grouper-dev - Re: [grouper-dev] grouperdemo ldap
Subject: Grouper Developers Forum
List archive
- From: Tom Zeller <>
- To: Chris Hyzer <>
- Cc: Grouper Dev <>
- Subject: Re: [grouper-dev] grouperdemo ldap
- Date: Wed, 30 Mar 2011 16:49:09 -0500
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:sender:in-reply-to:references:from:date :x-google-sender-auth:message-id:subject:to:cc:content-type :content-transfer-encoding; b=dHILX2dmh7mAAqMGhAQ1f50QbftbHlPKUoQMVnLx7sOK3oVDxtej1znJ5hsv5o0Jn0 9mmOKTLulXCuhyzYXKlzIsZEVRunhKulWb8sT3riU1piAlAwm5k5KY3mFPs80HRQ8p75 8ZQCVLicdq9buqfqXFMtN2IaFRlDCIh6TS2MM=
Well, I think we should have one OpenLDAP installation, for ease of
upgrading binaries, and running on one port (636) for simplicity.
I just checked, and the memberOf and refint overlays can be configured
on different ldap suffixes.
On Wed, Mar 30, 2011 at 4:25 PM, Chris Hyzer
<>
wrote:
> Great... right now each version of Grouper on the demo server is
> completely independent... I mean, things have their own tomcat, their own
> symlink to java. They share a mysql DB, but inside, they have their own
> schema which doesn't overlap. So, if running in one ldap means things are
> shared across versions of grouper, and it is easy to have multiple, then
> lets install a few and use multiple so a future change doesn't negatively
> affect older versions on the server, right? I guess the only thing we
> aren't sure about is the web interface to ldap... so before we know
> otherwise, we can assume it is easy to support multiple ldap servers... :)
>
> Thanks,
> Chris
>
> -----Original Message-----
> From:
>
>
> [mailto:]
> On Behalf Of Tom Zeller
> Sent: Wednesday, March 30, 2011 4:41 PM
> To: Grouper Dev
> Subject: [grouper-dev] grouperdemo ldap
>
> After changing my mind several times, the I2 SAs installed OpenLDAP in
> a few minutes :-)
>
> I think we should decide how we want to provision the DIT.
>
> People objects could be in ou=people, with passwords for ldaps or
> https authentication.
>
> ou=people,dc=grouper,dc=edu
> cn=mchyzer
> cn=tbarton
> ...
>
> Groups could be in versioned dc's :
>
> ou=groups,dc=1.6.3,dc=grouper,dc=edu
> ou=groups,dc=1.7.0,dc=grouper,dc=edu
> ...
>
> It might be wise to run more than one instance of OpenLDAP on
> different ports, for example with referential integrity and memberOf
> overlays, or not.
>
> Thoughts ? (besides what took so long)
>
- [grouper-dev] grouperdemo ldap, Tom Zeller, 03/30/2011
- RE: [grouper-dev] grouperdemo ldap, Chris Hyzer, 03/30/2011
- Re: [grouper-dev] grouperdemo ldap, Tom Zeller, 03/30/2011
- RE: [grouper-dev] grouperdemo ldap, Chris Hyzer, 03/30/2011
- Re: [grouper-dev] grouperdemo ldap, Tom Zeller, 03/30/2011
- RE: [grouper-dev] grouperdemo ldap, Chris Hyzer, 03/30/2011
- Re: [grouper-dev] grouperdemo ldap, Tom Zeller (tzeller), 03/31/2011
- RE: [grouper-dev] grouperdemo ldap, Chris Hyzer, 03/30/2011
- Re: [grouper-dev] grouperdemo ldap, Tom Zeller, 03/30/2011
- RE: [grouper-dev] grouperdemo ldap, Chris Hyzer, 03/30/2011
- Re: [grouper-dev] grouperdemo ldap, Tom Zeller, 03/30/2011
- RE: [grouper-dev] grouperdemo ldap, Chris Hyzer, 03/30/2011
Archive powered by MHonArc 2.6.16.