Skip to Content.
Sympa Menu

grouper-users - [grouper-users] One Last Hurdle using the PSP to provision both AD and LDAP

Subject: Grouper Users - Open Discussion List

List archive

[grouper-users] One Last Hurdle using the PSP to provision both AD and LDAP


Chronological Thread 
  • From: "Bryan E. Wooten" <>
  • To: "" <>
  • Subject: [grouper-users] One Last Hurdle using the PSP to provision both AD and LDAP
  • Date: Tue, 23 Jul 2013 15:25:23 +0000
  • Accept-language: en-US

I can now provision Grouper stems and groups to both AD and LDAP.

 

But I can’t add members to the groups.

 

This the error:

 

2013-07-23 08:53:07,263: [main] DEBUG LdapSpmlTarget.execute(595) -  - Target 'openDJ' - Search will return attributes '[objectclass, objectClass]'

2013-07-23 08:53:07,265: [main] DEBUG LdapSpmlTarget.execute(596) -  - Target 'openDJ' - Searching 'SearchRequestWithQueryClauseNamespaces[query=Query[hasReference=HasReference[toPsoID=PSOIdentifier[id='unid=u0000859,ou=people,o=utah.edu',targetID=openDJ,containerID=<null>],typeOfReference=member],basePsoID=PSOIdentifier[id='cn=group9,ou=uofu,OU=grouper,DC=testad,DC=utah,DC=edu',targetID=openDJ,containerID=<null>],scope=pso,targetID=openDJ],returnData=identifier,maxSelect=0,requestID=2013/07/23-08:53:07.252]'

2013-07-23 08:53:07,272: [main] DEBUG AbstractLdap.search(193) -  - Search with the following parameters:

2013-07-23 08:53:07,275: [main] DEBUG AbstractLdap.search(194) -  -   dn = cn=group9,ou=uofu,OU=grouper,DC=testad,DC=utah,DC=edu

 

Even though Grouper knows it trying to provision LDAP it is using the “groupsBaseDN” for AD. For all psp*.xml I use the value from the ldap.properties like this: baseDn="${edu.internet2.middleware.psp.groupsBaseDn}" when referring to the AD target. For my LDAP target I hard code like this: baseDN=”ou=grouper,o=Utah.edu”.

 

This is working fine for creating stems and groups, but now I have run into this is when trying to add members.

 

This piece of XML is the first clue I see:

 

<spmlsearch:query targetID='openDJ' scope='pso'>

    <spmlref:hasReference typeOfReference='member'>

      <spmlref:toPsoID ID='unid=u0000859,ou=people,o=utah.edu' targetID='openDJ'/>

    </spmlref:hasReference>

    <spmlsearch:basePsoID ID='cn=group9,ou=uofu,OU=grouper,DC=testad,DC=utah,DC=edu' targetID='openDJ'/>

  </spmlsearch:query>

</spmlsearch:SearchRequest>

 

For some reason the basePsoID is pulling the wrong baseDN. I have poured over the psp xml files and cannot find where I am using the wrong baseDN.

 

Can someone tell me which psp xml element is being mapped to basePsoID?

 

Thanks,

 

Bryan

 


  • [grouper-users] One Last Hurdle using the PSP to provision both AD and LDAP, Bryan E. Wooten, 07/23/2013

Archive powered by MHonArc 2.6.16.

Top of Page