Grouper Developers Forum

[Peter Schober <>]

* Tom Zeller 
<>
 [2012-01-05 18:00]:
> Some questions for folks interested in beta testing real-time provisioning :

Not sure I'll be ready for this, but I'll share anyway:

> What subject source(s) will you use ?

Not decided yet, LDAP seems to be a popular choice (at least for those
interested in near-realtime provisioning).

> Approximately how many subjects exist in your source(s) ?

~155k

> Which ldap directory will you provision ?

MS Active Directory (first "consumer" for this groups project)
Eventually OpenLDAP ("enterprise" DSAs), replacing our home-grown
group management tool (if everything works out)

* Tom Zeller 
<>
 [2012-01-06 04:25]:
> Does the last (reading right to left) RDN of an ldap subject DN
> contain the grouper subject identifier ?

Yes, though I'm thinking about restructuring the DIT to use (more)
persistent identifiers as RDN values instead of the currently used
NetID values (but those could still be grouper's subject indentifer,
I assume).

> What do you use for the attribute type of the RDN ? cn ? uid ? custom ?

uid (OpenLDAP)
MS-AD needs cn, from what I've heared?

cheers,
-peter