Skip to Content.
Sympa Menu

grouper-users - Re: [grouper-users] LDAPPCNG and different LDAP for people and groups

Subject: Grouper Users - Open Discussion List

List archive

Re: [grouper-users] LDAPPCNG and different LDAP for people and groups


Chronological Thread 
  • From: Tom Zeller <>
  • To: Arnaud Deman <>
  • Cc:
  • Subject: Re: [grouper-users] LDAPPCNG and different LDAP for people and groups
  • Date: Fri, 22 Jul 2011 09:54:18 -0500

The second ldap provider needs to be added to ldappcng.xml, I believe,
I am unable to test right now.

Add

<target id="ldap-replicat" provider="ldap-provider-replicat" />

to ldappcng.xml :

<targets id="LDAP">

<target id="ldap" provider="ldap-provider" />
<target id="ldap-replicat" provider="ldap-provider-replicat" />

and please let me know.

[config files were posted privately]

On Fri, Jul 22, 2011 at 9:18 AM, Tom Zeller
<>
wrote:
> Sounds right. Could you post your sanitized config files, please,
> either on-list or privately ?
>
> On Fri, Jul 22, 2011 at 7:25 AM, Arnaud Deman
> <>
> wrote:
>> Hello,
>>
>> I am trying to use LDAPPCNG to provision the groups branch of an LDAP
>> while the people branch is in another LDAP. The people branch is read
>> only (I don't publish isMemberOf).
>>
>> Is it possible to use LDAPPCNG in this context, and if so what would be the
>> good way to configure it ?
>>
>> My first idea was to define a second ldap provider for the people branch,
>> with its own configuration
>> file in ldappc-services.xml :
>>
>> <Service id="ldap-provider-replicat" xsi:type="ldappc:LdapPoolProvider"
>> ldapPoolId="ldapPool-replicat">
>>   <ConfigurationResource file="/ldappc-ldap-replicat.xml"
>> xsi:type="resource:ClasspathResource">
>>    <ResourceFilter xsi:type="grouper:ClasspathPropertyReplacement"
>> xmlns="urn:mace:shibboleth:2.0:resource" propertyFile="/ldappc.properties"
>> />
>> </ConfigurationResource>
>>
>>
>> And then to use this provider for the SpmlDataConnector in
>> ldappc-resolver.xml :
>>
>> <resolver:DataConnector id="SpmlDataConnector"
>> provider="ldap-provider-replicat" xsi:type="ldappc:SPMLDataConnector"
>>    scope="subTree" base="${peopleOU}" returnData="identifier">
>>    <resolver:Dependency ref="MemberDataConnector" />
>>    
>> <ldappc:FilterTemplate>(supannAliasLogin=${id.get(0)})</ldappc:FilterTemplate>
>> </resolver:DataConnector>
>>
>>
>> But the LDAP Pool doesn' seem to be initialized correctly and I have this
>> exception :
>>
>> 2011-07-22 12:13:57,930: [main] WARN BlockingLdapPool .checkIn(309) -  -
>> attempt to return unknown ldap object: null
>> 2011-07-22 12:13:57,932: [main] ERROR BaseSpmlProvider .execute(95) -  -
>> Response[status=failure,error=unsupportedOperation,errorMessages={},requestID=2011/07/22-12:13:57.929_Q0O928HW]
>>
>> Thanks for your help,
>> Best regards,
>> A. Deman.
>>
>>
>>
>>
>>
>> --
>> Arnaud Deman
>> 04 91 28 85 25
>> DSI - Université Paul Cézanne Aix-Marseille III
>> Avenue Escadrille Normandie-Niemen
>> 13397 MARSEILLE CEDEX 20
>>
>>
>



Archive powered by MHonArc 2.6.16.

Top of Page