grouper-users - [grouper-users] PSP - subject source different from provisioning target, but same AD
Subject: Grouper Users - Open Discussion List
List archive
[grouper-users] PSP - subject source different from provisioning target, but same AD
Chronological Thread
- From: Holger Dippel <>
- To: grouper-users <>
- Subject: [grouper-users] PSP - subject source different from provisioning target, but same AD
- Date: Mon, 9 Jul 2012 12:03:12 -0400 (EDT)
In Grouper version 2.0.3 with ldappcng I managed to have the subject source using the AD global catalog port 3268, and ldappcng the local domain port 389. This worked fine.
Since our AD currently has multiple OUs for persons I need to set the people OU to the domain root and use the GC port to avoid continuation reference errors.
In Grouper 2.1.1 with PSP, I tried a similar configuration by putting the local domain port in the ldap.properties file, and leaving the GC port in the sources.xml thinking it would work the same as in ldappcng. I got a bulkCalc to generate meaningful output of what should happen, but when running a bulkSync, it tells me in the delete response that this operation is not allow on the GC port. This means that the subject source is no longer separated from the ldap.properties provisioning target. The documentation indicates connection pooling so I guess this outcome makes sense.
Can I still achieve the desired separation of source and target with PSP?
Thank you,
Holger
Since our AD currently has multiple OUs for persons I need to set the people OU to the domain root and use the GC port to avoid continuation reference errors.
In Grouper 2.1.1 with PSP, I tried a similar configuration by putting the local domain port in the ldap.properties file, and leaving the GC port in the sources.xml thinking it would work the same as in ldappcng. I got a bulkCalc to generate meaningful output of what should happen, but when running a bulkSync, it tells me in the delete response that this operation is not allow on the GC port. This means that the subject source is no longer separated from the ldap.properties provisioning target. The documentation indicates connection pooling so I guess this outcome makes sense.
Can I still achieve the desired separation of source and target with PSP?
Thank you,
Holger
Holger Dippel
Director of IT Development and Integration
University of Massachusetts Dartmouth
285 Old Westport Road • North Dartmouth, MA 02747
Director of IT Development and Integration
University of Massachusetts Dartmouth
285 Old Westport Road • North Dartmouth, MA 02747
508-999-9181 •
http://www.umassd.edu/CITS will never ask you for your password or other confidential information via email. Beware of phishing scams where email and/or malicious web sites try to trick users into entering their username and password.
For more information about password security please visit: http://www.umassd.edu/cits/security/
- [grouper-users] PSP - subject source different from provisioning target, but same AD, Holger Dippel, 07/09/2012
- Re: [grouper-users] PSP - subject source different from provisioning target, but same AD, Tom Zeller, 07/09/2012
- Re: [grouper-users] PSP - subject source different from provisioning target, but same AD, Holger Dippel, 07/09/2012
- Re: [grouper-users] PSP - subject source different from provisioning target, but same AD, Tom Zeller, 07/09/2012
- Re: [grouper-users] PSP - subject source different from provisioning target, but same AD, Holger Dippel, 07/09/2012
- Re: [grouper-users] PSP - subject source different from provisioning target, but same AD, Tom Zeller, 07/09/2012
- Re: [grouper-users] PSP - subject source different from provisioning target, but same AD, Holger Dippel, 07/09/2012
- Re: [grouper-users] PSP - subject source different from provisioning target, but same AD, Tom Zeller, 07/09/2012
Archive powered by MHonArc 2.6.16.