Grouper Developers Forum

[Tom Barton <>]

Good questions. It'd be best to have both source technologies in the
demo. But then we also need to think about what circumstance they model.
I can think of two possibilities.

1. Multi-campus. Each source represents the people from a different
organization, but they share an access management instance. We might
also have a root stem for each org plus a root stem for activities
common among them.

2. Accounts != people. Source 1 is people and Source 2 is the accounts
people use. Each person might have more than one account, and access
privs for some apps are assigned to accounts. Might want a
loader-maintained stem in which each person is modeled as a group whose
members are the person's accounts, to enable a person's roles to be
inherited by their accounts when that's appropriate.

Yes, allow demo users to browse ldap, if that's easy enough to do.

Other thoughts?
Tom

On 12/1/2011 5:02 PM, Tom Zeller wrote:
> Do we want to use an ldap subject source instead of jdbc ?
>
> Do we want to add an ldap subject source in addition to jdbc ?
>
> Do we want to allow authenticated users to browse the ldap directory ?
>
> Thats all for now. I have openldap and phpldapadmin almost configured.
>
> TomZ