Subject: Grouper Users - Open Discussion List
Re: [grouper-users] LDAPPC provisioning of rollup groups
- From: Tom Zeller <>
- To: Tim Darby <>
- Subject: Re: [grouper-users] LDAPPC provisioning of rollup groups
- Date: Mon, 22 Jun 2009 09:20:02 -0500
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:sender:in-reply-to:references:from:date :x-google-sender-auth:message-id:subject:to:cc:content-type; b=dRSad99BnGGJyWqK8hQxIT/GTRhemDrSqCu+w08bhVKE8tPHy3+3VLW+LhFw9Q16b5 4DOSnsnCOJJbREMh3QsMSUH8sUlH0g0l798kL/eWeKe401KRyxiZBe05/IAN6For8KDf NiJKftt/kOmlX7wWfU/IBzGBM4X/jA92vZVFk=
Yes, this is "normal" ldappc behavior as well as a bug (I'd link to jira but it appears to be down right now).
You'll need to run ldappc twice.
I stopped working on this one in lieu of integrating shibboleth's attribute resolver, since this issue has been around for so long.
The simplest solution is for ldappc to provision all groups without members, then go back and add members. Another option would be to calculate a tree of parent-child group memberships, but in my experience the use of "all" or "everyone" groups can make this approach unwieldly. I'm open to other ideas.
On Sun, Jun 21, 2009 at 3:59 PM, Tim Darby <> wrote:
I've created course groups with the following naming scheme:The groups are all being provisioned and all have people members, but the group . When I look at how the groups are being provisioned, it appears that LDAPPC is working in alphabetical order. In my example above, the groups are actually being provisioned in that order. If that's the case, then the error makes sense because it's saying that it can't add that learner group as a member of the "all" group since the learner group doesn't exist in LDAP yet. Is this normal behavior or am I missing something?
University of Arizona
- LDAPPC provisioning of rollup groups, Tim Darby, 06/21/2009
- Re: [grouper-users] LDAPPC provisioning of rollup groups, Tom Zeller, 06/22/2009
Archive powered by MHonArc 2.6.16.