Skip to Content.
Sympa Menu

grouper-dev - Re: [grouper-dev] some questions regarding ldap on grouperdemo

Subject: Grouper Developers Forum

List archive

Re: [grouper-dev] some questions regarding ldap on grouperdemo

Chronological Thread 
  • From: Tom Barton <>
  • To:
  • Subject: Re: [grouper-dev] some questions regarding ldap on grouperdemo
  • Date: Fri, 02 Dec 2011 09:19:21 -0600

Good questions. It'd be best to have both source technologies in the
demo. But then we also need to think about what circumstance they model.
I can think of two possibilities.

1. Multi-campus. Each source represents the people from a different
organization, but they share an access management instance. We might
also have a root stem for each org plus a root stem for activities
common among them.

2. Accounts != people. Source 1 is people and Source 2 is the accounts
people use. Each person might have more than one account, and access
privs for some apps are assigned to accounts. Might want a
loader-maintained stem in which each person is modeled as a group whose
members are the person's accounts, to enable a person's roles to be
inherited by their accounts when that's appropriate.

Yes, allow demo users to browse ldap, if that's easy enough to do.

Other thoughts?

On 12/1/2011 5:02 PM, Tom Zeller wrote:
> Do we want to use an ldap subject source instead of jdbc ?
> Do we want to add an ldap subject source in addition to jdbc ?
> Do we want to allow authenticated users to browse the ldap directory ?
> Thats all for now. I have openldap and phpldapadmin almost configured.
> TomZ

Archive powered by MHonArc 2.6.16.

Top of Page