Skip to Content.
Sympa Menu

grouper-users - Re: [grouper-users] Grouper 2.2.2 Privilege Inheritance

Subject: Grouper Users - Open Discussion List

List archive

Re: [grouper-users] Grouper 2.2.2 Privilege Inheritance

Chronological Thread 
  • From: Shilen Patel <>
  • To: Hugh Brown <>, "" <>
  • Subject: Re: [grouper-users] Grouper 2.2.2 Privilege Inheritance
  • Date: Fri, 25 Mar 2016 11:55:29 +0000
  • Accept-language: en-US
  • Authentication-results:; dkim=none (message not signed) header.d=none;; dmarc=none action=none;
  • Spamdiagnosticmetadata: NSPM
  • Spamdiagnosticoutput: 1:23

You can use grouper rules:

In particular:


- Shilen

On 3/25/16, 6:22 AM, "Hugh Brown" <> wrote:

I submitted this query earlier, but realised that I hadn't yet subscribed to
the mailing list, so apologies if this has created a duplicate.

We are using Grouper 2.2.2 having upgraded to version  To date all access has
been programmatic using GrouperSysAdmin access, but we now wish to allow
devolved user groups to manage their owner folders/groups via the Grouper UI
and to make use of existing enterprise group memberships.

I assigned the custom users group Attribute read attribute privilege to the
parent folder of the enterprise groups, but found that this does not provide
read access to any child folders/groups. At first I thought that this might
only affect existing groups, in which case I could assign permissions via
grouper shell. However, I also found that read privilege is not even inherited
by new folders or groups.

I did find that the custom users group does have read access to all groups
created in Grouper 1.5. This appears to be because these groups have Group
read privilege assigned to "EveryEntity", which I understand was no longer
default in Grouper 2.

Can you advise on how to assign a group read access to a folder via the UI
such that read access is inherited by all child folders/groups?

Thank you,
Hugh Brown

Archive powered by MHonArc 2.6.16.

Top of Page