grouper-users - Ldappc missing LDAP sourced members
Subject: Grouper Users - Open Discussion List
List archive
- From:
- To:
- Subject: Ldappc missing LDAP sourced members
- Date: Tue, 18 Nov 2008 13:03:40 -0500 (EST)
I have grouper api 1.3.1 running and correctly sourcing subjects from an
instance of LDAP. When trying to use ldappc 1.2.0 to populate LDAP with a
list of groups and their members, I am encountering some interesting issues.
The groups populate in LDAP as expected, but members of these groups do not
show up. I'm looking at working with AD & LDAP so I'm just trying to get
UID's to populate as uniqueMember within a group. Groups within groups
populate, as I see from the g:gsa subject source, but I'm actually looking to
populate deep groups. For example, all members are LDAP sourced:
GroupA consists of person1, person2, & GroupB
GroupB consists of person3
LDAP should look like:
dn: cn=etc:GroupA,ou=grouper,dc=nau,dc=edu
objectClass: groupOfUniqueNames
objectClass: top
cn: etc:GroupA
uniqueMember: person1
uniqueMember: person2
uniqueMember: person3
dn: cn=etc:GroupB,ou=grouper,dc=nau,dc=edu
objectClass: groupOfUniqueNames
objectClass: top
cn: etc:GroupB
uniqueMember: person3
I am executing:
./bin/ldappc.sh -subject GrouperSystem -groups -interval 60
(from what I understand the -membership option is meant to populate an LDAP
person with what groups they are in. I am just looking to populate a separate
group area with groups and their members at this time.)
In grouper, my current sources are:
source: id='g:gsa' name='Grouper: Group Source Adapter'
class='edu.internet2.middleware.grouper.GrouperSourceAdapter'
source: id='g:isa' name='Grouper: Internal Source Adapter'
class='edu.internet2.middleware.grouper.InternalSourceAdapter'
source: id='jdbc' name='JDBC Source Adapter'
class='edu.internet2.middleware.subject.provider.JDBCSourceAdapter'
source: id='NAU LDAP' name='NAU Edu'
class='edu.internet2.middleware.subject.provider.JNDISourceAdapter'
ldappc.xml looks like:
<ldappc>
<grouper>
<group-queries>
<subordinate-stem-queries>
<stem-list>
<stem>etc</stem>
</stem-list>
</subordinate-stem-queries>
</group-queries>
<groups structure="flat"
root-dn="ou=grouper,dc=nau,dc=edu"
ldap-object-class="groupOfUniqueNames"
ldap-rdn-attribute="cn" grouper-attribute="name" >
<group-members-dn-list list-object-class="groupOfUniqueNames"
list-attribute="uniqueMember" list-empty-value=""/>
<group-members-name-list list-object-class="groupOfUniqueNames"
list-attribute="uniqueMember" >
<source-subject-name-mapping>
<source-subject-name-map source="NAU LDAP" subject-attribute="id" />
<source-subject-name-map source="g:gsa" subject-attribute="name" />
</source-subject-name-mapping>
</group-members-name-list>
<source-subject-identifiers>
<source-subject-identifier source="NAU LDAP" subject-attribute="id" >
<ldap-search base="ou=people,dc=nau,dc=edu"
scope="subtree_scope"
filter="(uid={0})" />
</source-subject-identifier>
<source-subject-identifier source="g:gsa" subject-attribute="name" >
<ldap-search base="ou=grouper,dc=nau,dc=edu"
scope="subtree_scope"
filter="(cn={0})" />
</source-subject-identifier>
</source-subject-identifiers>
...ldap info removed...
Any ideas of what's going south? This seems like a pretty basic setup. My
current setup looks to be doing LDAP queries for LDAP sourced grouper
members? Seems somewhat redundant. Thanks much for any info! :D
-Ray Walker
- Ldappc missing LDAP sourced members, ray . walker, 11/18/2008
- Re: [grouper-users] Ldappc missing LDAP sourced members, Tom Zeller, 11/18/2008
Archive powered by MHonArc 2.6.16.