grouper-dev - [grouper-dev] Case-sensitiveness for stem/OU with AD
Subject: Grouper Developers Forum
List archive
- From: Gagné Sébastien <>
- To: <>
- Subject: [grouper-dev] Case-sensitiveness for stem/OU with AD
- Date: Mon, 30 Apr 2012 09:52:18 -0400
Hello, Some time ago we had a problem with group membership: Grouper was case-sensitive when comparing the DN it built for the Member and the DN contained in the AD Group. TomZ fixed that by adding a “caseSensive=false” parameter to memberships. I think I found another place where this might be needed : when building and comparing Stems and OUs. We configured the base DN for groups and members to be “OU=People,DC=domain,DC=umontreal,DC=ca” We have a base Stem “UdeM” (not shown in DN) We created the Stem “UdeM:Groupes” to match the already existing AD OU “ou=groupes,OU=People,DC=sim,DC=umontreal,DC=ca”, but as you can see in the PSP Diff response below, the PSP doesn’t match the built DN with the existing one. My guess would be the case difference in “ou=Groupes” vs “ou=groupes”. Right now it isn’t causing much problem in our test environment; we were able to provision a group inside the mismatching Stem/OU, but it would be nice to not have all those errors. Would it be possible to have the same kind of parameter (caseSensitive=false) for stem provisioning in the PSP ? Previously we let Grouper create the OUs in AD so I guess it created them with the right case, but in the future there will be a lot of “mapping” to the current AD directory (though we might import some of them with the Loader or PSP), so this might be a problem. Thank you Example output of the PSP : bin/gsh.sh -psp –bulkDiff <psp:bulkDiffResponse xmlns:psp='http://grouper.internet2.edu/psp' status='success' requestID='2012/04/30-08:46:46.885'> <psp:diffResponse status='success' requestID='2012/04/30-08:46:46.986'> <modifyRequest xmlns='urn:oasis:names:tc:SPML:2:0' entityName='stem' requestID='2012/04/30-08:46:47.084' returnData='everything'> <psoID ID='ou=Groupes,OU=People,DC=domain,DC=umontreal,DC=ca' targetID='ldap'/> <modification modificationMode='add'> <dsml:modification xmlns:dsml='urn:oasis:names:tc:DSML:2:0:core' name='description' operation='add'> <dsml:value>Groupes</dsml:value> </dsml:modification> </modification> </modifyRequest> <psp:id ID='UdeM:Groupes'/> </psp:diffResponse> […] </psp:bulkDiffResponse> Sébastien Gagné, | Analyste en informatique 514-343-6111 x33844 | Université de Montréal, | Pavillon Roger-Gaudry, local X-100-11 |
- [grouper-dev] Case-sensitiveness for stem/OU with AD, Gagné Sébastien, 04/30/2012
- Re: [grouper-dev] Case-sensitiveness for stem/OU with AD, Tom Zeller, 04/30/2012
Archive powered by MHonArc 2.6.16.