grouper-users - [grouper-users] Troubles with Google provisioning
Subject: Grouper Users - Open Discussion List
List archive
- From: Christopher Sutherin <>
- To:
- Subject: [grouper-users] Troubles with Google provisioning
- Date: Mon, 17 Apr 2017 13:59:23 -0400
- Ironport-phdr: 9a23:POPPwR28+4ra2gbtsmDT+DRfVm0co7zxezQtwd8ZseIQKvad9pjvdHbS+e9qxAeQG96KtbQe1aGP6vCocFdDyK7JiGoFfp1IWk1NouQttCtkPvS4D1bmJuXhdS0wEZcKflZk+3amLRodQ56mNBXdrXKo8DEdBAj0OxZrKeTpAI7SiNm82/yv95HJbQhFgDuwbalsIBi3ogndq9QajIh/Iast1xXFpWdFdf5Lzm1yP1KTmBj85sa0/JF99ilbpuws+c1dX6jkZqo0VbNXAigoPGAz/83rqALMTRCT6XsGU2UZiQRHDg7Y5xznRJjxsy/6tu1g2CmGOMD9UL45VSi+46ptVRTljjoMOTwk/2HNksF+jL5Urx28qRJ8zYDafoabOeFkca/BeNMXX2pBUtpTWiFHH4iyb5EPD+0EPetAsYT9p0EOrRqlBQmwA+Pv0j9IiWHs3aYnzuohDB3G3Aw+ENIUsXTUqsj+OaAOXuC11qnIzC7Db+hN1Dfg7YjHaQwureuSUr1tbMrc0E8iHB7LgFWXrIzqJTKV1uIVvmiG6upvTv6gh3Q5pA5svzij3tkji4bTiYIQ0lDE8Tt2zJwyJd2iR052Z8OvHphItyyCKYd7Q98uTmNttSY0ybAJooK3cS0FxZg72xLQdvmKfJSU7h3+UeucJCl0iGx+d76nmhq//1Ssxvf/W8S0ylpHoShInsPIu30P0RHY99KJReFn/ki73DaCzwDT5f9AIUAzjafbLoQuwr80lpYKqETDAjP6lFz5jaOIaEkr4fKk6+vgYrXhqZ+cM5F7hhviPaQpn8yzGeU4Mg4QUGiH4emwyrzu8VH7TbhPgP07kbLWvIzfKMkUuqK1HxJa34M/5BqjEjir1dEVkWcZIF1eYB6HipLmO1DKIPD2F/e/hFGsnS93yPDGJL3hA47NLmPYnbf8eLZy8FJTxBAtwt9C+pJYEqsBL+7rWk/tqNzYCQc0MwOuw+bgFdV9zp0RWXiWDq+EK6Pdr0WI5vk0LumIZY8Voyr9K+M76/L0jH85n0Mdcrez3ZsRdn+4AupqL1+HbnXxn9dSWVsN6wUkS/HyhUfHTCVefW2aXqQg6ys9BZ78S4rPW9ODmruEiQy7BJxNemdeCl2WWUz1a4WJQfYKIHaZItVgiScsSL2rQMks2Qz451yy8KZuMueBon5QjpnkztUgv+A=
| Hi, I’ve been trying test Grouper provisioning to Google. I’v compile the google-apps-provisioner-1.2.0 and placed it in cust/lib of the Grouper API home. My grouper-loader.properties has the following entries: # googleapps-grouper-provisioner #This tells Grouper which class to invoke when running the change log consumer. It is required if using the change log consumer functionality. changeLog.consumer.googleapps.class = edu.internet2.middleware.changelogconsumer.googleapps.GoogleAppsChangeLogConsumer # You may optional override the default time that the Grouper Loader invokes the consumer. changeLog.consumer.googleapps.quartzCron = 0 * * * * ? # The Google managed domain name. (e.g. example.org) changeLog.consumer.googleapps.domain = umbc.edu #The service account email address created by Google. changeLog.consumer.googleapps.serviceAccountEmail = #The path of the PKCS12 file created and downloaded from Google. The OS account running the Grouper Loader process or full sync functionality needs to have read permissions to this file. Access to this file should be limited. changeLog.consumer.googleapps.serviceAccountPKCS12FilePath = /opt/grouper/conf/umbc-grouper-provisioner-de039f2d97eb.p12 #This is the account that all actions will be made by. It needs to exists and will be the creator and modifier account associated with the Google auditing logs. changeLog.consumer.googleapps.serviceImpersonationUser = Our Google Apps admin said he has configured it as stated in the documentation. I receive the following error: 2017-04-17 13:50:59,583: [main] ERROR GoogleAppsFullSync.processMissingGroups(342) - - Google Apps Consume 'googleapps' Full Sync - Error adding missing group (): 403 Forbidden { "code" : 403, "errors" : [ { "domain" : "global", "message" : "Not Authorized to access this resource/api", "reason" : "forbidden" } ], "message" : "Not Authorized to access this resource/api" } Thanks for any help, Chris Chris Sutherin , DB/PS Admin, Business Systems
Division of Information Technology (DoIT) Support Response - http://www.umbc.edu/oit Administration 618 Office - 410-455-3327 Email - |
- [grouper-users] Troubles with Google provisioning, Christopher Sutherin, 04/17/2017
- Re: [grouper-users] Troubles with Google provisioning, John Gasper, 04/18/2017
Archive powered by MHonArc 2.6.19.