grouper-users - [grouper-users] LDAPPC not populating group memberships in OpenLDAP
Subject: Grouper Users - Open Discussion List
List archive
- From: Mark Cairney <>
- To:
- Subject: [grouper-users] LDAPPC not populating group memberships in OpenLDAP
- Date: Mon, 24 Jan 2011 09:49:10 +0000
Hi,
I've recently started looking at using LDAPPC to push Grouper's groups into
our OpenLDAP directory.
So far I've been using a ldappc.xml almost identical to the one on the wiki
page at:
https://spaces.internet2.edu/display/Grouper/LDAPPC
Using a flat structure this appears to create the groupOfNames objects in
OpenLDAP but there are no members. What configuration settings do I have to
change to get this to work? Is it dependent on my OpenLDAP schema?
Finally I'd like to get a nested structure in OpenLDAP but if I change "flat"
to "bushy" it fails instantly complaining that the OU doesn't exist. I notice
that this is only set in the AD example. Does this mean it isn't supported in
OpenLDAP?
Apologies for the rather elementary questions.
Kind regards,
Mark
My ldappc.xml is listed below:
<ldappc>
<grouper>
<group-queries>
<subordinate-stem-queries>
<stem-list>
<stem>org</stem>
</stem-list>
</subordinate-stem-queries>
<attribute-matching-queries>
<attribute-list>
<attribute name="_attr_name_" value="_attr_value_" />
</attribute-list>
</attribute-matching-queries>
</group-queries>
<groups
structure="flat"
root-dn="ou=grouper,${edu.vt.middleware.ldap.base}"
ldap-object-class="groupOfNames"
ldap-rdn-attribute="cn"
grouper-attribute="name">
<group-members-dn-list list-object-class="groupOfNames"
list-attribute="me
mber" list-empty-value="" />
<group-members-name-list list-object-class="eduMember"
list-attribute="has
Member">
<source-subject-name-mapping>
<source-subject-name-map source="_source_name_"
subject-attribute="_at
tr_name_" />
<source-subject-name-map source="g:gsa" subject-attribute="name" />
<source-subject-name-map source="g:isa" subject-attribute="name" />
</source-subject-name-mapping>
</group-members-name-list>
<group-attribute-mapping ldap-object-class="groupOfNames">
<group-attribute-map group-attribute="description"
ldap-attribute="descr
iption" />
</group-attribute-mapping>
</groups>
<memberships>
<member-groups-list list-object-class="eduMember"
list-attribute="isMember
Of" naming-attribute="name" />
</memberships>
</grouper>
<source-subject-identifiers>
<source-subject-identifier source="_source_name_"
subject-attribute="_attr_n
ame_">
<ldap-search
base="ou=people,ou=central,${edu.vt.middleware.ldap.base}"
scope="subtree_scope"
filter="(uid={0})" />
</source-subject-identifier>
</source-subject-identifiers>
</ldappc>
/*********************************
Mark Cairney
ITI UNIX Section
Information Services
University of Edinburgh
Tel: 0131 650 6565
Email:
*********************************/
--
The University of Edinburgh is a charitable body, registered in
Scotland, with registration number SC005336.
- [grouper-users] LDAPPC not populating group memberships in OpenLDAP, Mark Cairney, 01/24/2011
- Re: [grouper-users] LDAPPC not populating group memberships in OpenLDAP, Rob Hebron, 01/24/2011
- Re: [grouper-users] LDAPPC not populating group memberships in OpenLDAP, Mark Cairney, 01/24/2011
- Re: [grouper-users] LDAPPC not populating group memberships in OpenLDAP, Tom Zeller, 01/26/2011
- Re: [grouper-users] LDAPPC not populating group memberships in OpenLDAP, Mark Cairney, 01/24/2011
- Re: [grouper-users] LDAPPC not populating group memberships in OpenLDAP, Rob Hebron, 01/24/2011
Archive powered by MHonArc 2.6.16.