Grouper Users - Open Discussion List

[Tom Zeller <>]

> The difficulty will be to determine which subject ids have to be
> synchronized. Is there a way to do that easily with Grouper ?

As of now for 2.0, the subject ids for each provisioned object (e.g.
stem, group, member, etc.) are returned from a shibboleth attribute
resolver data connector, which is configurable as well as extensible.
So, yes, for 2.0 I would say it is easy enough.

TomZ

>>Right. If a subject is not a member of any groups, then the current
>>ldappcng 1.x code will not include the subject for provisioning, so
>>their memberships will not be deleted from the provisioning target.
>>This is a bug.
>>
>>I have uncommitted code for 2.0 which will allow us to specify the
>>objects for provisioning in a configurable way through the shibboleth
>>attribute resolver.
>
>>For now, one would have to run gsh.sh -ldappcng -calc|diff|sync <subjectid>.
>
>>With ldappcng, for consistency, I tried to maintain the behavior of
>>ldappc from previous versions, which itself was incorrect, so I persisted 
>>this bug.
>
>>>On Tue, May 17, 2011 at 10:35 AM, Arnaud Deman 
>>><>
>>> wrote:
>>> Hello,
>>>
>>> I have tested with the intervalFullSync argument and the subjects
>>> removed
>>> to all their groups are still not deprovisionned. It is also the case
>>> when I launch ldappcns whithout the argument bulkSync alone.
>>>
>>>
>>> Thanks,
>>> Arnaud.
>
>
>
> Le vendredi 08 avril 2011 à 01:42:26, Tom Zeller a écrit :
>> I added a -intervalFullSync <seconds> option. See the updated bug.
>>
>> [1] https://bugs.internet2.edu/jira/browse/GRP-595
>
> --
> Arnaud Deman
> 04 91 28 85 25
> DSI - Université Paul Cézanne Aix-Marseille III
> Avenue Escadrille Normandie-Niemen
> 13397 MARSEILLE CEDEX 20
>
>