Skip to Content.
Sympa Menu

grouper-users - Re: [grouper-users] LDAPPCNG and different LDAP for people and groups

Subject: Grouper Users - Open Discussion List

List archive

Re: [grouper-users] LDAPPCNG and different LDAP for people and groups


Chronological Thread 
  • From: Tom Zeller <>
  • To: Arnaud Deman <>
  • Cc:
  • Subject: Re: [grouper-users] LDAPPCNG and different LDAP for people and groups
  • Date: Fri, 22 Jul 2011 09:18:25 -0500

Sounds right. Could you post your sanitized config files, please,
either on-list or privately ?

On Fri, Jul 22, 2011 at 7:25 AM, Arnaud Deman
<>
wrote:
> Hello,
>
> I am trying to use LDAPPCNG to provision the groups branch of an LDAP
> while the people branch is in another LDAP. The people branch is read
> only (I don't publish isMemberOf).
>
> Is it possible to use LDAPPCNG in this context, and if so what would be the
> good way to configure it ?
>
> My first idea was to define a second ldap provider for the people branch,
> with its own configuration
> file in ldappc-services.xml :
>
> <Service id="ldap-provider-replicat" xsi:type="ldappc:LdapPoolProvider"
> ldapPoolId="ldapPool-replicat">
>   <ConfigurationResource file="/ldappc-ldap-replicat.xml"
> xsi:type="resource:ClasspathResource">
>    <ResourceFilter xsi:type="grouper:ClasspathPropertyReplacement"
> xmlns="urn:mace:shibboleth:2.0:resource" propertyFile="/ldappc.properties"
> />
> </ConfigurationResource>
>
>
> And then to use this provider for the SpmlDataConnector in
> ldappc-resolver.xml :
>
> <resolver:DataConnector id="SpmlDataConnector"
> provider="ldap-provider-replicat" xsi:type="ldappc:SPMLDataConnector"
>    scope="subTree" base="${peopleOU}" returnData="identifier">
>    <resolver:Dependency ref="MemberDataConnector" />
>    
> <ldappc:FilterTemplate>(supannAliasLogin=${id.get(0)})</ldappc:FilterTemplate>
> </resolver:DataConnector>
>
>
> But the LDAP Pool doesn' seem to be initialized correctly and I have this
> exception :
>
> 2011-07-22 12:13:57,930: [main] WARN BlockingLdapPool .checkIn(309) -  -
> attempt to return unknown ldap object: null
> 2011-07-22 12:13:57,932: [main] ERROR BaseSpmlProvider .execute(95) -  -
> Response[status=failure,error=unsupportedOperation,errorMessages={},requestID=2011/07/22-12:13:57.929_Q0O928HW]
>
> Thanks for your help,
> Best regards,
> A. Deman.
>
>
>
>
>
> --
> Arnaud Deman
> 04 91 28 85 25
> DSI - Université Paul Cézanne Aix-Marseille III
> Avenue Escadrille Normandie-Niemen
> 13397 MARSEILLE CEDEX 20
>
>



Archive powered by MHonArc 2.6.16.

Top of Page