grouper-users - Re: [grouper-users] ldappcng: trouble with multiple targets
Subject: Grouper Users - Open Discussion List
List archive
- From: Tom Zeller <>
- To: Francesco Malvezzi <>
- Cc: "" <>
- Subject: Re: [grouper-users] ldappcng: trouble with multiple targets
- Date: Wed, 7 Mar 2012 16:23:11 -0600
Let me work through a multiple-target scenario and provide example
configuration files.
Do you require a 2.0.x example or would 2.1.x be satisfactory ?
TomZ
On Mon, Mar 5, 2012 at 6:50 AM, Francesco Malvezzi
<>
wrote:
> Hi all,
>
> ldappcng works fine now with single openLdap.
>
> The aim now is to provide:
> 1) the same information to two OpenLdap (identical) and
> 2) a different view to a third openLdap.
>
> For the first task, I have modified ldappcng.xml and inserted two <target>:
>
> <targets id="LDAP">
>
> <target id="ldap" provider="ldap-provider" />
> <target id="ldap-secondary" provider="ldap-provider-secondary" />
> [...]
> </targets>
> (before I defined them in ldappc-services.xml and created the relative
> properties file).
>
> Now it works correctly with either:
> bin/gsh.sh -ldappcng -sync unimore:domains:unimore:test -targetID ldap
> or
> bin/gsh.sh -ldappcng -sync unimore:domains:unimore:test -targetID
> ldap-secondary
>
> If I remove the -targetID switch, it tries to provision twice to first
> target (ldap), and of course it fails. Is it what is expected?
>
> For the second task, the requirement is to provision just the groups,
> not the membership information of the people (isMemberOf attribute).
>
> As soon as I edit ldappcng.xml to remove the
> <object id="member">
> <identifier ref="member-dn" baseId="${peopleOU}">
> <identifyingAttribute name="objectclass" value="person" />
> </identifier>
> <attribute name="objectClass" ref="member-objectclass"
> retainAll="true" />
> <attribute name="isMemberOf" ref="memberIsMemberOf" />
> </object>
> I fall in a schema error:
> 2012-03-05 13:25:15,541: [main] ERROR BaseService.loadContext(187) - -
> Configuration was not loaded for ldappc service, error creating
> components. The root cause of this error was:
> org.springframework.beans.factory.NoSuchBeanDefinitionException: No bean
> named 'domain:group' is defined
>
> where domain is the targetID of the third OpenLDAP.
>
> What is the 'domain:group' bean? Is it a convention-over-configuration
> naming scheme?
>
> My next problem with this task is that this configuration in
> ldappcng.xml is not valid:
>
> <target id="domain" provider="domain-provider" >
>
> <object id="stem">
> <identifier ref="stem-dn" baseId="${groupsOU}">
> <identifyingAttribute name="objectclass"
> value="organizationalUnit" />
> </identifier>
> <attribute name="objectClass" ref="stem-objectclass" />
> <attribute name="ou" ref="stem-ou" />
> <attribute name="description" ref="stem-description" />
> </object>
> [... other objects ...]
>
> </target>
>
> It looks target should not enclose other definitions.
>
> Am I doing something allright wrong? Is there a better way to do that?
> My grouper version is 2.0.3.
>
> Thank you for your patience,
>
> Francesco
- [grouper-users] ldappcng: trouble with multiple targets, Francesco Malvezzi, 03/05/2012
- Re: [grouper-users] ldappcng: trouble with multiple targets, Tom Zeller, 03/07/2012
- Re: [grouper-users] ldappcng: trouble with multiple targets, Tom Zeller, 03/08/2012
- Re: [grouper-users] ldappcng: trouble with multiple targets, Francesco Malvezzi, 03/12/2012
- Re: [grouper-users] ldappcng: trouble with multiple targets, Tom Zeller, 03/12/2012
- Re: [grouper-users] ldappcng: trouble with multiple targets, Francesco Malvezzi, 03/12/2012
Archive powered by MHonArc 2.6.16.