grouper-dev - RE: [grouper-dev] another psp 2.1.2 release candidate
Subject: Grouper Developers Forum
List archive
- From: Gagné Sébastien <>
- To: "Tom Zeller" <>, <>
- Subject: RE: [grouper-dev] another psp 2.1.2 release candidate
- Date: Thu, 30 Aug 2012 09:29:28 -0400
It might be a good idea to add comment where the "Base Stem" are defined to
be sure to match the case of the directory
e.g. writing it all in lowercase(dc=domain, dc=ca) when AD will use
"DC=domain, DC=ca" , I did this mistake at the beginning
-----Message d'origine-----
De :
[mailto:]
De la part de Tom Zeller
Envoyé : 29 août 2012 16:37
À :
Objet : [grouper-dev] another psp 2.1.2 release candidate
Another psp 2.1.2 release candidate is now available.
http://www.internet2.edu/grouper/release/2.1.2/
A pretty horrible bug was introduced in 2.1.1 which catastrophically deletes
all provisioned objects when provisioning Active Directory.
Hence, I disabled downloads of 2.1.1.
The psp considers identifiers to be case sensitive, and defaults to lowercase
rdn attribute types, for example
dc=example,dc=edu
while Active Directory returns uppercase rdn attribute types, for example
DC=example,DC=edu
The difference between uppercase and lowercase rdn attribute types resulted
in the psp incorrectly deleting provisioned objects.
When provisioning Active Directory, care should be taken to make sure that
ldap dns are calculated with uppercase rdn attribute types. Prior to version
2.1.2, rdn attribute types were not configurable when calculating ldap dns
from grouper names. This 2.1.2 release candidate allows rdn attribute types
to be configured, for example
<resolver:AttributeDefinition
id="groupDn"
xsi:type="psp-grouper-ldap:LdapDnFromGrouperNamePSOIdentifier"
rdnAttributeName="CN"
stemRdnAttributeName="OU"
... />
At first I thought that comparing identifiers case-insensitively was the
right thing to do, but the openspml library uses string equals() to compare
identifiers, and I decided this would be messy to override.
So for now, identifiers are case sensitive.
Changes made in version 2.1.1 to improve performance exposed this issue. I
hurried 2.1.1 without adequate testing. It took a while to acquire another
Active Directory test environment, mostly because of my schedule.
Thanks for your patience,
and apologies for the inconvenience,
TomZ
- [grouper-dev] another psp 2.1.2 release candidate, Tom Zeller, 08/29/2012
- Re: [grouper-dev] another psp 2.1.2 release candidate, Tom Barton, 08/29/2012
- RE: [grouper-dev] another psp 2.1.2 release candidate, Gagné Sébastien, 08/30/2012
- RE: [grouper-dev] another psp 2.1.2 release candidate, Tom Barton, 08/30/2012
- RE: [grouper-dev] another psp 2.1.2 release candidate, Gagné Sébastien, 08/30/2012
- RE: [grouper-dev] another psp 2.1.2 release candidate, Gagné Sébastien, 08/30/2012
- Re: [grouper-dev] another psp 2.1.2 release candidate, Tom Zeller, 08/30/2012
- Re: [grouper-dev] another psp 2.1.2 release candidate, Tom Barton, 08/29/2012
Archive powered by MHonArc 2.6.16.