Grouper Users - Open Discussion List

["Bryan E. Wooten" <>]

I have another clue to my problem. From the error log:

 

2013-06-19 11:27:15,737: [main] DEBUG Pso.getPSO(222) -  - Pso 'stem' - Get pso for 'uofu:bryan10'

2013-06-19 11:27:15,737: [main] DEBUG PsoIdentifier.getPSOIdentifier(86) -  - PSO Identifier Definition 'stemDn' - Source attribute 'stemDn' does not exist

 

It should read like this (from an older log file):

2013-06-19 10:49:00,270: [main] DEBUG Pso.getPSO(222) -  - Pso 'stem' - Get pso for 'uofu:bryan7'

2013-06-19 10:49:00,271: [main] DEBUG PsoIdentifier.getPSOIdentifier(114) -  - PSO Identifier Definition 'stemDn' - Returned 'PSOIdentifier[id='ou=bryan7,ou=uofu,o=utah.edu',targetID=ldap,containerID=<null>]'

 

I wonder why Source attribute ‘stemDn’ does not exist. I have this in my psp resolver:

 

<resolver:AttributeDefinition

    id="stemDn"

    xsi:type="psp-grouper-ldap:LdapDnFromGrouperNamePSOIdentifier"

    structure="bushy"

    sourceAttributeID="name"

    rdnAttributeName="OU"

    stemRdnAttributeName="OU"

   

    baseDn="OU=groups,OU=grouper,DC=testad,DC=utah,DC=edu"

    baseStem="${edu.internet2.middleware.psp.baseStem}">

    <!-- Dependencies which return a "name" attribute whose value is the stem name. -->

    <resolver:Dependency ref="StemDataConnector" />

    <resolver:Dependency ref="DeleteStemChangeLogDataConnector" />

    <resolver:Dependency ref="UpdateStemChangeLogDataConnector" />

  </resolver:AttributeDefinition>

 

 

-Bryan

 

From: [mailto:] On Behalf Of Bryan E. Wooten
Sent: Wednesday, June 19, 2013 8:29 AM
To:
Subject: [grouper-users] I broke my PSP

 

Hi all,

 

Everything was working fine when my subject source was AD and I configured the PSP to provision the same AD.

 

We decided to change our subject source to LDAP (it is a superset of all subjects) but continue to provision groups and stems to AD.

 

I think I reconfigured my psp*.xml files correctly to reflect this. When I add a folder the PSP fails to create the OU in AD. I see the problem in the log file but I just don’t understand why the PSP is doing this for a folder creation.

 

This looks good:

 

2013-06-19 08:13:51,535: [main] INFO  PspChangeLogConsumer.processChangeLogEntry(566) -  - PSP Consumer 'psp' - Change log entry 'ChangeLogEntry[timestamp=2013-06-19 08:13:18.025,sequence=134699,category=stem,actionname=addStem,contextId=35ed403ac1a14a8597b88cd7a97fa07d,id=f3fa362e019348feb115540b5de49f06,name=uofu:bryan2,parentStemId=47fc578063fd4c4192241b3c64a2c728,displayName=University of Utah:bryan2,description=<null>]'

 

But then:

 

2013-06-19 08:13:51,606: [main] DEBUG ChangeLogDataConnector.resolve(81) -  - ChangeLog data connector 'UpdateStemChangeLogDataConnector' - Principal name 'uofu:bryan2' does not match prefix

 

And later:

 

2013-06-19 08:13:51,643: [main] DEBUG LdapDnFromGrouperNamePSOIdentifierAttributeDefinition.doResolve(197) -  - Ldap dn from grouper name attribute definition 'groupDnAlternateChangeLog' - Resolve principal 'uofu:bryan2' No dependencies

2013-06-19 08:13:51,657: [main] DEBUG AbstractLdap.search(193) -  - Search with the following parameters:

2013-06-19 08:13:51,659: [main] DEBUG AbstractLdap.search(194) -  -   dn = ou=people,o=utah.edu

2013-06-19 08:13:51,670: [main] DEBUG AbstractLdap.search(195) -  -   filter = (& (unid=uofu:bryan2)(objectClass=person))

2013-06-19 08:13:51,671: [main] DEBUG AbstractLdap.search(196) -  -   filterArgs = []

2013-06-19 08:13:51,672: [main] DEBUG AbstractLdap.search(197) -  -   searchControls =

2013-06-19 08:13:51,674: [main] DEBUG AbstractLdap.search(198) -  -   handler = [edu.internet2.middleware.psp.ldap.QuotedDnResultHandler@37efd36, ]

 

Why does the PSP think a folder creation should resolve to a person? I am kind of stumped.

 

What have I done wrong?