Grouper Users - Open Discussion List

["Black, Carey M." <>]

Doh… I hate when I type an example wrong!  

 

Correction to my post:

 

 

NOTE: if there are some department values that you do (or do not) want to load, then also set Attribute filter _expression_ .

 

Examples:

${attributeValue == "LOAD ME"}

  OR

${attributeValue == 'LOAD ME' && attributeValue != 'DO NOT LOAD ME'}

 

There are even matching expressions that can be used with the =~ operator too. ( Examples [without my errors] are on the loader config page too. J )

 

Although the included examples don’t show the use of parentheses… I think that is valid in the JEXL _expression_.

   Maybe this is a valid reference? (not sure about what version is used in Grouper vs this ref URL.. YMMV)    https://commons.apache.org/proper/commons-jexl/reference/syntax.html

 

HTH.

--

Carey Matthew

 

From: <> On Behalf Of Black, Carey M.
Sent: Monday, April 30, 2018 9:35 PM
To:
Cc: Bryan Wooten <>
Subject: [grouper-users] RE: LDAP_GROUP_LIST - Setting group name

 

Bryan,

 

LDAP_GROUP_LIST : The filter should return one or more LDAP groups that are to be loaded into Grouper.

 

What you want is :

                LDAP_GROUPS_FROM_ATTRIBUTES : The filter should return a set of Users with attributes that will define the groups loaded into Grouper.

 

Also  Just a guess… but I think you want to set:

 

Group attribute name = department

And

Group name _expression_ = ${groupAttribute}

 

NOTE: if there are some department values that you do (or do not) want to load, then also set Attribute filter _expression_ .

 

Examples:

${attributeValue == "LOAD ME"}

  OR

${attributeValue == 'LOAD ME' || attributeValue == 'DO NOT LOAD ME'}

 

--

Carey Matthew

 

From: <> On Behalf Of Bryan Wooten
Sent: Monday, April 30, 2018 4:06 PM
To:
Subject: [grouper-users] LDAP_GROUP_LIST - Setting group name

 

All,

 

I am using the 2.3 UI to try and complete a proof of concept that creates a basis group for each department.

 

LDAP filter like this: (&(netid=*)(department=*))  Find all entries with department attribute set. I want the group name to be the department attribute value.

 

So in the Edit Loader Settings I think I want to set the fields Group name _expression_, Group display name _expression_ and Group description _expression_.

 

I have set Extra LDAP attributes to return department.

 

So I have set Group description _expression_ to be ${grouperAttributes('department')}.

 

I thought I was following the hint given on the page:

 

JEXL _expression_ language fragment that evaluates to the group name (relative to the stem of the group which has the loader definition). groupAttributes['dn'] is a variable in scope as is groupAttributes['cn'] etc

 

But when I run the Loader Diagnostics I get this:

 

NOTE: Original group name: 'groups:u0519980'

NOTE: Found attribute: 'department' with value 'UIT Information Security'

ERROR: Error evaluating group name _expression_: '${grouperAttributes('department')}'

 

I admit that I am having a hard time wrapping my head around JEXL…

 

Any hints or examples greatly appreciated.

 

Bryan Wooten

Tel: (801)585-9323

Email: