Skip to Content.
Sympa Menu

grouper-users - [grouper-users] PSP (Original) Provisioning to LDAP and AD woes

Subject: Grouper Users - Open Discussion List

List archive

[grouper-users] PSP (Original) Provisioning to LDAP and AD woes


Chronological Thread 
  • From: Jeffrey Crawford <>
  • To: Gouper Users List <>
  • Subject: [grouper-users] PSP (Original) Provisioning to LDAP and AD woes
  • Date: Fri, 17 Mar 2017 12:38:04 -0700
  • Ironport-phdr: 9a23:BvWeeBIcl+gqbUT1+NmcpTZWNBhigK39O0sv0rFitYgeKf3xwZ3uMQTl6Ol3ixeRBMOAuq8C1bCd6vq/EUU7or+5+EgYd5JNUxJXwe43pCcHRPC/NEvgMfTxZDY7FskRHHVs/nW8LFQHUJ2mPw6arXK99yMdFQviPgRpOOv1BpTSj8Oq3Oyu5pHfeQtFiT69bL9oLRi6swrdutQIjYZgN6081gbHrnxUdupM2GhmP0iTnxHy5sex+J5s7SFdsO8/+sBDTKv3Yb02QaRXAzo6PW814tbrtQTYQguU+nQcSGQWnQFWDAXD8Rr3Q43+sir+tup6xSmaIcj7Rq06VDi+86tmTgLjhTwZPDAl7m7Yls1wjLpaoB2/oRx/35XUa5yROPZnY6/RYc8WSW9HU81MVSJOH5m8YpMPAeQPPuhWspfzqEcVoBSkGQWhHvnixiNUinL026AxzuQvERvB3AwlB98AtGrbrNv7NKcIT++0zLTDwCvZb/xM1zb95o/Icgo8rvqRWr9wc9TeyUchFwPfkFqRqZDqMiiI1usRqGiU8/BsWvyyhG46sgx8pCWkyMQ0ioTRmI4Yy0zI+Cd8zYY7JtC3U1J3bNurHZdMqy2WKo57Td8+T25zvSs3z6MKtYCncyUM1Z8p3QTQa+adfIiN+h/jVPieITN/hH99fbKwnRey8Uy5xu39Ssm4zE9GryVbntXSqn8BzRPT6s+ASvty+keuxyyD2BzU6uFBOUw0lKzbJIA9wrMoiJYesFjPEy3zlUX4j6KZbVko9+2n5uj7frnqu5qROJNohg7lN6kjn9KzDfokPQQWWmiU4+W81Lnt/U3jR7VKi+U7kqvHv5DUK8QbvLC2Ag9J3Ys49hawEyym38gCkXYZMV1FZQqLj5L1NFHWPPD4EfC/jkyjkDdxwPDGI6XhDYvXLnTajbfhZqhy61RHyAcoydBf5olUCq0aIP7tQEPxtdrYDgMnPAyuxeboFsl92p0EVW2RH6CZLfCajVjdyeUyO+SWLLIOtSzmY9wk/OKm2XAjnkIFcLPswIAacmuQH/J6Ll+fbGa2xNoNDDFZkBA5SbnIhVOMSzNCL12oVr0y4Ss3QNakAInNXI28i5Sc1zywWJBaezYVWRi3DX70etDcCL83YyWIL5oky2RcWA==

I'll try and keep this as simple as possible. We are not yet ready to move to PSPNG but we have an active project of provisioning groups to AD and have an existing provisioner to a couple of LDAP instances.

The LDAP servers use the same DN naming convention so we are able to split up the servers based on the multiple ldap psp-example. Now however we need to provision groups to AD which has a different DN. The following are the things I've tried:

running a second daemon that shows the sources.xml as being the AD server, however it seems like the daemon that hits the changelog first wins even if one had a different name for the psp changelog string:
grouper-loader.properties (LDAP)
changeLog.consumer.pspidm.class = edu.internet2.middleware.psp.grouper.PspChangeLogConsumer

grouper-loader.prperties (AD)
changeLog.consumer.pspad.class = edu.internet2.middleware.psp.grouper.PspChangeLogConsumer

I tried using a different source id in sources.xml but then you would have to update groups twice one from each source or provisioners based on the AD source would be blank

Is there some method I'm missing here?

Jeffrey E. Crawford
Enterprise Service Team

Both pilots and IT professionals require training and currency before charging into clouds!
---------------------------------------



Archive powered by MHonArc 2.6.19.

Top of Page