Skip to Content.
Sympa Menu

grouper-users - Re: [grouper-users] grouper posix gidNumber

Subject: Grouper Users - Open Discussion List

List archive

Re: [grouper-users] grouper posix gidNumber


Chronological Thread 
  • From: Keith Hazelton <>
  • To: "" <>
  • Subject: Re: [grouper-users] grouper posix gidNumber
  • Date: Fri, 20 Jan 2017 21:35:23 +0000
  • Accept-language: en-US
  • Authentication-results: spf=none (sender IP is ) ;
  • Ironport-phdr: 9a23:FI2rFBBalhzeq1N4ku0PUyQJP3N1i/DPJgcQr6AfoPdwSPX9pcbcNUDSrc9gkEXOFd2CrakV16yK6Ou5BTNIyK3CmUhKSIZLWR4BhJdetC0bK+nBN3fGKuX3ZTcxBsVIWQwt1Xi6NU9IBJS2PAWK8TW94jEIBxrwKxd+KPjrFY7OlcS30P2594HObwlSijewZbx/IA+5oAjfucUanIRvJ6QswRbVv3VEfPhby3l1LlyJhRb84cmw/J9n8ytOvv8q6tBNX6bncakmVLJUFDspPXw7683trhnDUBCA5mAAXWUMkxpHGBbK4RfnVZrsqCT6t+592C6HPc3qSL0/RDqv47t3RBLulSwKMSMy/mPKhcxqlK9VoAyvqQFjw4DaY4+VOvhxfqLSc94BWWpORcNRWzBdDo+gbYYCCfcKM+ZCr4n6olsDtR6wChetBOPzyj9Dm3340rc70us/FQHGwAsgH9QTu3nTr9X6KqYSUfy1zKXSzTXMdfJX1in56IjUdRAhp+qBXLxxccrK1UYjDR3KgUiNqYH8OT6ey+oDs2+e7+V6VOKvjXYqqwB3ojiz2MgskI/JiZwJylza7yl23ps6JcCgRE91YN6kC4dfuzuEOIRrX8MvRXxjtiUiyrAepJK2cycHxI4jyhLBcfCLboyF7xD5WOqPPzt1hWppdKy+ihqu80Wtz+P8W8e33VtJqydKjNzBumwI2hPO6cWKSvtw80K61jmV2QDf9uRJLEQomqfaLpMswaA/m5QJvkjbACP6hEf7gLWZe0gl4OSk9uXqb7v8qpOBKoN5igfzObk0lMOlG+Q3KA0OUnCb+eui0L3j+lX0QK5Pjv0qiqnWqo3aJdgbpqO3GQNU3Icj6w2jADejytsYnH0HIEhLeRKGlIjmJ0vCL+7lAveim1iskTFryO7aPrD5H5nAIXfOnK3lcLpj8UJQ1Q4+wNJF655KFL0MIer/Wkrru9zZCh85PRa0w+HiCNhl1YMRR2OPArOZMK/IsV+H/OMuLPeIZI8Jvzb9LeMo5vDvjX8ihVARZ7em0oYKaHygBPRpP12ZYWbwgtcGCWoKsRA+TOv3iF2aTzFTfW++X78n5j4lEoKmFpzORoSsgLyawCe7BYNaanpHClCKDXfnaZ+EW/ESZyKOPMNtiCILWqW8S9xp6Rb7/gDgzKd/I/CR5zYVr4nL1d5p6vfVmA1oszF4Eo7Vh26XSHxsk3lNWiQ7xrtXoEphx02F3LQixfFUCIoAyelOV1IZOJ/Az6RaAsL/Xh7GeJ/dS1unXtXgATgjQ9YtxNkmfEdmEJOvgg2VjHniOKMci7HeXM98yanbxXWkf8s=
  • Spamdiagnosticmetadata: NSPM
  • Spamdiagnosticoutput: 1:99
Just as a side note, midPoint, an open source product that TIER is evaluating
has the ability to assign and manage gids and other aspects of POSIX user
accounts by provisioning to LDAP.
___________________________________
email & jabber:

calendar: http://go.wisc.edu/i6zxx0

On 2017-01-20, 15:01 ,
"
on behalf of Michael R Gettes"
<
on behalf of
>
wrote:

thank you Peter.

i feel like there are bits of doc spread throughout but nothing that
brings together “this is how to get posix groups to work”. doc that is more
task oriented - follow these steps and this is how to manage posix groups and
gidNumber and so on. am i missing something?

/mrg

> On Jan 20, 2017, at 3:48 PM, Peter DiCamillo
<>
wrote:
>
> For gidNumber, we've been using the idIndex that Grouper generates for
group (and other objects):
https://spaces.internet2.edu/display/Grouper/Integer+IDs+on+Grouper+objects
For us, Grouper is the authoritative source for the GIDs.
>
> Peter
>
> On 1/20/17 3:38 PM, Michael R Gettes wrote:
>> Has anyone done work to manage posix gidNumber within grouper and
would you care to share your work?
>>
>> I believe it should be possible to create a global attribute keeping
the next gidNumber and then to assign a gidNumber attribute with the current
global gidNumber to a group and then increment the global.
>>
>> This should be documented some place so others can leverage.
>>
>> I also don’t understand how to specify which groups should pushed to
LDAP (and how to exclude subsets). If anyone has done this and has examples
- please share.
>>
>> I am concerned the current PSPng implementation presumes 2 group
objects in LDAP, one for the normal group and a separate group for the Posix
version. This doesn’t seem right to me, we should be able to include posix
attributes within any group object. I have private email out to Bert these
questions as well.
>>
>> If I can get these problems resolved then I am halfway to eliminating
the need for the CMU GAP code.
>>
>> /mrg
>>
>




Archive powered by MHonArc 2.6.19.

Top of Page