Skip to Content.
Sympa Menu

grouper-users - Re: [grouper-users] provisioning to Google Apps

Subject: Grouper Users - Open Discussion List

List archive

Re: [grouper-users] provisioning to Google Apps


Chronological Thread 
  • From: Jim Fox <>
  • To: Scott Koranda <>
  • Cc: grouper-users <>
  • Subject: Re: [grouper-users] provisioning to Google Apps
  • Date: Mon, 22 Jul 2013 15:08:53 -0700 (PDT)



Ours (UWash) is somewhat special. We have a custom change log,
and a reader of that that updates a local bunch of ldaps and
writes the activity to an ActiveMQ message bus. Another process
reads the ActiveMQ and updates Google. Other processes also read the ActiveMQ.

We will in all likehood be switching the ActiveMQ to an AWS event queue.

The advantage of the message bus is not only the possibility
of multiple receivers, but the ability to disconnect one process
(reading the change log) from the others (reading the bus).

Our Google update code is 'c'. You can use it. The guy who
does that part is out this week.

Jim



On Mon, 22 Jul 2013, Scott Koranda wrote:

Date: Mon, 22 Jul 2013 12:11:57 -0700
From: Scott Koranda
<>
To: grouper-users
<>
Subject: [grouper-users] provisioning to Google Apps

Hello,

I am working with Boston College to develop infrastructure to
enable them to provision course groups from their LDAP
directory to Google Apps. Rather than writing a once-off tool
to go directly from the directory server to Goolge Apps the
plan is to introduce Grouper to leverage the Grouper change
log as well as the ability to add enhanced management
capabilities for the course groups.

We expect to use the Grouper Loader to load the course group
memberships from the LDAP directory system of record to
Grouper.

To provision from Grouper to Google Apps we are considering
three options:

- building a custom PSP connector: Tom Zeller has reported on
the list that he has thought in some detail about the design
and started to write some code but it is not finished (and
shelved I presume).

Given that the Grouper team has recently signaled that the
PSP will not be evolved due to the lack of takeup for SPML
we think this is the least attractive path.

- building a custom Grouper change log consumer: the change
log consumer code would extend ChangeLogConsumerBase and
then leverage the Google Directory API Java client library.

If anybody has written such a change log consumer and can
share it we would be grateful to hear about it.

Given the current project scope we think this is the most
attractive path.

- building a custom Grouper change log consumer to provision
changes to a message bus/queue, and then write a custom
queue client against the Google Directory API to provision
into Google: this approach is much like the above one but
introduces the message bus/queue as a mediator rather than
provisioning into Google directly. The primary attraction of
this approach is that it provides extra flexibility to
introduce more clients later so that more that just Google
could be provisioned. The down side is introducing another
layer and making the infrastructure more complex.

Brown and the University of Washington appear to have taken
this approach. Are either able to share code?

Are there other approaches we should consider?

Any thoughts about the relative ranking of the three
approaches?

Other than the Google Apps throttling, are there other issues
people have run into and that we should consider?

Thank you in advance for any input you have.

Thanks,

Scott Koranda




Archive powered by MHonArc 2.6.16.

Top of Page