grouper-users - Re: [grouper-users] RE: LDAPCNG Issues - follow up question
Subject: Grouper Users - Open Discussion List
List archive
- From: Tom Zeller <>
- To: "Klug, Lawrence" <>
- Cc: Grouper Users Mailing List <>
- Subject: Re: [grouper-users] RE: LDAPCNG Issues - follow up question
- Date: Thu, 17 Nov 2011 10:50:25 -0700
Could you post your sanitized configuration files to a wiki ? So we
can track edits ? And restrict readability to InCommon, but
editability to me (yeah right) ? A rather low-end change management
process, indeed.
On Thu, Nov 17, 2011 at 8:50 AM, Klug, Lawrence
<>
wrote:
> Tom,
>
> Thanks for keeping in touch while you were away. I have another question
> about the operation of ldapcng. We implemented the uclaMember objectClass
> and it seems to be working okay. However, it looks like the only attribute
> being populated for each member is the uclappid attribute. My question:
> how/where do we configure additional member attributes so they are
> populated during sync? When we were using eduMember objectClass there
> were more attributes.
>
> Thanks,
>
> Lawrence
>
>
>
> -----Original Message-----
> From:
>
>
> [mailto:]
> On Behalf Of Tom Zeller
> Sent: Wednesday, November 16, 2011 10:04 AM
> To: Klug, Lawrence
> Cc: Grouper Users Mailing List
> Subject: Re: [grouper-users] RE: LDAPCNG Issues - follow up question
>
> Great.
>
> Just a comment to any folks following the list wondering about support
> turnaround : I contacted Lawrence directly off-list and let him know that
> my responses would be delayed, and hopefully in doing so, made myself
> available if the issue was critical.
>
> TomZ
>
> On Mon, Nov 14, 2011 at 11:17 AM, Klug, Lawrence
> <>
> wrote:
>> Tom,
>>
>> I believe the issue is resolved. I had to modify the file where the
>> uclaMemeber objectClass attributes are defined: ldappcng.xml
>>
>> bulkSync is working now. I've got to document this for the UCLA team.
>>
>> Thanks,
>>
>> Lawrence
>>
>> -----Original Message-----
>> From:
>>
>> [mailto:]
>> On Behalf Of Klug,
>> Lawrence
>> Sent: Monday, November 14, 2011 8:23 AM
>> To: Tom Zeller
>> Cc: Grouper Users Mailing List
>> Subject: RE: [grouper-users] RE: LDAPCNG Issues - follow up question
>>
>> Tom,
>>
>> Here is a snippet from running "bulkCalc" using the new configuration.
>> The uclaMember objectClass is being picked up, but the attribute
>> isMemberOf should now be uclaIsMemberOf . How can I fix this issue?
>>
>> Thanks,
>>
>> Lawrence
>>
>> -ldappcng -logSpml -printRequests -sync
>>
>> <ldappc:calcResponse status='success'
>> requestID='2011/11/14-08:15:00.357_Q49YMIXY'>
>> <ldappc:id
>> ID='urn:mace:ucla.edu:ppid:person:C4196E1230C9452191D7E416FC4BD9F3'/>
>> <ldappc:pso entityName='member'>
>> <psoID
>> ID='uclappid=urn:mace:ucla.edu:ppid:person:C4196E1230C9452191D7E416FC4
>> BD9F3,ou=people,dc=edtest,dc=ucla,dc=edu' targetID='ldap'/>
>> <data>
>> <dsml:attr xmlns:dsml='urn:oasis:names:tc:DSML:2:0:core'
>> name='objectClass'>
>> <dsml:value>uclaMember</dsml:value>
>> </dsml:attr>
>> <dsml:attr xmlns:dsml='urn:oasis:names:tc:DSML:2:0:core'
>> name='isMemberOf'>
>> <dsml:value>etc:sysadmingroup</dsml:value>
>> <dsml:value>test:testGroup</dsml:value>
>> </dsml:attr>
>> </data>
>> </ldappc:pso>
>> </ldappc:calcResponse>
>> </ldappc:bulkCalcResponse>
>>
>>
>>
>> -----Original Message-----
>> From:
>>
>> [mailto:]
>> On Behalf Of Klug,
>> Lawrence
>> Sent: Monday, November 14, 2011 7:48 AM
>> To: Tom Zeller
>> Cc: Grouper Users Mailing List
>> Subject: RE: [grouper-users] RE: LDAPCNG Issues - follow up question
>>
>> I'm implementing the "uclaMember" objectClass. It's a bit confusing, so
>> I want to confirm with you.
>>
>> In ldappc-resolver I made these changes:
>>
>> Change this:
>>
>> <resolver:DataConnector id="StaticDataConnector" xsi:type="dc:Static">
>> <dc:Attribute id="group-objectclass">
>> <dc:Value>top</dc:Value>
>> <dc:Value>${groupObjectClass}</dc:Value>
>> </dc:Attribute>
>> <dc:Attribute id="group-objectclass-eduMember">
>> <dc:Value>top</dc:Value>
>> <dc:Value>${groupObjectClass}</dc:Value>
>> <dc:Value>eduMember</dc:Value>
>> </dc:Attribute>
>> <dc:Attribute id="stem-objectclass">
>> <dc:Value>top</dc:Value>
>> <dc:Value>organizationalUnit</dc:Value>
>> </dc:Attribute>
>> <dc:Attribute id="member-objectclass">
>> <dc:Value>eduMember</dc:Value>
>> </dc:Attribute>
>> </resolver:DataConnector>
>>
>> To This:
>>
>> <resolver:DataConnector id="StaticDataConnector"
>> xsi:type="dc:Static">
>> <dc:Attribute id="group-objectclass">
>> <dc:Value>top</dc:Value>
>> <dc:Value>${groupObjectClass}</dc:Value>
>> </dc:Attribute>
>> <dc:Attribute id="group-objectclass-uclaMember">
>> <dc:Value>top</dc:Value>
>> <dc:Value>${groupObjectClass}</dc:Value>
>> <dc:Value>uclaMember</dc:Value>
>> </dc:Attribute>
>> <dc:Attribute id="stem-objectclass">
>> <dc:Value>top</dc:Value>
>> <dc:Value>organizationalUnit</dc:Value>
>> </dc:Attribute>
>> <dc:Attribute id="member-objectclass">
>> <dc:Value>uclaMember</dc:Value>
>> </dc:Attribute>
>> </resolver:DataConnector>
>>
>> Change this:
>>
>> <resolver:AttributeDefinition id="group-objectclass-eduMember"
>> xsi:type="ad:Simple">
>> <resolver:Dependency ref="StaticDataConnector" />
>> </resolver:AttributeDefinition>
>>
>> To This:
>>
>> <resolver:AttributeDefinition id="group-objectclass-uclaMember"
>> xsi:type="ad:Simple">
>> <resolver:Dependency ref="StaticDataConnector" />
>> </resolver:AttributeDefinition>
>>
>> Change this:
>>
>> <resolver:AttributeDefinition id="hasMember"
>> xsi:type="grouper:Member" sourceAttributeID="members">
>> <resolver:Dependency ref="GroupDataConnector" />
>> <grouper:Attribute id="name" source="ldap" />
>> <grouper:Attribute id="name" source="g:gsa" />
>> </resolver:AttributeDefinition>
>>
>> To This:
>>
>> <resolver:AttributeDefinition id="uclaHasMember"
>> xsi:type="grouper:Member" sourceAttributeID="members">
>> <resolver:Dependency ref="GroupDataConnector" />
>> <grouper:Attribute id="name" source="ldap" />
>> <grouper:Attribute id="name" source="g:gsa" />
>> </resolver:AttributeDefinition>
>>
>> Question: Should this block be changed (isMemberOf => uclaIsMemberOf )?
>>
>> <resolver:AttributeDefinition id="groupIsMemberOf"
>> xsi:type="grouper:Group" sourceAttributeID="groups">
>> <resolver:Dependency ref="GroupDataConnector" />
>> <grouper:Attribute id="name" />
>> </resolver:AttributeDefinition>
>>
>> Thanks,
>>
>> Lawrence
>>
>
- RE: [grouper-users] RE: LDAPCNG Issues - follow up question, (continued)
- RE: [grouper-users] RE: LDAPCNG Issues - follow up question, Ma, Ying, 11/10/2011
- Re: [grouper-users] RE: LDAPCNG Issues - follow up question, Tom Zeller, 11/10/2011
- RE: [grouper-users] RE: LDAPCNG Issues - follow up question, Klug, Lawrence, 11/10/2011
- Re: [grouper-users] RE: LDAPCNG Issues - follow up question, Tom Zeller, 11/10/2011
- RE: [grouper-users] RE: LDAPCNG Issues - follow up question, Klug, Lawrence, 11/10/2011
- RE: [grouper-users] RE: LDAPCNG Issues - follow up question, Klug, Lawrence, 11/14/2011
- RE: [grouper-users] RE: LDAPCNG Issues - follow up question, Klug, Lawrence, 11/14/2011
- RE: [grouper-users] RE: LDAPCNG Issues - follow up question, Klug, Lawrence, 11/14/2011
- Re: [grouper-users] RE: LDAPCNG Issues - follow up question, Tom Zeller, 11/16/2011
- RE: [grouper-users] RE: LDAPCNG Issues - follow up question, Klug, Lawrence, 11/17/2011
- Re: [grouper-users] RE: LDAPCNG Issues - follow up question, Tom Zeller, 11/17/2011
- RE: [grouper-users] RE: LDAPCNG Issues - follow up question, Klug, Lawrence, 11/10/2011
- Re: [grouper-users] RE: LDAPCNG Issues - follow up question, Tom Zeller, 11/10/2011
- RE: [grouper-users] RE: LDAPCNG Issues - follow up question, Ma, Ying, 11/10/2011
Archive powered by MHonArc 2.6.16.