Skip to Content.
Sympa Menu

grouper-users - [grouper-users] RE: LDAP_GROUP_LIST - Setting group name

Subject: Grouper Users - Open Discussion List

List archive

[grouper-users] RE: LDAP_GROUP_LIST - Setting group name


Chronological Thread 
  • From: "Black, Carey M." <>
  • To: "" <>
  • Cc: Bryan Wooten <>
  • Subject: [grouper-users] RE: LDAP_GROUP_LIST - Setting group name
  • Date: Tue, 1 May 2018 01:34:36 +0000
  • Accept-language: en-US
  • Authentication-results: spf=pass (sender IP is 128.146.138.10) smtp.mailfrom=osu.edu; internet2.edu; dkim=none (message not signed) header.d=none;internet2.edu; dmarc=pass action=none header.from=osu.edu;
  • Ironport-phdr: 9a23:98shlxG2FostlYdHz4P5yJ1GYnF86YWxBRYc798ds5kLTJ7yociwAkXT6L1XgUPTWs2DsrQY07GQ6/iocFdDyK7JiGoFfp1IWk1NouQttCtkPvS4D1bmJuXhdS0wEZcKflZk+3amLRodQ56mNBXdrXKo8DEdBAj0OxZrKeTpAI7SiNm82/yv95HJbAhEmDSwbaluIBmqsA7cqtQYjYx+J6gr1xDHuGFIe+NYxWNpIVKcgRPx7dqu8ZBg7ipdpesv+9ZPXqvmcas4S6dYDCk9PGAu+MLrrxjDQhCR6XYaT24bjwBHAwnB7BH9Q5fxri73vfdz1SWGIcH7S60/VC+85Kl3VhDnlCYHNyY48G7JjMxwkLlbqw+lqxBm3oLYfJ2ZOP94c6jAf90VWHBBU95RWSJfH428c4UBAekPPelaronyu1QBoACkBQWwAO7i0CNEimPo0aA8zu8vERvG3AslH98WvnjZsdH1O70OXuC21KXD0CvOYOlM2Tjj6InDbxcvreuCUbltdsfe0k0vGBnZgVWTs4DpIi2Z2+oWvmic9OpgSPijhHA6pAFsuzWiwNonhIrRho8N1FzL7zl1zJswKNGlVUJ3fNupEJVfui2GK4d7R80iTH9ntSkgz7ALvJy2cDURx5g/xRPSZOaLf5WH7x7/TuqcLyl0iGhhdb6hnxqy/1avx+7gWsSx1VtHrjZKncXCtn0IyRDe5cmKReZ480qu2TuC1Q7e5+RYLk8vjqXUMZgsyaMqmJUJq0TMBCr2lV32jKCIckUk/fCl5fz7b7vhupOROZZ4hxz8Pagwg8C/Bv83PRYUU2ic5OS8yKbs/UrkQLVMk/I6iLHZsIrdJcQHuKG2HxNV0ock6xa5FTum18kYnWUDLFJCfxKHjJLlNE3JIPD9Ffu/glKsnyl3x/3eILHuGInBImXGnbv8YLpx9ktRyAQ8wNxD+55ZD78BL+z8V0DrsdHVCx00PxGvzOr/DdVyzIIeWWaBAq+DN6PStEeF6fkrI+aWeIAVuyzxJ+U76/PglnI5nkQdfbSz0ZQJdX+4A+xqI1+Fbnr0ntcBDWAKsxIxTOzwj12CTCZTaGioX64l+zE7E5ypDZ3YRo22hLyB3Ty7HoFNZmxYEFyMEHHod5maVPcWbiKdPNNhniIeWbe/VoAhyELmiAivgbV9KffM9zddqInuzsNd5uvPmAs0+CAuScmRzivFG25umX4QSiVzwbtyu1dVy1Gf3LJ+juACU9Ff+qUafB09MMuW5ehzANO2EinIZNqYAHPgCJ3yCzU4RdF3moVVS0FmBpOvgg2VjHniOKMci7HeXM98yanbxXWkYp8lk3s=
  • Spamdiagnosticmetadata: NSPM
  • Spamdiagnosticoutput: 1:99

Bryan,

 

LDAP_GROUP_LIST : The filter should return one or more LDAP groups that are to be loaded into Grouper.

 

What you want is :

                LDAP_GROUPS_FROM_ATTRIBUTES : The filter should return a set of Users with attributes that will define the groups loaded into Grouper.

 

Also  Just a guess… but I think you want to set:

 

Group attribute name = department

And

Group name _expression_ = ${groupAttribute}

 

NOTE: if there are some department values that you do (or do not) want to load, then also set Attribute filter _expression_ .

 

Examples:

${attributeValue == "LOAD ME"}

  OR

${attributeValue == 'LOAD ME' || attributeValue == 'DO NOT LOAD ME'}

 

--

Carey Matthew

 

From: <> On Behalf Of Bryan Wooten
Sent: Monday, April 30, 2018 4:06 PM
To:
Subject: [grouper-users] LDAP_GROUP_LIST - Setting group name

 

All,

 

I am using the 2.3 UI to try and complete a proof of concept that creates a basis group for each department.

 

LDAP filter like this: (&(netid=*)(department=*))  Find all entries with department attribute set. I want the group name to be the department attribute value.

 

So in the Edit Loader Settings I think I want to set the fields Group name _expression_, Group display name _expression_ and Group description _expression_.

 

I have set Extra LDAP attributes to return department.

 

So I have set Group description _expression_ to be ${grouperAttributes('department')}.

 

I thought I was following the hint given on the page:

 

JEXL _expression_ language fragment that evaluates to the group name (relative to the stem of the group which has the loader definition). groupAttributes['dn'] is a variable in scope as is groupAttributes['cn'] etc

 

But when I run the Loader Diagnostics I get this:

 

NOTE: Original group name: 'groups:u0519980'

NOTE: Found attribute: 'department' with value 'UIT Information Security'

ERROR: Error evaluating group name _expression_: '${grouperAttributes('department')}'

 

I admit that I am having a hard time wrapping my head around JEXL…

 

Any hints or examples greatly appreciated.

 

Bryan Wooten

Tel: (801)585-9323

Email:

 

Identity & Access Management_combined centered

 

 




Archive powered by MHonArc 2.6.19.

Top of Page