Grouper Users - Open Discussion List

[Shilen Patel <>]

You can use grouper rules:

https://spaces.internet2.edu/display/Grouper/Grouper+rules+use+cases

In particular:

https://spaces.internet2.edu/display/Grouper/Grouper+rules+use+case+-+Inherited+privileges+on+folders

https://spaces.internet2.edu/display/Grouper/Grouper+rules+use+case+-+Inherited+privileges+on+groups

Thanks!

- Shilen

On 3/25/16, 6:22 AM, "Hugh Brown" <> wrote:

I submitted this query earlier, but realised that I hadn't yet subscribed to

the mailing list, so apologies if this has created a duplicate.

We are using Grouper 2.2.2 having upgraded to version  To date all access has

been programmatic using GrouperSysAdmin access, but we now wish to allow

devolved user groups to manage their owner folders/groups via the Grouper UI

and to make use of existing enterprise group memberships.

I assigned the custom users group Attribute read attribute privilege to the

parent folder of the enterprise groups, but found that this does not provide

read access to any child folders/groups. At first I thought that this might

only affect existing groups, in which case I could assign permissions via

grouper shell. However, I also found that read privilege is not even inherited

by new folders or groups.

I did find that the custom users group does have read access to all groups

created in Grouper 1.5. This appears to be because these groups have Group

read privilege assigned to "EveryEntity", which I understand was no longer

default in Grouper 2.

Can you advise on how to assign a group read access to a folder via the UI

such that read access is inherited by all child folders/groups?

Thank you,

Hugh Brown