grouper-users - [grouper-users] Can't get "list of groups" to populate members
Subject: Grouper Users - Open Discussion List
List archive
- From: "Bryan E. Wooten" <>
- To: "" <>
- Subject: [grouper-users] Can't get "list of groups" to populate members
- Date: Fri, 12 Apr 2013 17:04:43 +0000
- Accept-language: en-US
- Authentication-results: sfpop-ironport03.merit.edu; dkim=neutral (message not signed) header.i=none
|
Following Part 2 of the Group loader LDAP training video I can’t get the loader to add members to the groups. I ran the following script: grouperSession = GrouperSession.startRootSession(); group = new GroupSave(grouperSession).assignName("ActiveDirectory:groupListLdapGroup").assignCreateParentStemsIfNotExist(true).save(); attributeAssign = group.getAttributeDelegate().assignAttribute(LoaderLdapUtils.grouperLoaderLdapAttributeDefName()).getAttributeAssign(); attributeAssign = group.getAttributeDelegate().retrieveAssignment(null, LoaderLdapUtils.grouperLoaderLdapAttributeDefName(), false, true); attributeAssign.getAttributeValueDelegate().assignValue(LoaderLdapUtils.grouperLoaderLdapTypeName(), "LDAP_GROUP_LIST"); attributeAssign.getAttributeValueDelegate().assignValue(LoaderLdapUtils.grouperLoaderLdapFilterName(), "(|(cn=All uNIDS)(cn=AllgNIDs)(cn=HSC Users))"); attributeAssign.getAttributeValueDelegate().assignValue(LoaderLdapUtils.grouperLoaderLdapQuartzCronName(), "0 * * * * ?"); attributeAssign.getAttributeValueDelegate().assignValue(LoaderLdapUtils.grouperLoaderLdapSearchDnName(), "ou=Security Groups,dc=testad,dc=utah,dc=edu"); attributeAssign.getAttributeValueDelegate().assignValue(LoaderLdapUtils.grouperLoaderLdapServerIdName(), "personLdap"); attributeAssign.getAttributeValueDelegate().assignValue(LoaderLdapUtils.grouperLoaderLdapSourceIdName(), "ldap"); attributeAssign.getAttributeValueDelegate().assignValue(LoaderLdapUtils.grouperLoaderLdapSubjectAttributeName(), "member"); attributeAssign.getAttributeValueDelegate().assignValue(LoaderLdapUtils.grouperLoaderLdapSubjectIdTypeName(), "subjectIdentifier"); attributeAssign.getAttributeValueDelegate().assignValue(LoaderLdapUtils.grouperLoaderLdapExtraAttributesName(), "cn"); attributeAssign.getAttributeValueDelegate().assignValue(LoaderLdapUtils.grouperLoaderLdapGroupNameExpressionName(), "groups:${groupAttributes['cn']}"); group = GroupFinder.findByName(grouperSession, "ActiveDirectory:groupListLdapGroup"); And then I ran the following: gsh 0% grouperSession = GrouperSession.startRootSession(); edu.internet2.middleware.grouper.GrouperSession: 127016ac3022414e80d76861fe49ba28,'GrouperSystem','application' gsh 1% group = GroupFinder.findByName(grouperSession,"ActiveDirectory:groupListLdapGroup"); group: name='ActiveDirectory:groupListLdapGroup' displayName='Active Directory Groups:groupListLdapGroup' uuid='7f979dfdf0614017bcf2eab0ff990ce0' gsh 2% loaderRunOneJob(group); loader ran successfully, inserted 0 memberships, deleted 0 memberships, total membership count: 0 gsh 3% exit Then using the lite UI I added the
Grouper loader LDAP subject _expression_ attribute with a value of
${loaderLdapElUtils.convertDnToSpecificValue(subjectId)}. In the grouper_error.log I see this: 2013-04-12 11:02:38,285: [main] DEBUG DefaultConnectionHandler.connectInternal(74) - - Bind with the following parameters: 2013-04-12 11:02:38,287: [main] DEBUG DefaultConnectionHandler.connectInternal(75) - - authtype = simple 2013-04-12 11:02:38,288: [main] DEBUG DefaultConnectionHandler.connectInternal(76) - - dn = cn=IDMFull,OU=Services,OU=Administration,dc=testad,dc=utah,dc=edu 2013-04-12 11:02:38,289: [main] DEBUG DefaultConnectionHandler.connectInternal(83) - - credential = <suppressed> 2013-04-12 11:02:38,302: [main] WARN AbstractLdapFactory.validate(165) - - validate called, but no validator configured 2013-04-12 11:02:38,304: [main] DEBUG AbstractLdap.search(193) - - Search with the following parameters: 2013-04-12 11:02:38,305: [main] DEBUG AbstractLdap.search(194) - - dn = ou=Security Groups,dc=testad,dc=utah,dc=edu 2013-04-12 11:02:38,306: [main] DEBUG AbstractLdap.search(195) - - filter = (|(cn=All uNIDS)(cn=AllgNIDs)(cn=HSC Users)) 2013-04-12 11:02:38,307: [main] DEBUG AbstractLdap.search(196) - - filterArgs = [] 2013-04-12 11:02:38,308: [main] DEBUG AbstractLdap.search(197) - - searchControls = javax.naming.directory.SearchControls@28d76d1e 2013-04-12 11:02:38,309: [main] DEBUG AbstractLdap.search(198) - - handler = [edu.vt.middleware.ldap.handler.FqdnSearchResultHandler@573ce184] 2013-04-12 11:02:39,280: [main] INFO EventLog.info(156) - - [127016ac3022414e80d76861fe49ba28,'GrouperSystem','application'] add stem: 'ActiveDirectory:groups' (674ms) 2013-04-12 11:02:39,532: [main] INFO EventLog.info(156) - - [127016ac3022414e80d76861fe49ba28,'GrouperSystem','application'] grant access priv: group='ActiveDirectory:groups:HSC Users' priv='view' subject='GrouperAll'/'application'/'g:isa'
(34ms) 2013-04-12 11:02:39,561: [main] INFO EventLog.info(156) - - [127016ac3022414e80d76861fe49ba28,'GrouperSystem','application'] grant access priv: group='ActiveDirectory:groups:HSC Users' priv='read' subject='GrouperAll'/'application'/'g:isa'
(27ms) 2013-04-12 11:02:39,569: [main] INFO EventLog.info(156) - - [127016ac3022414e80d76861fe49ba28,'GrouperSystem','application'] add group: 'ActiveDirectory:groups:HSC Users' (271ms) 2013-04-12 11:02:39,878: [main] INFO EventLog.info(156) - - [127016ac3022414e80d76861fe49ba28,'GrouperSystem','application'] grant access priv: group='ActiveDirectory:groups:All uNIDS' priv='view' subject='GrouperAll'/'application'/'g:isa'
(26ms) 2013-04-12 11:02:39,906: [main] INFO EventLog.info(156) - - [127016ac3022414e80d76861fe49ba28,'GrouperSystem','application'] grant access priv: group='ActiveDirectory:groups:All uNIDS' priv='read' subject='GrouperAll'/'application'/'g:isa'
(26ms) 2013-04-12 11:02:39,915: [main] INFO EventLog.info(156) - - [127016ac3022414e80d76861fe49ba28,'GrouperSystem','application'] add group: 'ActiveDirectory:groups:All uNIDS' (176ms) 2013-04-12 11:02:40,218: [main] INFO EventLog.info(156) - - [127016ac3022414e80d76861fe49ba28,'GrouperSystem','application'] grant access priv: group='ActiveDirectory:groups:AllgNIDs' priv='view' subject='GrouperAll'/'application'/'g:isa'
(22ms) 2013-04-12 11:02:40,244: [main] INFO EventLog.info(156) - - [127016ac3022414e80d76861fe49ba28,'GrouperSystem','application'] grant access priv: group='ActiveDirectory:groups:AllgNIDs' priv='read' subject='GrouperAll'/'application'/'g:isa'
(24ms) 2013-04-12 11:02:40,266: [main] INFO EventLog.info(156) - - [127016ac3022414e80d76861fe49ba28,'GrouperSystem','application'] add group: 'ActiveDirectory:groups:AllgNIDs' (193ms) The groups get added to Grouper but there is no attempt to add members. Am I missing something? Thanks, Bryan |
- [grouper-users] Can't get "list of groups" to populate members, Bryan E. Wooten, 04/12/2013
- <Possible follow-up(s)>
- RE: [grouper-users] Can't get "list of groups" to populate members, Gagné Sébastien, 04/12/2013
- RE: [grouper-users] Can't get "list of groups" to populate members, Bryan E. Wooten, 04/12/2013
- RE: [grouper-users] Can't get "list of groups" to populate members, Chris Hyzer, 04/13/2013
- RE: [grouper-users] Can't get "list of groups" to populate members, Chris Hyzer, 04/15/2013
- RE: [grouper-users] Can't get "list of groups" to populate members, Bryan E. Wooten, 04/12/2013
Archive powered by MHonArc 2.6.16.