Skip to Content.
Sympa Menu

grouper-users - [grouper-users] Dire warning in ldap.properties

Subject: Grouper Users - Open Discussion List

List archive

[grouper-users] Dire warning in ldap.properties


Chronological Thread 
  • From: J Richard Gilbert <>
  • To:
  • Subject: [grouper-users] Dire warning in ldap.properties
  • Date: Fri, 18 Oct 2013 16:59:43 +0100

Hi,

As a newbie, I have been experimenting with grouper and now want to
try using the PSP to demonstrate management of a group in a test AD.
Having watched the training videos I am configuring ldap.properties,
in which I see the following...

# The default base DN for searches.
# All subordinate objects will be deleted during tests !
edu.vt.middleware.ldap.baseDn=
# The base DN for groups.
edu.internet2.middleware.psp.groupsBaseDn=
# The base DN for people.
edu.internet2.middleware.psp.peopleBaseDn=

That warning sounds a bit scary! What does it really mean?

And what is the default base DN used for? The configuration defines a
base for group searches and a base for people searches. The AD I am
working with was configured (not by me) with ou=Staff and ou=Students
configured directly below the root of the tree. To search for both
types of user in a single source therefore required me to give the
root as the search base. This caused trouble: Grouper didn't like the
references which AD returns...

Subject API error: error with subject source id: qad, name: QA AD,
problem with getSubject by id, in sources.xml: search searchSubject: ,
edu.internet2.middleware.subject.SourceUnavailableException: Ldap
NamingException: Unprocessed Continuation Reference(s)

I found the explanation for this here:
http://mail-archives.apache.org/mod_mbox/tomcat-users/200611.mbox/%3CC16E4268.9601B%%3E

I got round it by restricting my source to staff only and so was able
to specify a search base below the root. I am wondering whether I am
going to come up against the same problem when I specify the root of
the tree for edu.vt.middleware.ldap.baseDn in ldap.properties.

Thank you

Richard
--
Richard Gilbert
Corporate Information and Computing Services
University of Sheffield, Sheffield, S10 2FN, UK
Phone: +44 114 222 3028 Fax: +44 114 222 1188



Archive powered by MHonArc 2.6.16.

Top of Page