grouper-users - Re: [grouper-users] Dire warning in ldap.properties
Subject: Grouper Users - Open Discussion List
List archive
- From: David Langenberg <>
- To: J Richard Gilbert <>
- Cc: "" <>
- Subject: Re: [grouper-users] Dire warning in ldap.properties
- Date: Fri, 18 Oct 2013 10:08:40 -0600
Hi,
That's a warning to be careful if you run the unit-test suite. Generally you won't be doing that so there is no need to panic.
Dave
On Fri, Oct 18, 2013 at 9:59 AM, J Richard Gilbert <> wrote:
Hi,
As a newbie, I have been experimenting with grouper and now want to
try using the PSP to demonstrate management of a group in a test AD.
Having watched the training videos I am configuring ldap.properties,
in which I see the following...
# The default base DN for searches.
# All subordinate objects will be deleted during tests !
edu.vt.middleware.ldap.baseDn=
# The base DN for groups.
edu.internet2.middleware.psp.groupsBaseDn=
# The base DN for people.
edu.internet2.middleware.psp.peopleBaseDn=
That warning sounds a bit scary! What does it really mean?
And what is the default base DN used for? The configuration defines a
base for group searches and a base for people searches. The AD I am
working with was configured (not by me) with ou=Staff and ou=Students
configured directly below the root of the tree. To search for both
types of user in a single source therefore required me to give the
root as the search base. This caused trouble: Grouper didn't like the
references which AD returns...
Subject API error: error with subject source id: qad, name: QA AD,
problem with getSubject by id, in sources.xml: search searchSubject: ,
edu.internet2.middleware.subject.SourceUnavailableException: Ldap
NamingException: Unprocessed Continuation Reference(s)
I found the explanation for this here:
http://mail-archives.apache.org/mod_mbox/tomcat-users/200611.mbox/%3CC16E4268.9601B%%3E
I got round it by restricting my source to staff only and so was able
to specify a search base below the root. I am wondering whether I am
going to come up against the same problem when I specify the root of
the tree for edu.vt.middleware.ldap.baseDn in ldap.properties.
Thank you
Richard
--
Richard Gilbert
Corporate Information and Computing Services
University of Sheffield, Sheffield, S10 2FN, UK
Phone: +44 114 222 3028 Fax: +44 114 222 1188
David Langenberg
Identity & Access Management
The University of Chicago
- [grouper-users] Dire warning in ldap.properties, J Richard Gilbert, 10/18/2013
- Re: [grouper-users] Dire warning in ldap.properties, David Langenberg, 10/18/2013
Archive powered by MHonArc 2.6.16.