grouper-dev - RE: [grouper-dev] ldap loader
Subject: Grouper Developers Forum
List archive
- From: Chris Hyzer <>
- To: Tom Barton <>, "" <>
- Subject: RE: [grouper-dev] ldap loader
- Date: Mon, 26 Sep 2011 15:22:48 +0000
- Accept-language: en-US
|
> > From: [mailto:] On Behalf Of Tom Barton > Sent: Monday, September 26, 2011 10:08 AM > To: > Subject: Re: [grouper-dev] ldap loader > > This looks quite good. If I understand it correctly, one can configure it to maintain a grouper group's
> membership to reflect either the membership of an ldap group, or the set of entries returned by some
> other ldap query, ie, based on the attributes and their values for those entries. Right, for the simple one, you just need a filter that returns a list of id’s, or a list of lists of ids > > For maintaining a list of groups I can see how you can reflect membership in a set of groups corresponding
> to the unique values of a specific attribute (eg, eduPersonAffiliation), since those unique values can
> form the name extension of the corresponding group. Are there other supported scenarios for reflecting
> a list of groups? And are there any issues to worry about with ldap attribute values being used to form
> grouper group names? Ie, charset differences, that sort of thing? You need a filter that returns a list of objects, and each object has a list of id’s for that group. E.g. hasMember. For the name, it is a little tricky, I was thinking of providing an EL so you could use common
utility massage methods, or easily provide your own > > If a site is using ldap as a subject source and also wants to use it as a grouper loader source, do they
> need to use and declare two different sets of ldap connection params, or can both use the same config
> for that? Yeah, you would configure twice. It would be easy to merge the old subject source to use these connections, it uses vt-ldap in a nicely pooled manner… of course there is ldappc too
J Chris > > Thanks, > Tom > > > On 9/26/2011 1:45 AM, Chris Hyzer wrote:
> > I completed a version of the GrouperLoader which has an LDAP source. Currently the type is LDAP_SIMPLE
> > which configured a group to be sourced from LDAP. I will get a basic LDAP_GROUP_LIST one working to use
> > a source of a list of ldap groups, then I will be done. Any comments? > > > > https://spaces.internet2.edu/display/Grouper/Grouper+-+Loader+LDAP > > > > Thanks, > > Chris > > |
- [grouper-dev] ldap loader, Chris Hyzer, 09/26/2011
- Re: [grouper-dev] ldap loader, Tom Barton, 09/26/2011
- RE: [grouper-dev] ldap loader, Chris Hyzer, 09/26/2011
- Re: [grouper-dev] ldap loader, Tom Barton, 09/26/2011
Archive powered by MHonArc 2.6.16.