Skip to Content.
Sympa Menu

grouper-dev - RE: [grouper-dev] some questions regarding ldap on grouperdemo

Subject: Grouper Developers Forum

List archive

RE: [grouper-dev] some questions regarding ldap on grouperdemo

Chronological Thread 
  • From: Chris Hyzer <>
  • To: Tom Barton <>, "" <>
  • Subject: RE: [grouper-dev] some questions regarding ldap on grouperdemo
  • Date: Fri, 2 Dec 2011 16:59:43 +0000
  • Accept-language: en-US

I don't think the demo server needs to be all that realistic, but I do think
it needs to show Grouper capabilities, and in my case, allow us to develop
and test our software. If we aren't going to phase out the non vt-ldap
source, lets add some people to a vtldap source, and some people to a
non-vt-ldap source... :)

I think we should have them have prefixes or something so we don't have the
same subjectId in multiple sources


-----Original Message-----

On Behalf Of Tom Barton
Sent: Friday, December 02, 2011 10:19 AM

Subject: Re: [grouper-dev] some questions regarding ldap on grouperdemo

Good questions. It'd be best to have both source technologies in the
demo. But then we also need to think about what circumstance they model.
I can think of two possibilities.

1. Multi-campus. Each source represents the people from a different
organization, but they share an access management instance. We might
also have a root stem for each org plus a root stem for activities
common among them.

2. Accounts != people. Source 1 is people and Source 2 is the accounts
people use. Each person might have more than one account, and access
privs for some apps are assigned to accounts. Might want a
loader-maintained stem in which each person is modeled as a group whose
members are the person's accounts, to enable a person's roles to be
inherited by their accounts when that's appropriate.

Yes, allow demo users to browse ldap, if that's easy enough to do.

Other thoughts?

On 12/1/2011 5:02 PM, Tom Zeller wrote:
> Do we want to use an ldap subject source instead of jdbc ?
> Do we want to add an ldap subject source in addition to jdbc ?
> Do we want to allow authenticated users to browse the ldap directory ?
> Thats all for now. I have openldap and phpldapadmin almost configured.
> TomZ

Archive powered by MHonArc 2.6.16.

Top of Page