Skip to Content.
Sympa Menu

grouper-users - Re: [grouper-users] ldappc + membership

Subject: Grouper Users - Open Discussion List

List archive

Re: [grouper-users] ldappc + membership


Chronological Thread 
  • From: "Tom Zeller" <>
  • To: "Kathryn Huxtable" <>, "Tom Barton" <>
  • Cc: "" <>
  • Subject: Re: [grouper-users] ldappc + membership
  • Date: Tue, 10 Jun 2008 08:57:54 -0500
  • Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:sender:to:subject:cc:in-reply-to:mime-version :content-type:references:x-google-sender-auth; b=DFMDAru8DPEhaVioV3GlCV2jwf0XI17D7Ry8uRASiBkIcc7xNSwNv5GYr68pEfnDjK pJv+4eevdqM9ROhtb/U/ZT1U48rcl1sjW1D04OMXk65iH50ys3fXBn/jnc5bUmQI/6AA OeIR3+2T+qhilcspy4GH1J7O4uWlUMQ5KRbLM=
On Mon, Jun 9, 2008 at 4:01 PM, Tom Barton <> wrote:
Kathryn Huxtable wrote:

When I was at KU, we used a different provisioning mechanism, which allowed us to specify a string prefix for provisioning. Our provisioning would only manage values in the attribute beginning with that prefix, leaving other values alone. This enabled us to have multiple provisioning mechanisms provisioning into ePentitlement.

Maybe something like this would be useful in ldappc...

Yes, or a regex identifying the value space that ldappc "owns".

Tom

I've been looking at using ldappc and (coincidentally) just yesterday came across this same exception regarding adding an already existing objectclass to a Fedora/Red Hat directory server entry. In our home-grown provisioning software, we used 'managed values' which were evaluated as a regex, similar to TomB's suggestion. 

<ProvisionedAttribute id="objectClass" ...

 <ManagedValue>top</ManagedValue>

 <ManagedValue>person</ManagedValue>

 <ManagedValue>organizationalPerson</ManagedValue>

 <ManagedValue>user</ManagedValue>

 ...


TomZ

 


Archive powered by MHonArc 2.6.16.

Top of Page