Skip to Content.
Sympa Menu

grouper-users - [grouper-users] PSP Provision LDAP and AD Group members

Subject: Grouper Users - Open Discussion List

List archive

[grouper-users] PSP Provision LDAP and AD Group members

Chronological Thread 
  • From: "Bryan E. Wooten" <>
  • To: "" <>
  • Subject: [grouper-users] PSP Provision LDAP and AD Group members
  • Date: Thu, 21 Mar 2013 20:14:42 +0000
  • Accept-language: en-US
  • Authentication-results:; dkim=neutral (message not signed) header.i=none

I finally decided to download the source and really dig into why I can’t make this work.


The symptom is this line from the log file:


2013-03-21 13:32:08,943: [main] DEBUG LdapSpmlTarget.execute(596) -  - Target 'ad' - Searching 'SearchRequestWithQueryClauseNamespaces[query=Query[hasReference=HasReference[toPsoID=PSOIdentifier[id='unid=u0105078,ou=people,o',targetID=ldap,containerID=<null>],typeOfReference=member],basePsoID=PSOIdentifier[id='CN=g1id,OU=UofU2id,ou=groups,ou=grouper,dc=testad,dc=utah,dc=edu',targetID=ad,containerID=<null>],scope=pso,targetID=ad],return



The PSOIdentifier is valid for the LDAP target and not the AD target. From experimentation I know this comes from the sources.xml file. My sources.xml has two entries on named “ldap” and the other named “ad”.


So looking at the code I see this (, 2.1.3 tag):


/** {@inheritDoc} */

    public void execute(SearchRequest searchRequest, SearchResponse searchResponse) {


        // query

        Query query = searchRequest.getQuery();


        // query filter

        // TODO support QueryClause other than our own

        String filter = null;

        for (QueryClause queryClause : query.getQueryClauses()) {

            if (queryClause instanceof HasReference) {

                HasReference hasReference = (HasReference) queryClause;

                if (hasReference.getTypeOfReference() != null && hasReference.getToPsoID() != null

                        && hasReference.getToPsoID().getID() != null) {

                    filter = "(" + hasReference.getTypeOfReference() + "=" + hasReference.getToPsoID().getID() + ")";

                    // TODO what do we do with hasReference.getReferenceData(); ?


The  comments (// TODO support QueryClause other than our own) lead me to believe that what I am trying to do is just not possible because the code never looks at my “ad” section in sources.xml:


<source adapterClass="edu.internet2.middleware.subject.provider.LdapSourceAdapter">




Can someone confirm this?







Archive powered by MHonArc 2.6.16.

Top of Page