Skip to Content.
Sympa Menu

grouper-users - Re: [grouper-users] ldappcng: trouble with multiple targets

Subject: Grouper Users - Open Discussion List

List archive

Re: [grouper-users] ldappcng: trouble with multiple targets


Chronological Thread 
  • From: Tom Zeller <>
  • To: Francesco Malvezzi <>
  • Cc: "" <>
  • Subject: Re: [grouper-users] ldappcng: trouble with multiple targets
  • Date: Wed, 7 Mar 2012 16:23:11 -0600

Let me work through a multiple-target scenario and provide example
configuration files.

Do you require a 2.0.x example or would 2.1.x be satisfactory ?

TomZ

On Mon, Mar 5, 2012 at 6:50 AM, Francesco Malvezzi
<>
wrote:
> Hi all,
>
> ldappcng works fine now with single openLdap.
>
> The aim now is to provide:
> 1) the same information to two OpenLdap (identical) and
> 2) a different view to a third openLdap.
>
> For the first task, I have modified ldappcng.xml and inserted two <target>:
>
>  <targets id="LDAP">
>
>    <target id="ldap" provider="ldap-provider" />
>    <target id="ldap-secondary" provider="ldap-provider-secondary" />
> [...]
>  </targets>
> (before I defined them in ldappc-services.xml and created the relative
> properties file).
>
> Now it works correctly with either:
> bin/gsh.sh -ldappcng  -sync unimore:domains:unimore:test -targetID ldap
> or
> bin/gsh.sh -ldappcng  -sync unimore:domains:unimore:test -targetID
> ldap-secondary
>
> If I remove the -targetID switch, it tries to provision twice to first
> target (ldap), and of course it fails. Is it what is expected?
>
> For the second task, the requirement is to provision just the groups,
> not the membership information of the people (isMemberOf attribute).
>
> As soon as I edit ldappcng.xml to remove the
>  <object id="member">
>      <identifier ref="member-dn" baseId="${peopleOU}">
>        <identifyingAttribute name="objectclass" value="person" />
>      </identifier>
>      <attribute name="objectClass" ref="member-objectclass"
> retainAll="true" />
>      <attribute name="isMemberOf" ref="memberIsMemberOf" />
>    </object>
> I fall in a schema error:
> 2012-03-05 13:25:15,541: [main] ERROR BaseService.loadContext(187) -  -
> Configuration was not loaded for ldappc service, error creating
> components.  The root cause of this error was:
> org.springframework.beans.factory.NoSuchBeanDefinitionException: No bean
> named 'domain:group' is defined
>
> where domain is the targetID of the third OpenLDAP.
>
> What is the 'domain:group' bean? Is it a convention-over-configuration
> naming scheme?
>
> My next problem with this task is that this configuration in
> ldappcng.xml is not valid:
>
>  <target id="domain" provider="domain-provider" >
>
>    <object id="stem">
>      <identifier ref="stem-dn" baseId="${groupsOU}">
>        <identifyingAttribute name="objectclass"
> value="organizationalUnit" />
>      </identifier>
>      <attribute name="objectClass" ref="stem-objectclass" />
>      <attribute name="ou" ref="stem-ou" />
>      <attribute name="description" ref="stem-description" />
>    </object>
> [... other objects ...]
>
>   </target>
>
> It looks target should not enclose other definitions.
>
> Am I doing something allright wrong? Is there a better way to do that?
> My grouper version is 2.0.3.
>
> Thank you for your patience,
>
> Francesco



Archive powered by MHonArc 2.6.16.

Top of Page