grouper-dev - some improvements to ldappc for 1.5.0
Subject: Grouper Developers Forum
List archive
- From: Tom Zeller <>
- To: Grouper Dev <>
- Subject: some improvements to ldappc for 1.5.0
- Date: Tue, 13 Oct 2009 16:56:41 -0500
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:sender:from:date:x-google-sender-auth:message-id :subject:to:content-type; b=gGLGFiAbth8k9Ow20CMGR36ktFh7qNbYJ69AxT83eVIkTA4Zkdzagp5zzNLhAaDRvM +tewl0GsKN/qAvqx2EgK9LPhbWDjIP/AsodvYqpjUcrTip5yedo8FsYK/snbP3niTgXJ x7wBHn0NuKIXqVrVWOcQUy5V3H7SvRtBf9Oaw=
The "stable" version of ldappc (not the experimental version which
uses shibboleth and spml) now supports a couple of new options.
The -calc|--calculate <file> option will calculate how a target ldap
directory should be provisioned and will write the corresponding ldif
to a file.
The -n|--dry-run <file> option will write provisioning changes as ldif
to a file, without actually executing those changes.
1.5.0 includes a variety of end-to-end tests that did not exist
before, including testing against Active Directory, OpenLDAP, RedHat,
and ApacheDS. (I should probably test against Sun DS but just haven't
done that yet).
It is also possible to replace macros in the configuration file
(ldappc.xml) with values from the properties file (ldappc.properties).
There are a couple of outstanding issues which I I'd like to resolve for
1.5.0 :
- how to provision the Active Directory "pre-Windows 200 logon name"
aka sAMAccountName without colons (or just let AD handle it for you)
- ldappc must be run twice to correctly provision groups who have
other groups as members
TomZ
- some improvements to ldappc for 1.5.0, Tom Zeller, 10/13/2009
Archive powered by MHonArc 2.6.16.