grouper-users - Using GrouperShell to bootstrap the Wheel Group
Subject: Grouper Users - Open Discussion List
List archive
- From: Scott Koranda <>
- To:
- Subject: Using GrouperShell to bootstrap the Wheel Group
- Date: Tue, 1 Jul 2008 18:16:42 -0500
Hi,
Apologies for the long note and many questions...we would like
to leverage Grouper but we are not Java/Tomcat experts.
I am following the details at
https://wiki.internet2.edu/confluence/display/GrouperWG/Initializing+Administration+of+Privileges
to try and bootstrap the wheel group but I am confused and
having some problems. Specifically:
- Does Tomcat need to be running when trying to use gsh.sh?
Does gsh.sh talk through Tomcat in some way? Or is gsh.sh
authenticating directly to the underlying relational
database and manipulating it directly?
If it is directly maninpulating the relational database,
then which configuration file(s) is it using to obtain the
necessary information? Is it reading the configuration in
$CATALINA_HOME/webapps/grouper or in $GROUPER_HOME
where I did the building?
Is the model that I am supposed to change configuration
files in $GROUPER_HOME, then redeploy into Tomcat each time
I want to make a configuration change?
- I was able to run these commands:
gsh-0.1.1 2% addRootStem("etc", "Grouper Administration")
gsh-0.1.1 3% addGroup("etc", "sysadmingroup", "SysAdmin Group")
When I try, however, to add a member to that group I am
getting this:
gsh-0.1.1 4% addMember("etc:sysadmingroup", "883")
// Error: subject not found: 883
false
Here '883' is the value for the employeeNumber attribute in
our LDAP for myself. I had configured in sources.xml the
following:
<param-name>SubjectID_AttributeType</param-name>
<param-value>employeeNumber</param-value>
...
<searchType>searchSubject</searchType>
<param>
<param-name>filter</param-name>
<param-value>
(&(employeeNumber=%TERM%)(objectclass=inetOrgPerson))
</param-value>
</param>
<param>
<param-name>scope</param-name>
<param-value>ONELEVEL_SCOPE</param-value>
</param>
So I would have thought entering '883' would have worked.
How can I verify that the grouper running under Tomcat and
also gsh.sh are able to search our LDAP correctly?
I appreciate any help you can offer.
Thanks,
Scott
- Using GrouperShell to bootstrap the Wheel Group, Scott Koranda, 07/01/2008
- Re: [grouper-users] Using GrouperShell to bootstrap the Wheel Group, Tom Barton, 07/01/2008
- Re: [grouper-users] Using GrouperShell to bootstrap the Wheel Group, Scott Koranda, 07/02/2008
- Re: [grouper-users] Using GrouperShell to bootstrap the Wheel Group, Tom Barton, 07/02/2008
- Re: [grouper-users] Using GrouperShell to bootstrap the Wheel Group, Scott Koranda, 07/02/2008
- Re: [grouper-users] Using GrouperShell to bootstrap the Wheel Group, Tom Barton, 07/02/2008
- Re: [grouper-users] Using GrouperShell to bootstrap the Wheel Group, Scott Koranda, 07/02/2008
- Re: [grouper-users] Using GrouperShell to bootstrap the Wheel Group, Tom Barton, 07/01/2008
Archive powered by MHonArc 2.6.16.