Skip to Content.
Sympa Menu

grouper-users - RE: [grouper-users] Connect Oldap source

Subject: Grouper Users - Open Discussion List

List archive

RE: [grouper-users] Connect Oldap source


Chronological Thread 
  • From: "Singley, Norman" <>
  • To: Shilen Patel <>
  • Cc: "" <>
  • Subject: RE: [grouper-users] Connect Oldap source
  • Date: Mon, 19 Sep 2016 20:15:56 +0000
  • Accept-language: en-US
  • Ironport-phdr: 9a23:AximfhShsMdBp0S4opq2jUKogNpsv+yvbD5Q0YIujvd0So/mwa64ZBGN2/xhgRfzUJnB7Loc0qyN7PCmBDdLuMvJmUtBWaIPfidNsd8RkQ0kDZzNImzAB9muURYHGt9fXkRu5XCxPBsdMs//Y1rPvi/6tmZKSV3XfDB4LeXtG4PUk9//l6Xro8WSME10g2+GYbJ2IRP+lQzNu81e1ZBiK6I8zDPFv3hFPela2DU7C0iUmkO23ca285pu4mAYnfU78sdGG+2uWaMiSLVeSg8nNW8x6dzDsALECxaK+j0RXnhAwUkAOBTM8ByvBsS5iSD9rOconXDCZcA=

Yup, we’re using that same user (grouperquery) on our old instance of Grouper, which can access the oldap just fine.

 

Thanks.

 

 

Norman Singley

Directory Services

406 243 6799

 

 

 

From: Shilen Patel [mailto:]
Sent: Monday, September 19, 2016 1:14 PM
To: Singley, Norman
Cc:
Subject: Re: [grouper-users] Connect Oldap source

 

Also, make sure uid=grouperquery,ou=people,dc=umt,dc=edu has access – read on uid, cn, umid, objectclass, etc under ou=people.

 

Thanks!

 

- Shilen

 

From: <Singley>, Norman <>
Date: Monday, September 19, 2016 at 3:06 PM
To: Shilen Patel <>
Cc: "" <>
Subject: RE: [grouper-users] Connect Oldap source

 

Yes, that identity does exist in the oldap.  See the attached file for the attributes. 

 

I’ll see what I can find in the logs. 

 

Thanks!

 

 

Norman Singley

Directory Services

406 243 6799

 

 

 

From: Shilen Patel []
Sent: Monday, September 19, 2016 1:03 PM
To: Singley, Norman
Cc:
Subject: Re: [grouper-users] Connect Oldap source

 

Is ss123456 a real user?  If not, can you use a real user?  If it is, then perhaps dump the output of an ldapsearch for that user here (with the DN and appropriate attributes).  Maybe also look at your ldap logs to see what search is actually happening and if there's an explanation for why it's not finding what you expect to find.  Once we can prove that this works via gsh, we'll know that the sources.xml file is good and we can  then figure out the ui error.

 

Thanks!

 

- Shilen

 

From: <Singley>, Norman <>
Date: Monday, September 19, 2016 at 2:50 PM
To: Shilen Patel <>
Cc: "" <>
Subject: RE: [grouper-users] Connect Oldap source

 

Ah yes, that makes  more sense.   I updated the file and restarted tomcat.  I still get the ui error, and the find search doesn’t return anything:

 

 

Using GROUPER_HOME: /grouper/grouper.apiBinary-2.3.0/bin/..

Using GROUPER_CONF: /grouper/grouper.apiBinary-2.3.0/bin/../conf

Using JAVA: java

using MEMORY: 64m-750m

Grouper starting up: version: 2.3.0, build date: 2016/04/16 05:37:21, env: <no label configured>

grouper.properties read from: /grouper/grouper.apiBinary-2.3.0/conf/grouper.properties

Grouper current directory is: /grouper/grouper.apiBinary-2.3.0/bin

log4j.properties read from:   /grouper/grouper.apiBinary-2.3.0/conf/log4j.properties

Grouper is logging to file:   /grouper/grouper.apiBinary-2.3.0/bin/../logs/grouper_error.log, at min level WARN for package: edu.internet2.middleware.grouper, based on log4j.properties

grouper.hibernate.properties: /grouper/grouper.apiBinary-2.3.0/conf/grouper.hibernate.properties

grouper.hibernate.properties:

sources.xml read from:        /grouper/grouper.apiBinary-2.3.0/conf/sources.xml

sources.xml groupersource id: g:gsa

sources.xml ldap source id:   oid: uid=grouperquery,ou=people,dc=umt,dc=edu@ldap://cidp.umt.edu:389

sources.xml groupersource id: grouperEntities

sources.xml jdbc source id:   jdbc: GrouperJdbcConnectionProvider

Type help() for instructions

gsh 0% GrouperSession.startRootSession()

edu.internet2.middleware.grouper.GrouperSession: 470afe9f545b4468b2fcd07f2957ae74,'GrouperSystem','application'

gsh 1% SubjectFinder.findAll("test")

gsh 2% SubjectFinder.findAll("ss123456")

gsh 3% SubjectFinder.findByIdOrIdentifier("ss123456", false)

 

 

 

Thanks!

 

 

Norman Singley

Directory Services

406 243 6799

 

 

 

 

From: Shilen Patel []
Sent: Monday, September 19, 2016 12:38 PM
To: Singley, Norman
Cc:
Subject: Re: [grouper-users] Connect Oldap source

 

Ah, it looks like you listed eduPersonPrincipalName as the object class.  You probably want eduPerson instead, right?

 

Thanks!

 

- Shilen

 

From: <Singley>, Norman <>
Date: Monday, September 19, 2016 at 2:33 PM
To: Shilen Patel <>
Cc: "" <>
Subject: RE: [grouper-users] Connect Oldap source

 

Ah, got it.  I retyped it and it runs without the error, but does not return anything.

 

Attached is the current sources.xml – only change is the ldap PW hashed out. 

 

Thanks!

 

 

Norman Singley

Directory Services

406 243 6799

 

 

 

From: Shilen Patel []
Sent: Monday, September 19, 2016 12:29 PM
To: Singley, Norman
Cc:
Subject: Re: [grouper-users] Connect Oldap source

 

Can you send your latest sources.xml?  By the way, you have a typo in the third gsh command.

 

Thanks!

 

- Shilen

 

From: <Singley>, Norman <>
Date: Monday, September 19, 2016 at 2:25 PM
To: Shilen Patel <>
Cc: "" <>
Subject: RE: [grouper-users] Connect Oldap source

 

Hi Shilen.

 

I did.  I replaced exampleEduPerson with eduPersonPrincipalName, and exampleEduRegId with umid (our local id #), but I’m still seeing the same errors:

 

 

Using GROUPER_HOME: /grouper/grouper.apiBinary-2.3.0/bin/..

Using GROUPER_CONF: /grouper/grouper.apiBinary-2.3.0/bin/../conf

Using JAVA: java

using MEMORY: 64m-750m

Grouper starting up: version: 2.3.0, build date: 2016/04/16 05:37:21, env: <no label configured>

grouper.properties read from: /grouper/grouper.apiBinary-2.3.0/conf/grouper.properties

Grouper current directory is: /grouper/grouper.apiBinary-2.3.0/bin

log4j.properties read from:   /grouper/grouper.apiBinary-2.3.0/conf/log4j.properties

Grouper is logging to file:   /grouper/grouper.apiBinary-2.3.0/bin/../logs/grouper_error.log, at min level WARN for package: edu.internet2.middleware.grouper, based on log4j.properties

grouper.hibernate.properties: /grouper/grouper.apiBinary-2.3.0/conf/grouper.hibernate.properties

grouper.hibernate.properties:

sources.xml read from:        /grouper/grouper.apiBinary-2.3.0/conf/sources.xml

sources.xml groupersource id: g:gsa

sources.xml ldap source id:   oid: uid=grouperquery,ou=people,dc=umt,dc=edu@ldap://cidp.umt.edu:389

sources.xml groupersource id: grouperEntities

sources.xml jdbc source id:   jdbc: GrouperJdbcConnectionProvider

Type help() for instructions

gsh 0% GrouperSession.startRootSession()

edu.internet2.middleware.grouper.GrouperSession: 4c371833506d4d47aa0a81b6d5687b15,'GrouperSystem','application'

gsh 1% SubjectFinder.findAll("test")

gsh 2% SubjectFinder.findAll("ss123456")

gsh 3% SubjectFinder.findByIDOrIdentifier("ss123456", false)

// Error: unable to evaluate command: Sourced file: inline evaluation of: ``SubjectFinder.findByIDOrIdentifier("ss123456", false);'' : Error in method invocation: Static method findByIDOrIdentifier( java.lang.String, boolean ) not found in class'edu.internet2.middleware.grouper.SubjectFinder'

gsh 4%

 

 

 

Thanks for the help!

 

 

 

Norman Singley

Directory Services

406 243 6799

 

 

From: Shilen Patel []
Sent: Monday, September 19, 2016 11:50 AM
To: Singley, Norman
Cc:
Subject: Re: [grouper-users] Connect Oldap source

 

In your originally sources.xml file posted to the list, you had some example values (exampleEduPerson, exampleEduRegId).  Did you fix that?

 

Thanks!

 

- Shilen

 

From: <Singley>, Norman <>
Date: Monday, September 19, 2016 at 12:55 PM
To: Shilen Patel <>
Cc: "" <>
Subject: RE: [grouper-users] Connect Oldap source

 

 

Sure.  Here are the paths:

 

/grouper/grouper.apiBinary-2.3.0/conf/sources.xml

/grouper/grouper.ui-2.3.0/dist/grouper/WEB-INF/classes/sources.xml

/grouper/grouper.ws-2.3.0/grouper-ws/build/dist/grouper-ws/WEB-INF/classes/sources.xml

 

 

I did restart Tomcat after modifying the sources.xml files.

 

 

I don’t seem to get any feedback when I use our netids as search terms:

 

 

Using GROUPER_HOME: /grouper/grouper.apiBinary-2.3.0

Using GROUPER_CONF: /grouper/grouper.apiBinary-2.3.0/conf

Using JAVA: java

using MEMORY: 64m-750m

Grouper starting up: version: 2.3.0, build date: 2016/04/16 05:37:21, env: <no label configured>

grouper.properties read from: /grouper/grouper.apiBinary-2.3.0/conf/grouper.properties

Grouper current directory is: /grouper/grouper.apiBinary-2.3.0

log4j.properties read from:   /grouper/grouper.apiBinary-2.3.0/conf/log4j.properties

Grouper is logging to file:   /grouper/grouper.apiBinary-2.3.0/logs/grouper_error.log, at min level WARN for package: edu.internet2.middleware.grouper, based on log4j.properties

grouper.hibernate.properties: /grouper/grouper.apiBinary-2.3.0/conf/grouper.hibernate.properties

grouper.hibernate.properties:

sources.xml read from:        /grouper/grouper.apiBinary-2.3.0/conf/sources.xml

sources.xml groupersource id: g:gsa

sources.xml ldap source id:   oid: uid=grouperquery,ou=people,dc=umt,dc=edu@ldap://cidp.umt.edu:389

sources.xml groupersource id: grouperEntities

sources.xml jdbc source id:   jdbc: GrouperJdbcConnectionProvider

Type help() for instructions

gsh 0% GrouperSession.startRootSession()

edu.internet2.middleware.grouper.GrouperSession: 7bac1b19fe6d4bb786da742f7ad38a52,'GrouperSystem','application'

gsh 2% SubjectFinder.findAll("ns180505e")

gsh 4% SubjectFinder.findAll("ss123456")

gsh 5% SubjectFinder.findByIdOrIdentifier("ss123456", false)

 

 

 

Norman Singley

Directory Services

406 243 6799

 

 

 

 

 

From: Shilen Patel []
Sent: Monday, September 19, 2016 10:10 AM
To: Singley, Norman
Cc:
Subject: Re: [grouper-users] Connect Oldap source

 

I think you have a typo in the second gsh command.  Also, instead of "test", can you try real values that would return something in your environment?  That would at least confirm that the sources.xml file is good now.

 

Also, what are the full paths of the other two sources.xml files that you updated?  And did you restart tomcat afterwards?

 

Thanks!

 

- Shilen

 

From: <Singley>, Norman <>
Date: Monday, September 19, 2016 at 11:35 AM
To: Shilen Patel <>
Cc: "" <>
Subject: RE: [grouper-users] Connect Oldap source

 

Ah, gotcha.  Ok, I updated the other two Surces.xml files.  I still get the same error in the UI:

 

Error: cannot find attributeDefId, nameOfAttributeDef, or attributeDefIndex in url

 

 

 

Starting up GSH that time worked, and here is what I get when running those commands:

 

 

Using GROUPER_HOME: /grouper/grouper.apiBinary-2.3.0/bin/..

Using GROUPER_CONF: /grouper/grouper.apiBinary-2.3.0/bin/../conf

Using JAVA: java

using MEMORY: 64m-750m

Grouper starting up: version: 2.3.0, build date: 2016/04/16 05:37:21, env: <no label configured>

grouper.properties read from: /grouper/grouper.apiBinary-2.3.0/conf/grouper.properties

Grouper current directory is: /grouper/grouper.apiBinary-2.3.0/bin

log4j.properties read from:   /grouper/grouper.apiBinary-2.3.0/conf/log4j.properties

Grouper is logging to file:   /grouper/grouper.apiBinary-2.3.0/bin/../logs/grouper_error.log, at min level WARN for package: edu.internet2.middleware.grouper, based on log4j.properties

grouper.hibernate.properties: /grouper/grouper.apiBinary-2.3.0/conf/grouper.hibernate.properties

grouper.hibernate.properties:

sources.xml read from:        /grouper/grouper.apiBinary-2.3.0/conf/sources.xml

sources.xml groupersource id: g:gsa

sources.xml ldap source id:   oid: uid=grouperquery,ou=people,dc=umt,dc=edu@ldap://cidp.umt.edu:389

sources.xml groupersource id: grouperEntities

sources.xml jdbc source id:   jdbc: GrouperJdbcConnectionProvider

Type help() for instructions

gsh 0% GrouperSession.startRootSession()

edu.internet2.middleware.grouper.GrouperSession: def6f6702c9b4a9b984fc3c718969cc8,'GrouperSystem','application'

gsh 1% SubjectFinder.findAll("test")

gsh 2% SubjectFinder.findByIdOrIdentifieer("test", false)

// Error: unable to evaluate command: Sourced file: inline evaluation of: ``SubjectFinder.findByIdOrIdentifieer("test", false);'' : Error in method invocation: Static method findByIdOrIdentifieer( java.lang.String, boolean ) not found in class'edu.internet2.middleware.grouper.SubjectFinder'

gsh 3%

 

 

 

Thanks.

 

 

Norman Singley

Directory Services

406 243 6799

 

 

 

From: Shilen Patel []
Sent: Monday, September 19, 2016 9:18 AM
To: Singley, Norman
Cc:
Subject: Re: [grouper-users] Connect Oldap source

 

When starting up gsh, first cd into /grouper/grouper.apiBinary-2.3.0 or /grouper/grouper.apiBinary-2.3.0/bin.  Then try running the find again (note that I had a typo last time but I'm including it again below with the correction).

 

gsh 0% GrouperSession.startRootSession()

gsh 1% SubjectFinder.findAll("test")

gsh 2% SubjectFinder.findByIdOrIdentifier("test", false)

 

And yeah you should keep all the sources.xml files the same.

 

Thanks!

 

- Shilen

 

From: <Singley>, Norman <>
Date: Monday, September 19, 2016 at 11:11 AM
To: Shilen Patel <>
Cc: "" <>
Subject: RE: [grouper-users] Connect Oldap source

 

Ok, I gave that a shot. I get the same error when searching for identities in the web UI, and now when I fire up the GSH from:

 

/grouper/grouper.apiBinary-2.3.0/bin/gsh

 

I get:

 

The GROUPER_HOME environment variable is not defined correctly

or could not be determined

This script must be located in <GROUPER_HOME> or <GROUPER_HOME>/bin

 

FYI, for sources.xml, I am only changing:

 

 

/grouper/grouper.apiBinary-2.3.0/conf/sources.xml

 

 

I see there are other sources.xml files… do those need to be changed as well?

 

Thanks!

 

Norman Singley

Directory Services

406 243 6799

 

 

 

From: Shilen Patel []
Sent: Monday, September 19, 2016 8:59 AM
To: Singley, Norman
Cc:
Subject: Re: [grouper-users] Connect Oldap source

 

Can you try changing

 

      <param-value>ConnectLdapValidator|CompareLdapValidator</param-value>

 

To

 

      <param-value>CompareLdapValidator</param-value>

 

Thanks!

 

- Shilen

 

From: <Singley>, Norman <>
Date: Monday, September 19, 2016 at 10:52 AM
To: Shilen Patel <>
Cc: "" <>
Subject: RE: [grouper-users] Connect Oldap source

 

Hmm, I do have the validator defined:

 

      <init-param>

      <param-name>VTLDAP_VALIDATOR</param-name>

      <param-value>ConnectLdapValidator|CompareLdapValidator</param-value>

    </init-param>

    <init-param>

      <param-name>VTLDAP_VALIDATOR_COMPARE_DN</param-name>

      <param-value>ou=people,dc=umt,dc=edu</param-value>

    </init-param>

    <init-param>

      <param-name>VTLDAP_VALIDATOR_COMPARE_SEARCH_FILTER_STRING</param-name>

      <param-value>ou=people</param-value>

    </init-param>

 

 

Thanks.

 

 

Norman Singley

Directory Services

406 243 6799

 

 

 

From: Shilen Patel []
Sent: Friday, September 16, 2016 7:36 PM
To: Singley, Norman
Cc:
Subject: Re: [grouper-users] Connect Oldap source

 

I think you're supposed to choose one of the two validators.  See https://bugs.internet2.edu/jira/browse/GRP-1151

 

Thanks!

 

- Shilen

 

From: <Singley>, Norman <>
Date: Friday, September 16, 2016 at 6:02 PM
To: Shilen Patel <>
Cc: "" <>
Subject: RE: [grouper-users] Connect Oldap source

 

Hi Shilen.

 

Thanks for the tips.  I get an error firing up gsh:

 

Subject API Error: error with subject source id: oid, name: Open Ldap Directory, problem with getSubject by id, in sources. 

 

.xml: search searchSubject: , edu.internet2.middleware.subject.SourceUnavailableException: Ldap Exception: null

        at edu.internet2.middleware.subject.provider.LdapSourceAdapter.getLdapResultsHelper(LdapSourceAdapter.java:777)

        at edu.internet2.middleware.subject.provider.LdapSourceAdapter.getLdapResults(LdapSourceAdapter.java:661)

        at edu.internet2.middleware.subject.provider.LdapSourceAdapter.getLdapUnique(LdapSourceAdapter.java:806)

        at edu.internet2.middleware.subject.provider.LdapSourceAdapter.getSubject(LdapSourceAdapter.java:374)

        at edu.internet2.middleware.subject.SubjectCheckConfig.checkConfig(SubjectCheckConfig.java:111)

        at edu.internet2.middleware.grouper.misc.GrouperCheckConfig$1.callback(GrouperCheckConfig.java:455)

        at edu.internet2.middleware.grouper.GrouperSession.callbackGrouperSession(GrouperSession.java:974)

        at edu.internet2.middleware.grouper.misc.GrouperCheckConfig.checkConfig(GrouperCheckConfig.java:451)

        at edu.internet2.middleware.grouper.misc.GrouperStartup.startup(GrouperStartup.java:256)

        at edu.internet2.middleware.grouper.app.gsh.GrouperShell.main(GrouperShell.java:151)

        at edu.internet2.middleware.grouper.app.gsh.GrouperShellWrapper.main(GrouperShellWrapper.java:31)

Caused by: java.lang.NullPointerException

        at edu.internet2.middleware.subject.provider.LdapSourceAdapter.getLdapResultsHelper(LdapSourceAdapter.java:746)

        ... 10 more

 

 

gsh 0% GrouperSession.startRootSession()

edu.internet2.middleware.grouper.GrouperSession: 0e220de6aa56485b81443870e4a0bc84,'GrouperSystem','application'

gsh 1% SubjectFinder.find("test")

// Error: unable to evaluate command: Sourced file: inline evaluation of: ``SubjectFinder.find("test");'' : Error in method invocation: Static method find( java.lang.String ) not found in class'edu.internet2.middleware.grouper.SubjectFinder'

gsh 2% SubjectFinder.findByIdOrIdentifier("test", false)

// Error: unable to evaluate command: Sourced file: inline evaluation of: ``SubjectFinder.findByIdOrIdentifier("test", false);'' : Method Invocation SubjectFinder.findByIdOrIdentifier

// See error log for full stacktrace

// caused by: edu.internet2.middleware.subject.SourceUnavailableException:

// Ldap Exception: null

// caused by: java.lang.NullPointerException:

// null

gsh 3%

 

 

 

 

looks like from the logs maybe it’s the connectldapvalidator?  Not sure what to put there.

 

 

Problem loading class: ConnectLdapValidator|CompareLdapValidator

java.lang.RuntimeException: Problem loading class: ConnectLdapValidator|CompareLdapValidator

 

 

 

Thanks.

Norman.

 

 

 

 

 

From: Shilen Patel []
Sent: Friday, September 16, 2016 3:08 PM
To: Singley, Norman
Cc:
Subject: Re: [grouper-users] Connect Oldap source

 

Are there any other errors in your log files?  If you remove that source in sources.xml, that error goes away?  Just to make sure there isn't something else in play.  Also, can you try to do a query just using gsh to see if that produces any errors?  

 

gsh 0% GrouperSession.startRootSession()

gsh 1% SubjectFinder.find("test")

gsh 2% SubjectFinder.findByIdOrIdentifier("test", false)

 

If there's a problem in the sources.xml file, it may be easier to debug using gsh instead of the UI.  I also noticed that some of the example values are still in there (exampleEduPerson, exampleEduRegId), though I wouldn't expect that to produce the error that you got.

 

Thanks!

 

- Shilen

 

 

From: <Singley>, Norman <>
Date: Friday, September 16, 2016 at 2:52 PM
To: "" <>
Subject: [grouper-users] Connect Oldap source

 

Hi .

 

I’ve got a new install of grouper 2.3 that I am trying to connect to my openldap as a source.

 

I’ve modified the sources.xml sources.xml file located at

grouper.apiBinary-2.3.0/conf/sources.xml

 

When I search for an identity (searching all data sources) I get the following error:

 

Error: cannot find attributeDefId, nameOfAttributeDef, or attributeDefIndex in url

 

Attached is the sources.xml file I am using.  (renamed)  All I have changed is the section to connect to Oldap.

 

Thanks for any help.

 

 

Norman Singley

Directory Services

406 243 6799

 

 




Archive powered by MHonArc 2.6.19.

Top of Page