Grouper Users - Open Discussion List

["Bryan E. Wooten" <>]

I am still trying to get PSP to provision Grouper from LDAP groups. I think I 
have all the psp*.xml files and ldap.properties configured correctly.  I am 
using OpenDJ so I had to change all the object for ldap from "groupofnames" 
to "groupofuniquenames".

I am not sure I am passing the parameters to gsh.sh -psp -calc edu:group 
correctly.

When I look at my openDJ access file I see a few things that I don't quite 
understand.

For example I see this request several times and don't understand why this 
request is being made or where "grouperTestSubjectByIdOnStartupASDFGHJ" comes 
from.

[06/Jan/2013:04:50:01 -0700] SEARCH REQ conn=258 op=1 msgID=2 
base="ou=people,o=utah.edu" scope=wholeSubtree 
filter="(&(unid=grouperTestSubjectByIdOnStartupASDFGHJ)(objectclass=inetOrgPerson))"
 attrs="cn,unid,displayName,sn,uid,mail"

When the PSP does a group search I see this:

[06/Jan/2013:04:50:01 -0700] SEARCH REQ conn=262 op=1 msgID=2 
base="ou=groups,o=utah.edu" scope=wholeSubtree 
filter="(&(entryDN=cn=ps_access)(objectclass=groupOfUniqueNames))" attrs="ALL"

This returns no results:

[06/Jan/2013:04:50:01 -0700] SEARCH RES conn=262 op=1 msgID=2 result=0 
nentries=0 etime=0
[06/Jan/2013:04:50:01 -0700] UNBIND REQ conn=262 op=2 msgID=3

I can't seem to find a combination that returns any results.

The "entryDN=cn=psaccess" is directly affected by the gsh.sh command line.

Our group DNs look like this: cn=someGroup,our=groups,o=edu.utah

My ldap.properties has the following settings:

# The base DN for groups.
edu.internet2.middleware.psp.groupsBaseDn=ou=groups,o=utah.edu

edu.internet2.middleware.psp.groupObjectClass=groupOfUniqueNames

# The base Grouper stem to be provisioned.
edu.internet2.middleware.psp.baseStem=

Sorry this is not more clear stated, but can anyone see what I am doing wrong?

Thanks,

Bryan