Skip to Content.
Sympa Menu

grouper-users - Re: [grouper-users] ldappc + membership

Subject: Grouper Users - Open Discussion List

List archive

Re: [grouper-users] ldappc + membership


Chronological Thread 
  • From: "Michael R. Gettes" <>
  • To: Kathryn Huxtable <>
  • Cc: " Users" <>
  • Subject: Re: [grouper-users] ldappc + membership
  • Date: Tue, 10 Jun 2008 17:11:24 -0400

Yup! :-) I am VERY happy to see this getting resolved. THANK YOU!

/mrg

On Jun 10, 2008, at 13:20, Kathryn Huxtable wrote:

I'd actually talked with Michael Gettes about doing something like this last fall and then forgot. -K

On Jun 10, 2008, at 11:48 AM, Kathryn Huxtable wrote:

Well, then, I'll add a regex for the next version. -K

On Jun 10, 2008, at 8:57 AM, Tom Zeller wrote:

On Mon, Jun 9, 2008 at 4:01 PM, Tom Barton <> wrote:
Kathryn Huxtable wrote:

When I was at KU, we used a different provisioning mechanism, which allowed us to specify a string prefix for provisioning. Our provisioning would only manage values in the attribute beginning with that prefix, leaving other values alone. This enabled us to have multiple provisioning mechanisms provisioning into ePentitlement.

Maybe something like this would be useful in ldappc...

Yes, or a regex identifying the value space that ldappc "owns".

Tom

I've been looking at using ldappc and (coincidentally) just yesterday came across this same exception regarding adding an already existing objectclass to a Fedora/Red Hat directory server entry. In our home-grown provisioning software, we used 'managed values' which were evaluated as a regex, similar to TomB's suggestion.

<ProvisionedAttribute id="objectClass" ...
<ManagedValue>top</ManagedValue>
<ManagedValue>person</ManagedValue>
<ManagedValue>organizationalPerson</ManagedValue>
<ManagedValue>user</ManagedValue>
...

TomZ








Archive powered by MHonArc 2.6.16.

Top of Page