Skip to Content.
Sympa Menu

grouper-users - [grouper-users] RE: I broke my PSP

Subject: Grouper Users - Open Discussion List

List archive

[grouper-users] RE: I broke my PSP

Chronological Thread 
  • From: "Bryan E. Wooten" <>
  • To: "" <>
  • Subject: [grouper-users] RE: I broke my PSP
  • Date: Wed, 19 Jun 2013 17:29:57 +0000
  • Accept-language: en-US
  • Authentication-results:; dkim=neutral (message not signed) header.i=none

I have another clue to my problem. From the error log:


2013-06-19 11:27:15,737: [main] DEBUG Pso.getPSO(222) -  - Pso 'stem' - Get pso for 'uofu:bryan10'

2013-06-19 11:27:15,737: [main] DEBUG PsoIdentifier.getPSOIdentifier(86) -  - PSO Identifier Definition 'stemDn' - Source attribute 'stemDn' does not exist


It should read like this (from an older log file):

2013-06-19 10:49:00,270: [main] DEBUG Pso.getPSO(222) -  - Pso 'stem' - Get pso for 'uofu:bryan7'

2013-06-19 10:49:00,271: [main] DEBUG PsoIdentifier.getPSOIdentifier(114) -  - PSO Identifier Definition 'stemDn' - Returned 'PSOIdentifier[id='ou=bryan7,ou=uofu,',targetID=ldap,containerID=<null>]'


I wonder why Source attribute ‘stemDn’ does not exist. I have this in my psp resolver:












    <!-- Dependencies which return a "name" attribute whose value is the stem name. -->

    <resolver:Dependency ref="StemDataConnector" />

    <resolver:Dependency ref="DeleteStemChangeLogDataConnector" />

    <resolver:Dependency ref="UpdateStemChangeLogDataConnector" />






From: [mailto:] On Behalf Of Bryan E. Wooten
Sent: Wednesday, June 19, 2013 8:29 AM
Subject: [grouper-users] I broke my PSP


Hi all,


Everything was working fine when my subject source was AD and I configured the PSP to provision the same AD.


We decided to change our subject source to LDAP (it is a superset of all subjects) but continue to provision groups and stems to AD.


I think I reconfigured my psp*.xml files correctly to reflect this. When I add a folder the PSP fails to create the OU in AD. I see the problem in the log file but I just don’t understand why the PSP is doing this for a folder creation.


This looks good:


2013-06-19 08:13:51,535: [main] INFO  PspChangeLogConsumer.processChangeLogEntry(566) -  - PSP Consumer 'psp' - Change log entry 'ChangeLogEntry[timestamp=2013-06-19 08:13:18.025,sequence=134699,category=stem,actionname=addStem,contextId=35ed403ac1a14a8597b88cd7a97fa07d,id=f3fa362e019348feb115540b5de49f06,name=uofu:bryan2,parentStemId=47fc578063fd4c4192241b3c64a2c728,displayName=University of Utah:bryan2,description=<null>]'


But then:


2013-06-19 08:13:51,606: [main] DEBUG ChangeLogDataConnector.resolve(81) -  - ChangeLog data connector 'UpdateStemChangeLogDataConnector' - Principal name 'uofu:bryan2' does not match prefix


And later:


2013-06-19 08:13:51,643: [main] DEBUG LdapDnFromGrouperNamePSOIdentifierAttributeDefinition.doResolve(197) -  - Ldap dn from grouper name attribute definition 'groupDnAlternateChangeLog' - Resolve principal 'uofu:bryan2' No dependencies

2013-06-19 08:13:51,657: [main] DEBUG -  - Search with the following parameters:

2013-06-19 08:13:51,659: [main] DEBUG -  -   dn = ou=people,

2013-06-19 08:13:51,670: [main] DEBUG -  -   filter = (& (unid=uofu:bryan2)(objectClass=person))

2013-06-19 08:13:51,671: [main] DEBUG -  -   filterArgs = []

2013-06-19 08:13:51,672: [main] DEBUG -  -   searchControls =

2013-06-19 08:13:51,674: [main] DEBUG -  -   handler = [edu.internet2.middleware.psp.ldap.QuotedDnResultHandler@37efd36, ]


Why does the PSP think a folder creation should resolve to a person? I am kind of stumped.


What have I done wrong?

Archive powered by MHonArc 2.6.16.

Top of Page