grouper-users - Re: [grouper-users] PSP: "Unable to determine schema entity"
Subject: Grouper Users - Open Discussion List
List archive
- From: David Langenberg <>
- To: "Peter St. Onge" <>
- Cc: Gouper Users <>
- Subject: Re: [grouper-users] PSP: "Unable to determine schema entity"
- Date: Tue, 18 Nov 2014 09:35:47 -0700
If you don't use eduMember in your LDAP, then feel free to remove the definition of it from your psp-resolver.xml.
Dave
Dave
On Mon, Nov 17, 2014 at 12:23 PM, Peter St. Onge <> wrote:
Seems it expects the eduMember objectClass to be available.
<psp:calcResponse xmlns:psp='http://grouper.internet2.edu/psp' status='success' requestID='2014/11/17-14:00:13.925'>
<psp:id ID='apps:easi:acorn:admin'/>
<psp:pso entityName='group'>
<psoID ID='cn=admin,ou=acorn,ou=easi,ou=apps,ou=grouper,dc=toronto,dc=on,dc=ca' targetID='ldap'/>
<data>
<dsml:attr xmlns:dsml='urn:oasis:names:tc:DSML:2:0:core' name='objectClass'>
<dsml:value>top</dsml:value>
<dsml:value>groupOfNames</dsml:value>
<dsml:value>eduMember</dsml:value>
</dsml:attr>
<dsml:attr xmlns:dsml='urn:oasis:names:tc:DSML:2:0:core' name='cn'>
<dsml:value>admin</dsml:value>
</dsml:attr>
<dsml:attr xmlns:dsml='urn:oasis:names:tc:DSML:2:0:core' name='description'>
<dsml:value>Adminstration Group for ACORN</dsml:value>
</dsml:attr>
<dsml:attr xmlns:dsml='urn:oasis:names:tc:DSML:2:0:core' name='hasMember'>
<dsml:value>Tee Jones</dsml:value>
</dsml:attr>
</data>
<capabilityData mustUnderstand='true' capabilityURI='urn:oasis:names:tc:SPML:2:0:reference'>
<spmlref:reference xmlns='urn:oasis:names:tc:SPML:2:0' xmlns:spmlref='urn:oasis:names:tc:SPML:2:0:reference' typeOfReference='member'>
<spmlref:toPsoID ID='individualid=2602643706,dc=toronto,dc=on,dc=ca' targetID='ldap'/>
</spmlref:reference>
</capabilityData>
</psp:pso>
</psp:calcResponse>
And here's the error:
2014-11-17 14:00:14,217: [DefaultQuartzScheduler_Worker-1] DEBUG LdapSpmlTarget.execute(473) - - Target 'ldap' - Modifying 'ModifyRequest[psoID=PSOIdentifier[id='cn=admin,ou=acorn,ou=easi,ou=apps,ou=grouper,dc=toronto,dc=on,dc=ca',targetID=ldap,containerID=<null>],mod=DSMLModification[name=objectClass,op=add],mod=DSMLModification[name=hasMember,op=add],typeOfReference=member,typeOfReference=member,returnData=everything,requestID=2014/11/17-14:00:14.205]'
2014-11-17 14:00:14,218: [DefaultQuartzScheduler_Worker-1] DEBUG LdapSpmlTarget.execute(474) - - Target 'ldap' - Modifications '[Add attribute: objectClass: eduMember, Add attribute: hasMember: Tee Jones, Add attribute: member: individualid=2602643706,dc=toronto,dc=on,dc=ca, Remove attribute: member: ]'
2014-11-17 14:00:14,218: [DefaultQuartzScheduler_Worker-1] DEBUG LdapSpmlTarget.execute(476) - - Target 'ldap' - Modify DN 'cn=admin,ou=acorn,ou=easi,ou=apps,ou=grouper,dc=toronto,dc=on,dc=ca'
2014-11-17 14:00:14,218: [DefaultQuartzScheduler_Worker-1] DEBUG AbstractLdap.modifyAttributes(819) - - Modify attributes with the following parameters:
2014-11-17 14:00:14,218: [DefaultQuartzScheduler_Worker-1] DEBUG AbstractLdap.modifyAttributes(820) - - dn = cn=admin,ou=acorn,ou=easi,ou=apps,ou=grouper,dc=toronto,dc=on,dc=ca
2014-11-17 14:00:14,219: [DefaultQuartzScheduler_Worker-1] DEBUG AbstractLdap.modifyAttributes(821) - - mods = [Add attribute: objectClass: eduMember, Add attribute: hasMember: Tee Jones, Add attribute: member: individualid=2602643706,dc=toronto,dc=on,dc=ca, Remove attribute: member: ]
2014-11-17 14:00:14,222: [DefaultQuartzScheduler_Worker-1] ERROR BaseSpmlProvider.execute(386) - - Target 'ldap' - Modify ModifyResponse[pso=<null>,status=failure,error=customError,errorMessages={[LDAP: error code 21 - objectClass: value #0 invalid per syntax]},requestID=2014/11/17-14:00:14.205]
2014-11-17 14:00:14,222: [DefaultQuartzScheduler_Worker-1] ERROR BaseSpmlProvider.execute(388) - - Target 'ldap' - Modify XML:
<modifyResponse xmlns='urn:oasis:names:tc:SPML:2:0' status='failure' requestID='2014/11/17-14:00:14.205' error='customError'>
<errorMessage>[LDAP: error code 21 - objectClass: value #0 invalid per syntax]</errorMessage>
</modifyResponse>
Looks like it's trying to add the eduMember objectClass (and the eduMember schema is not currently in our directory). I'll look into getting it added. That said, I would wonder if there is an alternative.
Thanks and best, -- pete
On 14-11-17 01:56 PM, David Langenberg wrote:
Have you turned up logging to DEBUG? Anything useful @ that level?
Dave
On Mon, Nov 17, 2014 at 11:49 AM, Peter St. Onge <>
wrote:
Hello,
I'm in the process of setting up Grouper 2.2.1 to talk to our back end
identity store (OpenLDAP) and provision groups back to it. The Grouper UI
can search and look up all of the desired attributes for the user (per
sources.xml).
The problem I'm running into appears to be related to the schema we're
using; we have a custom objectClass for our user records in the LDAP
server, and I gather from the error message that the PSP needs to know
about our schema. I'm not clear on what I have to change for it to have
that info.
The data below have been sanitized, of course.
2014-11-17 13:20:09,736: [DefaultQuartzScheduler_Worker-3] ERROR
LdapSpmlTarget.getPSODefinition(835) - - Unable to determine schema
entity for individualid=2406870586,dc=toronto,dc=on,dc=ca
2014-11-17 13:20:09,737: [DefaultQuartzScheduler_Worker-3] ERROR
BaseSpmlProvider.execute(320) - - Target 'ldap' - Lookup
LookupResponse[pso=<null>,status=failure,error=customError,errorMessages={Unable
to determine schema entity for individualid=2406870586,dc=toronto,dc=
on,dc=ca},requestID=2014/11/17-13:20:09.729]
2014-11-17 13:20:09,737: [DefaultQuartzScheduler_Worker-3] ERROR
BaseSpmlProvider.execute(322) - - Target 'ldap' - Lookup XML:
<lookupResponse xmlns='urn:oasis:names:tc:SPML:2:0' status='failure'
requestID='2014/11/17-13:20:09.729' error='customError'>
<errorMessage>Unable to determine schema entity for individualid=
2406870586,dc=toronto,dc=on,dc=ca</errorMessage>
</lookupResponse>
Any pointers appreciated.
Thanks and best, -- pete
--
Peter St. Onge
David Langenberg
Identity & Access Management
The University of Chicago
- [grouper-users] PSP: "Unable to determine schema entity", Peter St. Onge, 11/17/2014
- Re: [grouper-users] PSP: "Unable to determine schema entity", David Langenberg, 11/17/2014
- Re: [grouper-users] PSP: "Unable to determine schema entity", Peter St. Onge, 11/17/2014
- Re: [grouper-users] PSP: "Unable to determine schema entity", David Langenberg, 11/18/2014
- Re: [grouper-users] PSP: "Unable to determine schema entity", Peter St. Onge, 11/17/2014
- Re: [grouper-users] PSP: "Unable to determine schema entity", David Langenberg, 11/17/2014
Archive powered by MHonArc 2.6.16.