Skip to Content.
Sympa Menu

grouper-users - [grouper-users] RE: Oldap source

Subject: Grouper Users - Open Discussion List

List archive

[grouper-users] RE: Oldap source

Chronological Thread 
  • From: "Singley, Norman" <>
  • To: "Hyzer, Chris" <>, " Mailing List" <>
  • Subject: [grouper-users] RE: Oldap source
  • Date: Fri, 2 Dec 2016 19:58:34 +0000
  • Accept-language: en-US
  • Ironport-phdr: 9a23:TFNkXRKbQURBxaZ8R9mcpTZWNBhigK39O0sv0rFitYgfI/rxwZ3uMQTl6Ol3ixeRBMOAuqkC17Gd7fqocFdDyK7JiGoFfp1IWk1NouQttCtkPvS4D1bmJuXhdS0wEZcKflZk+3amLRodQ56mNBXdrXKo8DEdBAj0OxZrKeTpAI7SiNm82/yv95HJbQhFgDSwbal9IRi4ognct9caipZ+J6gszRfEvmFGcPlMy2NyIlKTkRf85sOu85Nm7i9dpfEv+dNeXKvjZ6g3QqBWAzogM2Au+c3krgLDQheV5nsdSWoZjBxFCBXY4R7gX5fxtiz6tvdh2CSfIMb7Q6w4VSik4qx2ThLjlSUJOCMj8GzPisJ+kr9VoA6vqRJ8zY7bYoCVO+Zxca7GeNMWWW5MU9xNWyBdHI+xaZYEAeobPeZfqonwv1UCowa/BQmqC+PvziFHh3/u0aYny+ohFhvG3Ak6ENIIvnjfsdL4Or8VUeCvyanH1zPDY+lL1zf87ojIfRQhru+MXL9rdMrR0k4vGxnYjlWVtYzpJS2a2fkQs2WC6edrSOyhi2kiqw5rozivwN8hiojPhoIJ1F/E7yN5z5gpJdGmUkJ0f8OrEIZIuyGeMIt2TcwiTH9yuCog1LIJpIO7cS4Xw5ok3x7Sc+GLfoiU7h75SeqcLyp0iGh7dL6hiRu+61Wsx+zkWsWpzFpGtDdJnsXWun0OzRDf99aLR/pl8kevxzmC1Bzf5+RBLE07lqfXNp8sz7srmZcQrEvMAyr7lUTog6CIdEgp//Wn5Pn6bbjgu5SSLZV7ihvkPaQrgsG/Afo3MgwJX2WD5OS80brj/UvlQLlWk/E6iLTZsJXGJcgBuKG2HhJV3p4i6xa5ETimzMwVkWQHIV5ZYh6LkobkN0zULPzmE/uyjU6gnCpqyvzeO73uGJTNLnzNkLf7erZ97lZRxhI0zdBF4pJbELcBLOjuVE/wstzYARs5PBK0wuv8DdV9zYQeVXiSAq+cLKPeq0GH6f8yI+WUfo8apC79K+Q55/7plXI5lkUdfa603ZsPdn+4BO1qI1iCYXXymNcBCnwHvg4/TOzxlF2CSiBfa2yzX6I6+jE0FpimDYHdSYCxnrCNxjm0EYBLZjMONlfZW1f5ZYieH78naDiTOYUpxjkPVamzRpUJ1Aql8hLixrxhaOfY53tc/djszt9o/+DJ0Awp+CZvJ8Wbz2yXSWxoxCUFSyJ++al+pU17xR+n0LNkybQMGsZU+utESEInLpPG1MR7Dcz/QATMYo3PRVq7FIaIGzY0G5gKwtkBZ0tsX52EiQrG1izgS+szkKaODZpyyaPa0Hz8Nu540HGAyaw9yVQqX50cZiWdmqdj+l2LVMbymEKDmvPyeA==

Chris -


Great catch on the umid / uid.  It’s actually the opposite  - I search for uid (what we call netid, in this case ns180505e ).  I fixed that, and now, I am not getting the entity not found error, so THANKS!!. I can successfully add members to the wheel group, but still can’t create any new folders.   When I go to add a folder and search for Root, It says “the value entered is not valid”


We seem to be getting a proper connection to the oldap then, but the privs are not getting assigned to the identities? 



Yes, I did send /grouper/ -   All three of the sources.xml are the same. 


I’m kind of a novice with the shell. I started it from /grouper/grouper.ui-2.3.0/dist/grouper/WEB-INF/bin/gsh but when I run–registry –drop –runscript it says: Error: unable to evaluate command: Sourced file: inline evaluation of: `` -registry -drop -runscript;'' : illegal use of undefined object or 'void' literal




I do get a cleaner startup now, after clearing out the old logs. 


I can successfully query the oldap using gsh:


gsh 5% grouperSession = GrouperSession.startRootSession();

edu.internet2.middleware.grouper.GrouperSession: 548aa1e45f3f4dafba0eaf833d3055f4,'GrouperSystem','application'

gsh 6% SubjectFinder.findByIdentifierAndSource("ns180505e", "oid", false);

subject: id='ns180505e' type='person' source='oid' name='Norman Singley'





From: Hyzer, Chris [mailto:]
Sent: Friday, December 02, 2016 12:23 PM
To: Singley, Norman; Mailing List
Subject: RE: Oldap source


Your subject id is umid and your subject identifier is uid right?


Your search says that but you have this:








Which I think you should change to this:







The UI is showing subject id of ns180505e which would not be resolved.


Any chance you can change that, reinit your database to wipe out the old way you configured it and try again?


gsh -registry -drop -runscript


Do you still need the sample data and subjects?   I would start fresh without that stuff.


Some troubleshooting… after the above…


What path of sources.xml did you send me?  Its /grouper/grouper.ui-2.3.0/dist/grouper/WEB-INF/classes/sources.xml   right?


If you stop tomcat, delete logs, and start, do you not see that stack in the logs anymore?


Add this to the = DEBUG


Start gsh from /grouper/grouper.ui-2.3.0/dist/grouper/WEB-INF/bin/gsh


Try to resolve subjects.  E.g.


grouperSession = GrouperSession.startRootSession();

SubjectFinder.findByIdAndSource("790505106", "oid", false);




grouperSession = GrouperSession.startRootSession();

SubjectFinder.findByIdentifierAndSource("ns180505e", "oid", false);




From: Singley, Norman []
Sent: Friday, December 02, 2016 1:59 PM
To: Hyzer, Chris <>;
Subject: RE: Oldap source


Thanks Chris. 


Here is the LDIF record for one of the identities.



Norman Singley

Directory Services

406 243 6799




From: Hyzer, Chris []
Sent: Friday, December 02, 2016 11:54 AM
To: Singley, Norman;
Subject: RE: Oldap source


Send us what one of those subjects (which should be resolvable but which isn’t) looks like in ldap, all the attributes/values, note feel free to sanitize…


From: [] On Behalf Of Singley, Norman
Sent: Friday, December 02, 2016 1:37 PM
Subject: [grouper-users] Oldap source


Hi Folks.


I had to take a break from working on this, but I have time to get after it again.  I am having trouble, I think with getting all of the identity details from our openldap. I have grouper configured to authenticate through our CAS/Shib, and as far as I can tell, that’s working. 


When  I get to the UI, however, none of the members of my wheel group can create new folders.   I can add new members to the wheel group using the UI.


Next to the netid, there is an Entity not found error:





If I click on an identity, I get an “Error: cannot find subject” in a pink bar at the top of the page.


Playing around a bit, I tried going into the lite UI, and when I bring up the member details page I get this:




All three sources.xml files are the same, and attached. 

So, I’m not really sure where to go next.  Thanks for any help. 



Norman Singley

Directory Services

406 243 6799



Dec 02, 2016 12:50:21 PM org.apache.catalina.core.AprLifecycleListener init
INFO: The APR based Apache Tomcat Native library which allows optimal
performance in production environments was not found on the
Dec 02, 2016 12:50:21 PM org.apache.tomcat.util.digester.SetPropertiesRule
WARNING: [SetPropertiesRule]{Server/Service/Engine/Host/Context} Setting
property 'mapperContextRootRedirectEnabled' to 'true' did not find a matching
Dec 02, 2016 12:50:21 PM org.apache.tomcat.util.digester.SetPropertiesRule
WARNING: [SetPropertiesRule]{Server/Service/Engine/Host/Context} Setting
property 'mapperDirectoryRedirectEnabled' to 'true' did not find a matching
SLF4J: Failed to load class "org.slf4j.impl.StaticLoggerBinder".
SLF4J: Defaulting to no-operation (NOP) logger implementation
SLF4J: See for further
Dec 02, 2016 12:50:21 PM org.apache.coyote.http11.Http11Protocol init
INFO: Initializing Coyote HTTP/1.1 on http-8080
Dec 02, 2016 12:50:21 PM org.apache.catalina.startup.Catalina load
INFO: Initialization processed in 1122 ms
Dec 02, 2016 12:50:21 PM org.apache.catalina.core.StandardService start
INFO: Starting service Catalina
Dec 02, 2016 12:50:21 PM org.apache.catalina.core.StandardEngine start
INFO: Starting Servlet Engine: Apache Tomcat/6.0.35
Grouper starting up: version: 2.3.0, build date: 2016/04/16 05:37:21, env:
<no label configured> read from:
Grouper current directory is: / read from:
Grouper is logging to file:
/grouper/apache-tomcat-6.0.35/logs/grouperUi/grouper_error.log, at min level
WARN for package: edu.internet2.middleware.grouper, based on
sources.xml read from:
sources.xml groupersource id: g:gsa
sources.xml ldap source id: oid:
sources.xml groupersource id: grouperEntities
sources.xml jdbc source id: jdbc: GrouperJdbcConnectionProvider

Archive powered by MHonArc 2.6.19.

Top of Page