grouper-users - Re: [grouper-users] LDAPPCNG - Manipulate Group names
Subject: Grouper Users - Open Discussion List
List archive
- From: Tom Zeller <>
- To: It Meme <>
- Cc:
- Subject: Re: [grouper-users] LDAPPCNG - Manipulate Group names
- Date: Tue, 8 Mar 2011 17:46:10 -0600
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:sender:in-reply-to:references:from:date :x-google-sender-auth:message-id:subject:to:cc:content-type; b=bOUV+3pBrKT67hVLGpjhjy6OXYyJRGD2j1DXNV3Er0rIHm1z7PSfO9hxZzqw3TbrpB ZWR9bmrqbYwCBlJl258agEGdLstaOz+PB9gCqMeWQi/3gLrzwwY3tTg990lPjHJeUp/I b3rAhBMMyKYkEBFQiA1psp1a0DewNbnaK4DwI=
> Group name in Grouper:
> SAP:Science:Botany:Administrator:create-whitelist
>
> Name required in AD:
> OU=Account,OU=Objects,OU=Administrators,OU=Science,DC=Botany,DC=example,DC=edu
>
> Is there a way we can transform above group name formats, in LDAPPCNG,
> from Grouper to AD?
>
This might help you get started :
<resolver:AttributeDefinition id="group-dn"
xsi:type="ldappc:PSOIdentifier" sourceAttributeID="mungDN" >
<resolver:Dependency ref="mungDN" />
</resolver:AttributeDefinition>
<resolver:AttributeDefinition xsi:type="Script"
xmlns="urn:mace:shibboleth:2.0:resolver:ad" id="mungDN" >
<resolver:Dependency ref="GroupDataConnector" />
<Script><![CDATA[
// Import Shibboleth attribute provider
importPackage(Packages.edu.internet2.middleware.shibboleth.common.attribute.provider);
// value = "SAP:Science:Botany:Administrator:create-whitelist";
value = name.getValues().get(0);
values = value.split(':');
// mungDN =
OU=Account,OU=Objects,OU=Administrators,OU=Science,DC=Botany,DC=example,DC=edu
mungDN = new BasicAttribute("mungDN");
mungDN.getValues().add("OU=Account,OU=Objects,OU=Administrators,OU="
+ values[1] + ",OU=" + values[2] + ",DC=example,DC=edu");
]]></Script>
</resolver:AttributeDefinition>
- [grouper-users] LDAPPCNG - Manipulate Group names, It Meme, 03/08/2011
- Re: [grouper-users] LDAPPCNG - Manipulate Group names, Tom Zeller, 03/08/2011
Archive powered by MHonArc 2.6.16.