start at PHP 7.4
+
+### Removed
+
+#### user-manual
+- user-manual#256 remove the bionic reference form the manual
+- user-manual#260 removing the old gpg singature from the manual
+- user-manual#261 remove the development gpg key
+- user-manual#262 change support link due to the new website
+- user-manual#275 remove the mention of iis in the manual
+
+### Fixed
+
+#### user-manual
+- user-manual#244 Change the core/main menu into the documentation to reflect the new FusionDirectory menu organisation
+- user-manual#249 Wrong command in "Check for deprecated attributes" section of migration guide from 1.3.-1 to 1.4
+- user-manual#251 remove the utilities repository from the documentation as tools is already containing everything
+- user-manual#254 Wrong url for orchestrator release
+- user-manual#259 Wrong commands in latest/fusiondirectory/plugins/ipam/
+- user-manual#264 Documentation for migration from 1.31 to 1.4 missing migrating mail-fd-conf.schema
+- user-manual#270 there is an error in the task mail explanation
+
+
+## %"FusionDirectory 1.4" - 2024-02-22
+
+### Added
+
+#### user-manual
+- user-manual#36 document the invitation plugin
+- user-manual#37 document the public-forms plugin
+- user-manual#47 document the supann 2018 cycle de vie in fusiondirectory
+- user-manual#67 Document placeholder %i%
+- user-manual#85 Documentation for modifier m is missing
+- user-manual#87 ACL documentation for new user filter and target filter
+- user-manual#100 document the use of %modifiedLdapAttrs%
+- user-manual#101 Document the way the triggers works
+- user-manual#103 document the new configurable lists
+- user-manual#108 explain that the filter on the attribute depend on the attribute visible on the object list
+- user-manual#111 document the ipam plugin
+- user-manual#112 document the base of the system plugin
+- user-manual#117 Document NextCloud plugin
+- user-manual#125 document the new dyngroup plugin
+- user-manual#126 put the documentation from the man page for fusiondirectory.conf into the official web documentation
+- user-manual#128 Document access to interfaces from webservice
+- user-manual#129 Document import of systems with interfaces data
+- user-manual#135 Document the archive plugin
+- user-manual#139 document the new modifier e
+- user-manual#142 we need to document the zimbra plugin
+- user-manual#143 Document limitation for huge number of values in LDAP fields
+- user-manual#144 Document parameter of "a" modifier
+- user-manual#146 document the new option for cas verbose
+- user-manual#147 Document subscriptions plugin
+- user-manual#162 tell user that they need to use the official freeradius schema for the fusiondirectory plugin
+- user-manual#169 Document supann France Connect support
+- user-manual#170 document the mailinblack plugin
+- user-manual#173 we need to document the function of the supann groups in the supann plugin
+- user-manual#187 Add an example for d modifier where we only use the year
+- user-manual#191 Add a note about inserting dyngroup.schema for dyngroup plugin
+- user-manual#192 Update supann list custom documentation
+- user-manual#204 [User-Manual] - Adds the new behaviour and updates existings entries related to fusiondirectory-tools
+- user-manual#207 Make page to migration 1.3.1 to 1.4
+- user-manual#213 we should add an entry of me nu on the left that show the webservice
+- user-manual#216 [User-Manual] 1.4 LDAP Numbering needs updates since FranceConnect new schema
+- user-manual#217 [User-manual] - FranceConnect - Adds to supann the new schema to be installed
+- user-manual#225 There is no mention of askme macro
+- user-manual#229 [Orchestrator] - Installation and configuration manual
+- user-manual#231 Add the task and mail template fonctionnality to the manual
+- user-manual#233 the fusiondirectory-schema-manager documentation doesn't show all possibilities
+- user-manual#236 one url is missing from the documentation on repositories
+- user-manual#237 add to the upgrade instruction to install all the new repositories
+
+### Changed
+
+#### user-manual
+- user-manual#104 hooks have been renamed triggers and have new options
+- user-manual#105 redo and update the configuration part of the user manual
+- user-manual#106 update audit plugin configuration
+- user-manual#107 update the invitations configuration
+- user-manual#109 update the supann plugin documentation
+- user-manual#110 the prerequisite talk about php 5.6 but its 7.x minimun in 1.4-dev
+- user-manual#114 reorganize index plugin
+- user-manual#179 we need to clarify how to install the subscription and remove reference to specific subscriptions
+- user-manual#182 the minimal version of php for 1.4 has been changed this has to be reflected into the manual
+- user-manual#185 Update the documentation for ldapmanager
+- user-manual#195 update the prerequisite for fusiondirectory 1.4
+- user-manual#205 Rename the docs renater-partage docs
+- user-manual#215 change the install method for fusondirectory 1.4
+- user-manual#212 FusionDirectory should recommand at least 512MB ram
+- user-manual#242 change the wording for the professional support and urls
+
+### Removed
+
+#### user-manual
+- user-manual#113 remove squid plugin from 1.4 documentation
+- user-manual#211 there is no perl needed anymore
+- user-manual#227 Correct contact us in the documentation
+- user-manual#228 Remove we recommend to use the most recent php version as we are fixed on certains versions
+- user-manual#243 remove the dashboard part as is no longer in FusionDirectory
+
+### Fixed
+
+#### user-manual
+- user-manual#123 the name of the schema have changed since supann 2018
+- user-manual#189 Documentation for version 1.3 and 1.4 mention Debian Stretch repositories
+- user-manual#210 [Webauthn] - Fixes typos in documentation
+- user-manual#218 Change --install-schema to --insert-schema
+- user-manual#220 [user-manual] - Issue related to the configuration of the zimbra plugin
+- user-manual#222 There is a typo in the repository for 1.4 its tell buster when it should tell bullseye
+- user-manual#226 [user-manual] missing instructions for inserting core schemas for FusionDirectory
+
+## %"FusionDirectory 1.3.1" - 2023-06-23
+
+### Added
+
+#### user-manual
+- user-manual#1 add the code of conduct
+- user-manual#27 Add a faq section
+- user-manual#30 add a contribute section
+- user-manual#44 Document the acls of FusionDirectory
+- user-manual#48 Migration of Audit Plugin
+- user-manual#49 Migration of Alias plugin
+- user-manual#50 Migration of Applications plugin
+- user-manual#51 Migration of Autofs plugin
+- user-manual#52 Migration of Certificates plugin
+- user-manual#53 Migration of Cyrus plugin
+- user-manual#54 Migration of Dovecot plugin
+- user-manual#56 Migration of DSA plugin
+- user-manual#57 Migration of gpg plugin
+- user-manual#58 Migration of Ipmi plugin
+- user-manual#59 Migration of LDAP Dump plugin
+- user-manual#60 Migration of LDAP Manager plugin
+- user-manual#61 Migration of Personal plugin
+- user-manual#62 Migration of Renater Partage plugin
+- user-manual#63 Migration of user-reminder plugin
+- user-manual#64 Migration of Weblink plugin
+- user-manual#65 Migration of Webservice plugin
+- user-manual#66 Migration of Community plugin
+- user-manual#68 Migration of EJBCA plugin
+- user-manual#69 Migration of Newsletter plugin
+- user-manual#70 Migration of Pureftpd plugin
+- user-manual#71 Migration of Sogo plugin
+- user-manual#72 Migration of Squid plugin
+- user-manual#73 Migration of subcontracting plugin
+- user-manual#74 Migration of SSH plugin
+- user-manual#75 Migration of developers plugin
+- user-manual#76 Migration  of Mail plugin
+- user-manual#77 Create release note for 1.3.1
+- user-manual#79 Ticket for password recovery migration
+- user-manual#80 document the usage of template
+- user-manual#83 migrate the hooks explanation into the documentation
+- user-manual#84 code of conduct
+- user-manual#86 specify that the epoch parameter is mandatory when using data macros on unix tab (posix)
+- user-manual#93 add release policy to the user manual
+- user-manual#94 add the Distribution and PHP support Policy
+- user-manual#97 Document CN pattern for SupAnn
+- user-manual#118 write a section inside the fusiondrectory manual for schema2ldif
+- user-manual#127 put the documentation from the man page of fusiondirectory-setup into the main user web documentation
+- user-manual#130 document which attributes are propaged by the partage renater plugin
+- user-manual#136 document the argonaut-clean-audit part in the argonaut manual
+- user-manual#150 add the documentation for the subscriptions into the repository and how to configure it in fusiondirectory
+- user-manual#156 add a reference to the subscription repository into install fusiondirectory on debian / centos
+- user-manual#157 add a section on how to get the gpg public key from the public server
+- user-manual#159 we need to document the the description and install part for all plugin
+- user-manual#161 document the dns plugin
+- user-manual#172 we need to add a mention to the documentation for the ppolicy plugin in openldap documentation
+- user-manual#174 A lot of schema path are wrong
+- user-manual#199 put the fusiondirectory.conf manpage in the official documentation
+
+### Changed
+
+#### user-manual
+- user-manual#78 split configuration explanation in his own directory
+- user-manual#82 simplify the user documentation
+- user-manual#90 urls for professional suuport are wrong in the user manual
+- user-manual#119 rearange manual to be able to merge schema2ldif and argonaut inside the manual
+- user-manual#122 put the page form certified-distributions of the official website in place of  Linux Distribution & PHP support
+- user-manual#131 merge the argonaut manual into the global manual
+- user-manual#151 merge the maximu of differences between 1.3 and 1.4 to ease the cherry pick
+- user-manual#152 Change the gpg key into the manual
+- user-manual#153 change the repository for install from repos to public
+- user-manual#193 clarify the php version supported for FusionDirectory 1.3.x
+- user-manual#194 update the certified distribution matrix
+- user-manual#202 update the documentation for 1.3.1
+- user-manual#234 add the for bullseye you should use buster repository in 13.1
+
+### Deprecated
+
+#### user-manual
+- user-manual#154 move the non supported version 1.2.x to the non suppoerted version part of the documentation
+
+### Removed
+
+#### user-manual
+- user-manual#137 remove all reference to arch linux into the documentation
+- user-manual#138 remove centos 8 from the certified distributions
+- user-manual#148 remove centos 6 from the documentation
+- user-manual#149 remove jessie instructions from the manual
+
+### Fixed
+
+#### user-manual
+- user-manual#91 remove all reference to opensides in the user manual
+- user-manual#92 correct twitter link in contact us
+- user-manual#95 Correct the image include for folder and such in supann plugin
+- user-manual#102 Fix build errors for user-manual for 1.3 version
+- user-manual#124 there is a spelling error in the applications plugins manual in the schema section
+- user-manual#145 url for the old webservice based on jsonrpc is wrong in the manual
+- user-manual#178 replace freenode by libera
+- user-manual#184 FD upgrade : updating fd-core schema not mentioned in the doc
+
+

README.md

-### FusionDirectory User Manual
+### FusionDirectory User Manual
\ No newline at end of file
+
+
+This is the FusionDirectory user documentation
+
+This source is compiled to give the [FusionDirectory User Manual][fusionDirectory-user-manual]
+
+## Get help
+
+### Community support
+
+There are a couple of ways you can try [to get help][get help].
+
+### Professional support
+
+Professional support is provided through of subscription.
+
+* [FusionDirectory Subscription][subscription-fusiondirectory] : Global subscription for FusionDirectory 
+
+The subscription provides access to FusionDirectory's enterprise repository, tested and pre-packaged versions with patches between versions, 
+providing reliable software updates and security enhancements, as well as technical help and support.
+
+Choose the plan that's right for you. Our subscriptions are flexible and scalable according to your needs
+
+The subscription period is one year from the date of purchase and provides you with access to the extensive infrastructure of enterprise-class software and services.
+
+### Best practice badge
+
+[![CII Best Practices](https://bestpractices.coreinfrastructure.org/projects/351/badge)](https://bestpractices.coreinfrastructure.org/projects/351)
+  
+## Crowfunding
+
+If you like us and want to send us a small contribution, you can use the following crowdfunding services
+
+* [donate-liberapay]
+
+* [donate-kofi]
+
+* [donate-github]
+  
+## License
+
+[FusionDirectory][FusionDirectory] is  [GPL 2 License](COPYING).
+
+[FusionDirectory]: https://www.fusiondirectory.org/
+
+[fusionDirectory-user-manual]: https://fusiondirectory-user-manual.readthedocs.io/en/dev/fusiondirectory/index.html
+
+[get help]: https://fusiondirectory-user-manual.readthedocs.io/en/latest/support/index.html
+
+[subscription-fusiondirectory]: https://www.fusiondirectory.org/en/iam-tool-service-subscriptions/
+
+[register]: https://register.fusiondirectory.org
+
+[donate-liberapay]: https://liberapay.com/fusiondirectory/donate
+
+[donate-kofi]: https://ko-fi.com/fusiondirectory
+
+[donate-github]: https://github.com/fusiondirectory

source/conf.py

@@ -53,17 +53,17 @@ master_doc = 'index'
 
 # General information about the project.
 project = u'FusionDirectory User Manual'
-copyright = u'2017, Benoit Mortier Paola Penati'
-author = u'Benoit Mortier Paola Penati'
+copyright = u'2017-2024, FusionDirectory'
+author = u'Benoit Mortier Paola Penati Jonathan Swaelens Thibault Dockx'
 
 # The version info for the project you're documenting, acts as replacement for
 # |version| and |release|, also used in various other places throughout the
 # built documents.
 #
 # The short X.Y version.
-version = u'1.4'
+version = u'dev'
 # The full version, including alpha/beta/rc tags.
-release = u'1.4'
+release = u'dev'
 
 # The language for content autogenerated by Sphinx. Refer to documentation
 # for a list of supported languages.
@@ -264,7 +264,7 @@ latex_elements = {
 #  author, documentclass [howto, manual, or own class]).
 latex_documents = [
     (master_doc, 'FusionDirectoryUserManual.tex', u'FusionDirectory User Manual Documentation',
-     u'Benoit Mortier Paola Penati', 'manual'),
+     u'Benoit Mortier Paola Penati Jonathan Swaelens Thibault Dockx', 'manual'),
 ]
 
 # The name of an image file (relative to this directory) to place at the top of

source/contact/contact.rst

@@ -5,9 +5,9 @@ Contact Us
 We are also contactable on:
 
 * Mailing list: `<https://lists.fusiondirectory.org/wws/lists>`__
-* IRC: #fusiondirectory on irc.libera.chat `<irc://irc.libera.chat/fusiondirectory>`__
 
 Follow Us
 
-* On twitter: https://twitter.com/fusiondirectory
 * On linkedin: https://www.linkedin.com/company/fusiondirectory
+* on Mastodon: @fusiondirectory@pouet.chapril.org
+

source/fusiondirectory-marketplace/index.rst

+FusionDirectory Marketplace
+===========================
+
+The FusionDirectory marketplace is the best way to find new plugins for FusionDirectory. 
+
+.. image:: /_static/images/marketplace/marketplace-index.png
+
+Looking at a plugin 
+
+.. image:: /_static/images/marketplace/marketplace-show-plugin.png 
+
+
+

source/fusiondirectory-orchestrator/configuration/configuration.rst

+Configuration
+-------------
+
+| Orchestrator requires a one file to be configured properly.
+
+Configuration file
+""""""""""""""""""
+.. note::
+	The editable file is located at **/etc/fusiondirectory-orchestrator/orchestrator.conf**
+
+[LDAP settings]
+^^^^^^^^^^^^^^^
+.. code-block:: shell
+	
+  FD_LDAP_MASTER_URL="ldaps://ldap.fusiondirectory.org"
+
+Required in order to connect to the proper host.
+FQDN or IP must be provided with ldap(s) to secure the connection.
+
+.. code-block:: shell
+
+  LDAP_BASE="dc=fusiondirectory,dc=org"
+
+Required to operate with ldap libraries.
+
+.. code-block:: shell
+	
+  LDAP_ADMIN="cn=admin,dc=fusiondirectory,dc=org"
+
+Required by LDAP in order to use the proper privileges.
+
+.. code-block:: shell
+	
+  LDAP_PWD="ldap_pwd"
+
+Required password to authenticate LDAP
+
+.. code-block:: shell
+	
+  LDAP_OU_DSA="ou=dsa,dc=fusiondirectory,dc=org"
+
+Required to ease the research of the branch DSA by endpoints.
+
+[JWT token settings]
+^^^^^^^^^^^^^^^^^^^^
+
+.. code-block:: shell
+	
+  #SECRET_KEY can be generated via a 256 bit Wep key generator such as 
+	#https://allkeysgenerator.com/
+	SECRET_KEY="256 bit key"
+
+Required to secure and validate the generation of access and refresh tokens.
+
+.. code-block:: shell
+
+	TOKEN_EXPIRY="300"
+
+Required to limit the availability of an issued token. In seconds.
+
+.. code-block:: shell
+
+	REFRESH_EXPIRY="432000"
+
+Required to limit the availability of an issued refresh token. In seconds.
+
+[SMTP server settings]
+^^^^^^^^^^^^^^^^^^^^^^
+.. code-block:: shell
+
+  MAIL_AUTH="TRUE/FALSE"
+
+If authentication is required, the following settings will be applied.
+Note that some mail servers, such as relay servers, may not require authentication.
+
+.. code-block:: shell
+	
+  MAIL_USER="mail_user"
+
+The login ID to authenticate to the specified SMTP server.
+
+.. code-block:: shell
+	
+  MAIL_PASS="mail_pwd"
+
+The password used for above authentication.
+
+.. code-block:: shell
+	
+  MAIL_HOST="fqdn or IP"
+
+The SMTP server domain name or IP.
+
+.. code-block:: shell
+
+  MAIL_SEC_VERIFY="TRUE/FALSE"
+
+This setting determines whether to accept all types of certificates,
+including self-signed certificates, if necessary.
+
+.. code-block:: shell
+	
+  MAIL_SEC="TLS/SSL"
+
+The required secure methode. "TLS" can be used for "STARTLS".
+Please note the importance of lowercase in 'ssl' or 'tls'.
+
+.. code-block:: shell
+	
+  MAIL_PORT="SMTP port number"
+
+The TCP/UDP port number of the SMTP server.(Example: SSL 465 / TLS 586).
+
+[DSA Login Information]
+^^^^^^^^^^^^^^^^^^^^^^^
+.. code-block:: shell
+
+  DSA_LOGIN="DSA Login Name"
+  DSA_PASS="DSA Password"
+
+The DSA login that should be used to interact with LDAP.
+
+.. code-block:: shell
+
+  ORCHESTRATOR_API_URL="https://orchestrator.fusiondirectory.org"
+
+The REST API URL in HTTP(s). Required by the fd-orchestrator-client.
+
+[WEB Service FusionDirectory]
+^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
+.. code-block:: shell
+
+  FUSION_DIRECTORY_API_URL="https://fd.fusiondirectory.org/rest.php/v1"
+  WEB_LOGIN="weblogin_username"
+  WEB_PASS="weblogin_password"
+
+Information related to the webservice of fusiondirectory. This is required for fusiondirectory-orchestrator
+to activate specific actions within FusionDirectory WEB.
+
+
+.. Note::
+
+  | Orchestrator is highly depending on the URL rewriting mechanism of the web server.
+  | In case of Apache2 ".htaccess" files are responsible for that logic.
+
+  | Although informative, there should not be any value of modifying the contents of those files.
+  | The goal is to redirect any call on URI to the main index file located in API directory. 

source/fusiondirectory-orchestrator/endpoints/archive.rst

+Archive task execution
+======================
+
+.. _archive-task-execution-label:
+
+Once the task is configured, execute it using the **orchestrator-client** tool. You have two execution options:
+
+.. code-block:: bash
+
+   fusiondirectory-orchestrator-client --archive
+
+.. note::
+   **Recommendation** automate this process within a CRON job.
+
+.. note::
+  Add the ``--verbose`` flag to the command for detailed output during execution.
+
+
+.. note::
+    The logs are stored by default at the following location:
+
+    ``/var/log/orchestrator/orchestrator.log``
\ No newline at end of file

source/fusiondirectory-orchestrator/endpoints/audit.rst

+Audit Task Execution
+====================
+
+.. _audit-task-execution-label:
+
+Once the task is configured, execute it using the **orchestrator-client** tool. You have two execution options:
+
+1. **Standard Audit Deletion**:
+   - Removes audit logs older than the configured retention period.
+   - Example:
+
+     .. code-block:: bash
+
+        fusiondirectory-orchestrator-client --audit
+
+2. **Syslog Transformation**:
+   - Transforms audit logs into syslog format and appends them to a daily syslog file.
+   - Example:
+
+     .. code-block:: bash
+
+        fusiondirectory-orchestrator-client --audit syslog
+
+.. note::
+   **Recommendation** automate this process within a CRON job.
+
+.. note::
+   Add the ``--verbose`` flag to the command for detailed output during execution.
+
+.. note::
+   The syslogs are stored at the following location:
+
+   ``/var/log/fusiondirectory/``
+

source/fusiondirectory-orchestrator/endpoints/automatic-groups.rst

+Automatic Groups Task Execution
+===============================
+
+.. _automatic-groups-task-execution-label:
+
+Once the automatic groups task is configured in FusionDirectory, execute it using the **fusiondirectory-orchestrator-client** tool:
+
+.. code-block:: bash
+
+   fusiondirectory-orchestrator-client --automatic-groups
+
+.. note::
+   **Recommendation**: Automate this process within a CRON job to ensure group memberships are regularly updated.
+
+.. note::
+   Add the ``--verbose`` flag to the command for detailed output during execution.
+
+Task Types
+----------
+
+The automatic groups task supports two operating modes:
+
+1. **Standard Group Assignment**: Adds or removes users from an existing group based on their Supann resource state criteria
+2. **Dynamic Group Creation**: Creates a dynamic group with a memberURL filter matching the specified Supann resource state
+
+How It Works
+------------
+
+Standard Group Assignment
+^^^^^^^^^^^^^^^^^^^^^^^^^
+
+When the standard automatic groups task executes:
+
+1. The system identifies all users specified in the task configuration (either directly or through group membership)
+2. For each user, it checks their Supann resource state against the criteria defined in the task
+3. Users who match the criteria are added to the target group
+4. Users who no longer match the criteria are removed from the target group
+
+This ensures that group memberships remain synchronized with the current state of users in your directory.
+
+Dynamic Group Creation
+^^^^^^^^^^^^^^^^^^^^^^
+
+When the dynamic group creation task executes:
+
+1. The system generates a dynamic group name based on the resource, state, and optional substate
+2. It builds an LDAP URL with a filter for the specified Supann resource state criteria
+3. It creates a new dynamic group with the generated name and LDAP URL filter
+4. If a group with the same name already exists, the task succeeds without modifying the existing group
+
+The resulting dynamic group will automatically include all users whose Supann resource state matches the specified criteria, using LDAP's dynamic membership capabilities.
+
+Examples
+--------
+
+Standard Group Assignment
+^^^^^^^^^^^^^^^^^^^^^^^^^
+
+.. code-block:: bash
+
+   fusiondirectory-orchestrator-client --automatic-groups
+
+Dynamic Group Creation
+^^^^^^^^^^^^^^^^^^^^^^
+
+.. code-block:: bash
+
+   fusiondirectory-orchestrator-client --automatic-groups dynamic-group
+
+With Verbose Output
+^^^^^^^^^^^^^^^^^^^
+
+.. code-block:: bash
+
+   fusiondirectory-orchestrator-client --automatic-groups --verbose
+   fusiondirectory-orchestrator-client --automatic-groups dynamic-group --verbose
+
+Dynamic Group Structure
+-----------------------
+
+Dynamic groups created by this task have the following structure:
+
+- **Name Pattern**: dynamic-{resource}-{state}[-{substate}] (always lowercase)
+- **LDAP URL**: ldap:///ou=people,{base_dn}??one?(supannRessourceEtat={resource}{state}[:substate])
+
+For example, a dynamic group for resource "COMPTE" with state "A" would be:
+- Name: dynamic-compte-a
+- LDAP URL: ldap:///ou=people,dc=example,dc=com??one?(supannRessourceEtat={COMPTE}A)
\ No newline at end of file

source/fusiondirectory-orchestrator/endpoints/description.rst

+Description
+===========
+
+FusionDirectory Orchestrator provides a primary endpoint, referred to as **tasks**, which accepts multiple arguments for execution.
+New task objects can be added as plugins and invoked as arguments to this endpoint.
+
+.. note::
+   The **tasks** endpoint is accessible via **https://your_fqdn/api/tasks/**.
+
+Arguments
+---------
+
+The **tasks** endpoint supports multiple arguments. Below is a list of the officially supported arguments:
+
+.. note::
+   Each official plugin within **tasks** can be passed as an argument to the **tasks** endpoint. Additionally, a client is available within **FusionDirectory-Tools** to simplify interactions.
+
+- **login**
+   This endpoint facilitates authentication and provides the access and refresh tokens required for further communication with subsequent endpoints.
+
+- **tasks/mail**
+   Invoking this endpoint triggers the execution of mail task objects defined within **FusionDirectory**.
+   It processes the results from the mail server and reports the status to the associated tasks.
+
+- **tasks/lifeCycle**
+   This endpoint executes lifecycle task objects defined within **FusionDirectory**. Based on task configuration, it evaluates whether a specified Supann resource has reached expiration and performs actions accordingly.
+
+- **tasks/activateCyclicTasks**
+   Activates all repetitive tasks based on their defined recurrence schedules.
+
+- **tasks/removeSubTasks**
+   Removes all sub-tasks marked as completed.
+   All sub-tasks status can be seen within FusionDirectory dashboard.
+
+- **tasks/reminder**
+   Executes reminder task objects and sends emails to specified groups or individuals. Based on configuration, it can generate tokens for potential account extensions.
+
+- **tasks/notifications**
+   Triggers the execution of notification task objects. Any changes to the supplied attributes result in email notifications being sent to the designated individuals or groups.
+
+- **tasks/audit**
+   This endpoint allows for the deletion of historical audit logs based on a retention period specified in the task configuration within **FusionDirectory**.

source/fusiondirectory-orchestrator/endpoints/extractor.rst

+Extractor Task Execution
+========================
+
+.. _extractor-task-execution-label:
+
+Once the task is configured, execute it using the **fusiondirectory-orchestrator-client** tool. You have two execution options:
+
+.. code-block:: bash
+
+   fusiondirectory-orchestrator-client --extract
+
+.. note::
+   **Recommendation** automate this process within a CRON job.
+
+.. note::
+   Add the ``--verbose`` flag to the command for detailed output during execution.
+
+.. note::
+   The logs are stored by default at the following location:
+
+   ``/srv/orchestrator/``
+
+.. note::
+   You can specify a custom path for the extracted files by adding a directory path to the ``--extract`` option. For example:
+
+   .. code-block:: bash
+
+      fusiondirectory-orchestrator-client --extract /var/log/
+
+   This will save the generated files in the specified directory instead of the default location.
+
+File Naming Format
+------------------
+
+The generated files follow a specific naming convention to ensure clarity and avoid duplication:
+
+``NameOfTheTask-date+hour.format``
+
+- **NameOfTheTask**: The name you assigned to the task.
+- **date**: The current date in `YYYYMMDD` format (e.g., `20250407` for April 7, 2025).
+- **hour**: The hour of execution in `HH` format (e.g., `14` for 2 PM).
+- **format**: The output format, such as `csv`.
+
+For example, a task named `UserExport` executed on April 7, 2025, at 2 PM will generate a file named:
+
+``UserExport-20250407-14.csv``
\ No newline at end of file

source/fusiondirectory-orchestrator/endpoints/index.rst

+Endpoints
+=========
+
+.. toctree::
+   :maxdepth: 2
+
+   description.rst
+   lifecycle.rst
+   notifications.rst
+   userreminder.rst
+   audit.rst
+   mails.rst
+   archive.rst
+   extractor.rst
+   automatic-groups.rst
\ No newline at end of file

source/fusiondirectory-orchestrator/endpoints/lifecycle.rst

+Life cycle Task Execution
+==========================
+
+.. _lifecycle-task-execution-label:
+
+Once the task is configured, execute it using the **orchestrator-client** tool. You have two execution options:
+
+.. code-block:: bash
+
+   fusiondirectory-orchestrator-client --lifecycle
+
+.. note::
+   **Recommendation** automate this process within a CRON job.
+
+.. note::
+  Add the ``--verbose`` flag to the command for detailed output during execution.
+
+
+.. note::
+    The logs are stored by default at the following location:
+
+    ``/var/log/orchestrator/orchestrator.log``
+

source/fusiondirectory-orchestrator/endpoints/mails.rst

+Mail Task Execution
+===================
+
+.. _mail-task-execution-label:
+
+Once the task is configured, execute it using the **orchestrator-client** tool. You have two execution options:
+
+.. code-block:: bash
+
+   fusiondirectory-orchestrator-client --emails
+
+.. note::
+   **Recommendation** automate this process within a CRON job.
+
+.. note::
+  Add the ``--verbose`` flag to the command for detailed output during execution.
+
+
+.. note::
+    The logs are stored by default at the following location:
+
+    ``/var/log/orchestrator/orchestrator.log``
+

source/fusiondirectory-orchestrator/endpoints/notifications.rst

+Notifications Task Execution
+============================
+
+.. _notifications-task-execution-label:
+
+Once the task is configured, execute it using the **orchestrator-client** tool. You have two execution options:
+
+.. code-block:: bash
+
+   fusiondirectory-orchestrator-client --notifications
+
+.. note::
+   **Recommendation** automate this process within a CRON job.
+
+.. note::
+  Add the ``--verbose`` flag to the command for detailed output during execution.
+
+
+.. note::
+    The logs are stored by default at the following location:
+
+    ``/var/log/orchestrator/orchestrator.log``
+