grouper-users - Re: [grouper-users] PSP - subject source different from provisioning target, but same AD
Subject: Grouper Users - Open Discussion List
List archive
Re: [grouper-users] PSP - subject source different from provisioning target, but same AD
Chronological Thread
- From: Holger Dippel <>
- To: Tom Zeller <>
- Cc: grouper-users <>
- Subject: Re: [grouper-users] PSP - subject source different from provisioning target, but same AD
- Date: Mon, 9 Jul 2012 16:31:46 -0400 (EDT)
Tom,
Yes, I've just ported forward the ldappc-ldap.xml from 2.0.3 and lined it up with my new ldap.properties and the psp-vt-lap-1.xml from the 2.1.1 example.
Now I got it working except what looks like an attribute mapping I need to fix. Currently, it creates the test groups & memberships just to delete them right at the end of a bulkSync.
Thank you for your help and feedback.
Holger
Yes, I've just ported forward the ldappc-ldap.xml from 2.0.3 and lined it up with my new ldap.properties and the psp-vt-lap-1.xml from the 2.1.1 example.
Now I got it working except what looks like an attribute mapping I need to fix. Currently, it creates the test groups & memberships just to delete them right at the end of a bulkSync.
Thank you for your help and feedback.
Holger
Holger Dippel
Director of IT Development and Integration
University of Massachusetts Dartmouth
285 Old Westport Road • North Dartmouth, MA 02747
Director of IT Development and Integration
University of Massachusetts Dartmouth
285 Old Westport Road • North Dartmouth, MA 02747
508-999-9181 •
http://www.umassd.edu/CITS will never ask you for your password or other confidential information via email. Beware of phishing scams where email and/or malicious web sites try to trick users into entering their username and password.
For more information about password security please visit: http://www.umassd.edu/cits/security/
From: "Tom Zeller" <>
To: "Holger Dippel" <>
Cc: "grouper-users" <>
Sent: Monday, July 9, 2012 4:19:34 PM
Subject: Re: [grouper-users] PSP - subject source different from provisioning target, but same AD
To: "Holger Dippel" <>
Cc: "grouper-users" <>
Sent: Monday, July 9, 2012 4:19:34 PM
Subject: Re: [grouper-users] PSP - subject source different from provisioning target, but same AD
Look at 2.0.0 or earlier for the separate source and target ldsp connection thing. Unifying was a fix to a Koranda bug.
Vt-ldsp provides addtl options that sources.xml does not via ldsp.properties.
s/ldsp/ldap
On Jul 9, 2012, at 2:25 PM, Holger Dippel <> wrote:
On Jul 9, 2012, at 2:25 PM, Holger Dippel <> wrote:
Tom. Thank you. I am looking at the multiple OpenLDAP targets example on how to use the Spring config. I guess this would be the only way to accomplish a target different from sources.xml
If it's using the sources.xml -- which would be fine if our AD would be structured differently -- then why is there at all the need for a ldap.properties? Why couldn't it consume the ldap settings from sources.xml for everything?
HolgerHolger Dippel
Director of IT Development and Integration
University of Massachusetts Dartmouth
285 Old Westport Road • North Dartmouth, MA 02747508-999-9181 •
http://www.umassd.edu/CITS will never ask you for your password or other confidential information via email. Beware of phishing scams where email and/or malicious web sites try to trick users into entering their username and password.
For more information about password security please visit: http://www.umassd.edu/cits/security/From: "Tom Zeller" <>
To: "Holger Dippel" <>
Cc: "grouper-users" <>
Sent: Monday, July 9, 2012 3:10:42 PM
Subject: Re: [grouper-users] PSP - subject source different from provisioning target, but same ADTake a look at the comment near the ldap target in psp-services.xml.If you need more, please reply.TomZ
On Jul 9, 2012, at 11:03 AM, Holger Dippel <> wrote:In Grouper version 2.0.3 with ldappcng I managed to have the subject source using the AD global catalog port 3268, and ldappcng the local domain port 389. This worked fine.
Since our AD currently has multiple OUs for persons I need to set the people OU to the domain root and use the GC port to avoid continuation reference errors.
In Grouper 2.1.1 with PSP, I tried a similar configuration by putting the local domain port in the ldap.properties file, and leaving the GC port in the sources.xml thinking it would work the same as in ldappcng. I got a bulkCalc to generate meaningful output of what should happen, but when running a bulkSync, it tells me in the delete response that this operation is not allow on the GC port. This means that the subject source is no longer separated from the ldap.properties provisioning target. The documentation indicates connection pooling so I guess this outcome makes sense.
Can I still achieve the desired separation of source and target with PSP?
Thank you,
HolgerHolger Dippel
Director of IT Development and Integration
University of Massachusetts Dartmouth
285 Old Westport Road • North Dartmouth, MA 02747508-999-9181 •
http://www.umassd.edu/CITS will never ask you for your password or other confidential information via email. Beware of phishing scams where email and/or malicious web sites try to trick users into entering their username and password.
For more information about password security please visit: http://www.umassd.edu/cits/security/
- [grouper-users] PSP - subject source different from provisioning target, but same AD, Holger Dippel, 07/09/2012
- Re: [grouper-users] PSP - subject source different from provisioning target, but same AD, Tom Zeller, 07/09/2012
- Re: [grouper-users] PSP - subject source different from provisioning target, but same AD, Holger Dippel, 07/09/2012
- Re: [grouper-users] PSP - subject source different from provisioning target, but same AD, Tom Zeller, 07/09/2012
- Re: [grouper-users] PSP - subject source different from provisioning target, but same AD, Holger Dippel, 07/09/2012
- Re: [grouper-users] PSP - subject source different from provisioning target, but same AD, Tom Zeller, 07/09/2012
- Re: [grouper-users] PSP - subject source different from provisioning target, but same AD, Holger Dippel, 07/09/2012
- Re: [grouper-users] PSP - subject source different from provisioning target, but same AD, Tom Zeller, 07/09/2012
Archive powered by MHonArc 2.6.16.