grouper-users - [ldappc] Configuration problem (with body this time)
Subject: Grouper Users - Open Discussion List
List archive
- From:
- To:
- Subject: [ldappc] Configuration problem (with body this time)
- Date: Thu, 19 Jun 2008 03:22:17 -0400 (EDT)
Dear all,
I am having difficulty getting both the members for the groups and the
memberships of the people exported. I succeeded in getting everything working
by using 'lastname' as the subject-attribute for source-subject-name-map and
source-subject-identifier, and then using a filter of (sn={0)} as my LDAP
search filter.
However, when I try to use the Grouper ID and the LDAP attribute uid in a
corresponding manner, only the memberships for the people are exported to the
isMemberOf attribute, but the hasMember and member attributes of the groups
remain empty.
Here is my ldappc.xml:
<?xml version="1.0" encoding="utf-8"?>
<!--
* This file contains data for testing Ldappc.
*
* See ldappcTemplate.xml for documentation regarding how to use these
* elements.
-->
<ldappc>
<grouper>
<group-queries>
<subordinate-stem-queries>
<stem-list>
<stem>fub</stem>
</stem-list>
</subordinate-stem-queries>
<!--
<attribute-matching-queries>
<attribute-list>
<attribute name="attribute" value="value" />
</attribute-list>
</attribute-matching-queries>
-->
</group-queries>
<groups structure="flat"
root-dn="ou=gruppen,dc=fu-berlin,dc=de"
ldap-object-class="groupOfNames"
ldap-rdn-attribute="cn" grouper-attribute="name" >
<group-members-dn-list list-object-class="groupOfNames"
list-attribute="member" list-empty-value=""/>
<group-members-name-list list-object-class="eduMember"
list-attribute="hasMember" >
<source-subject-name-mapping>
<source-subject-name-map source="fu" subject-attribute="ID" />
</source-subject-name-mapping>
</group-members-name-list>
<group-attribute-mapping ldap-object-class="groupOfNames">
<group-attribute-map group-attribute="description"
ldap-attribute="description" />
</group-attribute-mapping>
</groups>
<memberships>
<member-groups-list
list-object-class="eduMember"
list-attribute="isMemberOf"
naming-attribute="name" />
</memberships>
</grouper>
<source-subject-identifiers>
<source-subject-identifier source="fu" subject-attribute="id" >
<ldap-search base="ou=personen,dc=fu-berlin,dc=de"
scope="subtree_scope"
filter="(uid={0})" />
</source-subject-identifier>
</source-subject-identifiers>
<ldap>
<context>
<parameter-list>
<parameter name="initial_context_factory"
value="com.sun.jndi.ldap.LdapCtxFactory" />
<parameter name="provider_url" value="ldap://localhost:389"; />
<parameter name="security_authentication" value="simple" />
<parameter name="security_principal"
value="cn=xxxx,dc=fu-berlin,dc=de" />
<parameter name="security_credentials" value="xxxx" />
</parameter-list>
</context>
</ldap>
</ldappc>
I am also suprised that the subject-attribute has to be 'id' and not 'ID' as
it is displayed by grouper, although on the other hand it is lowercase in my
sources.xml.
Any help would be greatly appreciated.
Loris Bennett
- [ldappc] Configuration problem (with body this time), grouper, 06/19/2008
- Re: [grouper-users] [ldappc] Configuration problem (with body this time), Kathryn Huxtable, 06/19/2008
Archive powered by MHonArc 2.6.16.