Grouper Users - Open Discussion List

[Wallaert-Taquet Brigitte <>]

Hello,

I have done this on attribute "owner" at first and after, on attribute 
"ustlPresident" only but I obtain exactly the same, it's strange :

I can't publish in any case and I obtain a good response with bulkCalc 
command and a bad one with bulkSync :
"
Case A - "bin/gsh.sh -ldappcng -bulkSync -entityName groupAEC" :
response : <ldappc:bulkSyncResponse 
xmlns:ldappc='http://grouper.internet2.edu/ldappc' status='success' 
requestID='2011/07/19-16:31:32.312_Q0K8YV2Z'/>
BUT NO PUBLISH DONE

Case B - "bin/gsh.sh -ldappcng -bulkCalc -entityName groupAEC" :
...
<dsml:attr xmlns:dsml='urn:oasis:names:tc:DSML:2:0:core' 
name='ustlPresident'>
<dsml:value>uid=djellal,ou=people,dc=univ-lille1,dc=fr</dsml:value>
</dsml:attr>
...
Ok but it's not a publish command.

in log file, case A, I see :
2011-07-19 16:48:12,965: [main] INFO  PSP.execute(200) -  - 
CalcResponse[id=lille1:groupesdetravail:avancementsec:comadhocaecm0000fses,status=success,requestID=2011/07/19-16:48:12.234_Q0K9KBVB,pso=PSO[psoID=PSOIdentifier[id='cn=comAdHocAEC_M0000-FSES,ou=groups,dc=univ-lille1,dc=fr',targetID=ldap,containerID=<null>]]]
2011-07-19 16:48:12,966: [main] INFO  PSP.execute(297) -  - 
LookupRequest[psoID=PSOIdentifier[id='cn=comAdHocAEC_M0000-FSES,ou=groups,dc=univ-lille1,dc=fr',targetID=ldap,containerID=<null>],returnData=everything,requestID=2011/07/19-16:48:12.966_Q0K9KBV1]
2011-07-19 16:48:12,967: [main] INFO  LdapTargetProvider.execute(356) -  
- 
LookupRequest[psoID=PSOIdentifier[id='cn=comAdHocAEC_M0000-FSES,ou=groups,dc=univ-lille1,dc=fr',targetID=ldap,containerID=<null>],returnData=everything,requestID=2011/07/19-16:48:12.966_Q0K9KBV1]
2011-07-19 16:48:12,971: [main] ERROR 
LdapTargetProvider.getPSODefinition(797) -  - Unable to determine schema 
entity for cn=comAdHocAEC_M0000-FSES,ou=groups,dc=univ-lille1,dc=fr
2011-07-19 16:48:12,973: [main] ERROR BaseSpmlProvider.execute(95) -  - 
Response[status=failure,error=unsupportedOperation,errorMessages={},requestID=2011/07/19-16:48:12.966_Q0K9KBV1]
java.lang.reflect.InvocationTargetException
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at 
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
        at 
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.lang.reflect.Method.invoke(Method.java:616)
        at 
edu.internet2.middleware.ldappc.spml.provider.BaseSpmlProvider.execute(BaseSpmlProvider.java:79)
        at edu.internet2.middleware.ldappc.spml.PSP.execute(PSP.java:308)
        at 
edu.internet2.middleware.ldappc.spml.PSPDiffer.diff(PSPDiffer.java:126)
        at edu.internet2.middleware.ldappc.spml.PSP.execute(PSP.java:221)
        at edu.internet2.middleware.ldappc.spml.PSP.execute(PSP.java:577)
        at edu.internet2.middleware.ldappc.spml.PSP.execute(PSP.java:681)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at 
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
        at 
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.lang.reflect.Method.invoke(Method.java:616)
        at 
edu.internet2.middleware.ldappc.spml.provider.BaseSpmlProvider.execute(BaseSpmlProvider.java:79)
        at edu.internet2.middleware.ldappc.spml.PSPCLI.run(PSPCLI.java:168)
        at edu.internet2.middleware.ldappc.spml.PSPCLI.main(PSPCLI.java:82)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at 
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
        at 
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.lang.reflect.Method.invoke(Method.java:616)
        at 
edu.internet2.middleware.grouper.app.gsh.GrouperShell.handleSpecialCase(GrouperShell.java:188)
        at 
edu.internet2.middleware.grouper.app.gsh.GrouperShell.main(GrouperShell.java:128)
        at 
edu.internet2.middleware.grouper.app.gsh.GrouperShellWrapper.main(GrouperShellWrapper.java:16)
Caused by: edu.internet2.middleware.ldappc.exception.LdappcException: 
Unable to determine schema entity for 
cn=comAdHocAEC_M0000-FSES,ou=groups,dc=univ-lille1,dc=fr
        at 
edu.internet2.middleware.ldappc.spml.provider.LdapTargetProvider.getPSODefinition(LdapTargetProvider.java:798)
        at 
edu.internet2.middleware.ldappc.spml.provider.LdapTargetProvider.getPSO(LdapTargetProvider.java:702)
        at 
edu.internet2.middleware.ldappc.spml.provider.LdapTargetProvider.execute(LdapTargetProvider.java:453)
        ... 24 more
2011-07-19 16:48:12,978: [main] ERROR PSP.execute(322) -  - 
LookupResponse[pso=<null>,status=failure,error=customError,errorMessages={Target 
did not return a lookup 
response.},requestID=2011/07/19-16:48:12.966_Q0K9KBV1]
2011-07-19 16:48:12,978: [main] ERROR PSP.execute(227) -  - 
DiffResponse[id=lille1:groupesdetravail:avancementsec:comadhocaecm0000fses,status=failure,error=customError,errorMessages={Lookup 
request failed.},requestID=2011/07/19-16:48:12.232_Q0K9KBVA]
2011-07-19 16:48:12,984: [main] INFO  PSP.execute(163) -  - 
CalcRequest[id=lille1:groupesdetravail:avancementsec:comadhocaecm0000fses,requestID=2011/07/19-16:48:12.984_Q0K9KBV2,returnData=identifier,schemaEntityRef=SchemaEntityRef[targetID=<null>,entityName=groupAEC,isContainer=false]]
2011-07-19 16:48:13,013: [main] INFO  PSP.execute(200) -  - 
CalcResponse[id=lille1:groupesdetravail:avancementsec:comadhocaecm0000fses,status=success,requestID=2011/07/19-16:48:12.984_Q0K9KBV2,pso=PSO[psoID=PSOIdentifier[id='cn=comAdHocAEC_M0000-FSES,ou=groups,dc=univ-lille1,dc=fr',targetID=ldap,containerID=<null>]]]
2011-07-19 16:48:13,014: [main] ERROR PSP.execute(650) -  - 
BulkDiffResponse[responses=1,status=failure,error=<null>,errorMessages={},requestID=2011/07/19-16:48:12.179_Q0K9KBU7]
2011-07-19 16:48:13,014: [main] INFO  PSP.execute(747) -  - 
BulkSyncResponse[responses=0,status=success,requestID=2011/07/19-16:48:12.179_Q0K9KBU6]
2011-07-19 16:48:13,015: [main] INFO  PSPCLI.run(184) -  - End of 
ldappcng execution : 840 ms
~

It seems that BulkDiff doesn't ok with this syntax but I don't 
understand why ?

Thanks.
Brigitte

Le 15/07/2011 20:27, Tom Zeller a écrit :
> If everyone is in the same ldap ou, perhaps a script attribute
> definition will suffice, something like :
>
> ldappcng.xml :
> <attribute name="owner" ref="ownerScript" />
>
> ldappc-resolver.xml :
> <resolver:AttributeDefinition xsi:type="Script"
>    xmlns="urn:mace:shibboleth:2.0:resolver:ad"
>    id="ownerScript">
>    <resolver:Dependency ref="GroupDataConnectorAED" />
>    <Script><![CDATA[
>      
> importPackage(Packages.edu.internet2.middleware.shibboleth.common.attribute.provider);
>     // value = "dallende";
>     value = owner.getValues().get(0);
>     ownerScript = new BasicAttribute("ownerScript");
>     ownerScript.getValues().add(value + ",ou=people,dc=univ-lille1,dc=fr");
>   ]]></Script>
> </resolver:AttributeDefinition>
>
> I have not tried this. At first, I used "owner" as the name of the
> AttributeDefinition, but "owner" is also the name of a grouper
> attribute, and I thought they may collide.
>
> [1] 
> https://wiki.shibboleth.net/confluence/display/SHIB2/ResolverScriptAttributeDefinition
>
> > Hello,
> >
> > Still one question :
> >   I try to do the same format attribute with a simple attribute that contains
> > the uid of 1 person :
> > owner=dallende -->  uid=dallende,ou=people,dc=univ-lille1,dc=fr
> > "dallende" is writed manually, not via the person's search...
> >
> > I have this response :
> >
> > <ldappc:calcResponse status='failure'
> > requestID='2011/07/15-16:05:03.354_Q0FH9FRZ' error='customError'>
> > <errorMessage>Unable to resolve attribute, dependency value is not a
> > Member</errorMessage>
> > <ldappc:id ID='lille1:groupesdetravail:avancementsec:comadhocaecm0000fses'/>
> > </ldappc:calcResponse>
> >
> > I use the same syntax as for supannGroupeAdminDN or member for ldappcng but
> > probably not possible because of the nature of attribute : string ?
> > Must I use a list, even if there will be always only one person in that
> > attribute or is there another possibility ?
> >
> > in ldappcng.xml :
> > <references name="owner" emptyValue="">
> > <reference ref="owner" toObject="member" />
> > </references>
> >
> > in ldappc-resolver.xml :
> > <resolver:AttributeDefinition id="owner" xsi:type="grouper:Member"
> > sourceAttributeID="owner">
> > <resolver:Dependency ref="GroupDataConnectorAEC" />
> > <grouper:Attribute id="id" source="lille1:ldap" />
> > </resolver:AttributeDefinition>
> >
> >
> >
> > Thanks.
> > Cordialement
> > Brigitte
> >
> >
> > Le 15/07/2011 12:43, Tom Zeller a écrit :
> > > > So I can't publish in my ldap : the bulkSync take only one group : the
> > > > first
> > > > declared in my ldappcng.xml
> > > > Perhaps an option could help me ?
> > > Looking at ldappcng.xml posted in the other thread, each object should
> > > have a unique id :
> > >
> > > <object id="group2" authoritative="false">
> > >   <identifier ref="group-dn2" baseId="${groupsOU}">
> > >
> > > <object id="group" authoritative="false">
> > >    <identifier ref="group-dn" baseId="${groupsOU}">
> > >
> > > Your configuration has<object id="group" ... />    twice, which I think
> > > is the issue.
> > >
> > > If this is the case, ldappcng should throw a configuration error, and
> > > the failure to do so is a bug.
> >
> > --
> > Brigitte Wallaert-Taquet
> > Ingénieure d'études
> > Chargée d'étude
> > Espace collaboratif de Documents
> > Université Lille1
> > Sciences et Technologies


--
Brigitte Wallaert-Taquet
Ingénieure d'études
Chargée d'étude
Espace collaboratif de Documents
Université Lille1
Sciences et Technologies