grouper-dev - RE: [grouper-dev] grouperdemo ldap
Subject: Grouper Developers Forum
List archive
- From: Chris Hyzer <>
- To: Tom Zeller <>
- Cc: Grouper Dev <>
- Subject: RE: [grouper-dev] grouperdemo ldap
- Date: Wed, 30 Mar 2011 18:08:43 -0400
- Accept-language: en-US
- Acceptlanguage: en-US
Are you saying the people will be in distinct places per version?
i.e. something like:
ou=people,dc=2.0.0,dc=grouper,dc=edu
cn=mchyzer
cn=tbarton
Thanks,
Chris
-----Original Message-----
From:
[mailto:]
On Behalf Of Tom Zeller
Sent: Wednesday, March 30, 2011 5:49 PM
To: Chris Hyzer
Cc: Grouper Dev
Subject: Re: [grouper-dev] grouperdemo ldap
Well, I think we should have one OpenLDAP installation, for ease of
upgrading binaries, and running on one port (636) for simplicity.
I just checked, and the memberOf and refint overlays can be configured
on different ldap suffixes.
On Wed, Mar 30, 2011 at 4:25 PM, Chris Hyzer
<>
wrote:
> Great... right now each version of Grouper on the demo server is
> completely independent... I mean, things have their own tomcat, their own
> symlink to java. They share a mysql DB, but inside, they have their own
> schema which doesn't overlap. So, if running in one ldap means things are
> shared across versions of grouper, and it is easy to have multiple, then
> lets install a few and use multiple so a future change doesn't negatively
> affect older versions on the server, right? I guess the only thing we
> aren't sure about is the web interface to ldap... so before we know
> otherwise, we can assume it is easy to support multiple ldap servers... :)
>
> Thanks,
> Chris
>
> -----Original Message-----
> From:
>
>
> [mailto:]
> On Behalf Of Tom Zeller
> Sent: Wednesday, March 30, 2011 4:41 PM
> To: Grouper Dev
> Subject: [grouper-dev] grouperdemo ldap
>
> After changing my mind several times, the I2 SAs installed OpenLDAP in
> a few minutes :-)
>
> I think we should decide how we want to provision the DIT.
>
> People objects could be in ou=people, with passwords for ldaps or
> https authentication.
>
> ou=people,dc=grouper,dc=edu
> cn=mchyzer
> cn=tbarton
> ...
>
> Groups could be in versioned dc's :
>
> ou=groups,dc=1.6.3,dc=grouper,dc=edu
> ou=groups,dc=1.7.0,dc=grouper,dc=edu
> ...
>
> It might be wise to run more than one instance of OpenLDAP on
> different ports, for example with referential integrity and memberOf
> overlays, or not.
>
> Thoughts ? (besides what took so long)
>
- [grouper-dev] grouperdemo ldap, Tom Zeller, 03/30/2011
- RE: [grouper-dev] grouperdemo ldap, Chris Hyzer, 03/30/2011
- Re: [grouper-dev] grouperdemo ldap, Tom Zeller, 03/30/2011
- RE: [grouper-dev] grouperdemo ldap, Chris Hyzer, 03/30/2011
- Re: [grouper-dev] grouperdemo ldap, Tom Zeller, 03/30/2011
- RE: [grouper-dev] grouperdemo ldap, Chris Hyzer, 03/30/2011
- Re: [grouper-dev] grouperdemo ldap, Tom Zeller (tzeller), 03/31/2011
- RE: [grouper-dev] grouperdemo ldap, Chris Hyzer, 03/30/2011
- Re: [grouper-dev] grouperdemo ldap, Tom Zeller, 03/30/2011
- RE: [grouper-dev] grouperdemo ldap, Chris Hyzer, 03/30/2011
- Re: [grouper-dev] grouperdemo ldap, Tom Zeller, 03/30/2011
- RE: [grouper-dev] grouperdemo ldap, Chris Hyzer, 03/30/2011
Archive powered by MHonArc 2.6.16.