Grouper Developers Forum

[Chris Hyzer <>]

I don't think the demo server needs to be all that realistic, but I do think 
it needs to show Grouper capabilities, and in my case, allow us to develop 
and test our software.  If we aren't going to phase out the non vt-ldap 
source, lets add some people to a vtldap source, and some people to a 
non-vt-ldap source... :)

I think we should have them have prefixes or something so we don't have the 
same subjectId in multiple sources

Thanks,
Chris



-----Original Message-----
From: 

 
[mailto:]
 On Behalf Of Tom Barton
Sent: Friday, December 02, 2011 10:19 AM
To: 

Subject: Re: [grouper-dev] some questions regarding ldap on grouperdemo

Good questions. It'd be best to have both source technologies in the
demo. But then we also need to think about what circumstance they model.
I can think of two possibilities.

1. Multi-campus. Each source represents the people from a different
organization, but they share an access management instance. We might
also have a root stem for each org plus a root stem for activities
common among them.

2. Accounts != people. Source 1 is people and Source 2 is the accounts
people use. Each person might have more than one account, and access
privs for some apps are assigned to accounts. Might want a
loader-maintained stem in which each person is modeled as a group whose
members are the person's accounts, to enable a person's roles to be
inherited by their accounts when that's appropriate.

Yes, allow demo users to browse ldap, if that's easy enough to do.

Other thoughts?
Tom

On 12/1/2011 5:02 PM, Tom Zeller wrote:
> Do we want to use an ldap subject source instead of jdbc ?
>
> Do we want to add an ldap subject source in addition to jdbc ?
>
> Do we want to allow authenticated users to browse the ldap directory ?
>
> Thats all for now. I have openldap and phpldapadmin almost configured.
>
> TomZ