Skip to Content.
Sympa Menu

grouper-users - [grouper-users] PSPNG groupCreationLDIFTemplate (more JEXL fun)

Subject: Grouper Users - Open Discussion List

List archive

[grouper-users] PSPNG groupCreationLDIFTemplate (more JEXL fun)


Chronological Thread 
  • From: "Coleman, Erik C" <>
  • To: "" <>
  • Subject: [grouper-users] PSPNG groupCreationLDIFTemplate (more JEXL fun)
  • Date: Thu, 7 Jun 2018 17:42:19 +0000
  • Accept-language: en-US
  • Ironport-phdr: 9a23:GYGgVxRHYwbI+lcYPaOy0CKbqtpsv+yvbD5Q0YIujvd0So/mwa69bRCN2/xhgRfzUJnB7Loc0qyK6/2mATRIyK3CmUhKSIZLWR4BhJdetC0bK+nBN3fGKuX3ZTcxBsVIWQwt1Xi6NU9IBJS2PAWK8TW94jEIBxrwKxd+KPjrFY7OlcS30P2594HObwlSizexfbN/IA+qoQnNq8IbnZZsJqEtxxXTv3BGYf5WxWRmJVKSmxbz+MK994N9/ipTpvws6ddOXb31cKokQ7NYCi8mM30u683wqRbDVwqP6WACXWgQjxFFHhLK7BD+Xpf2ryv6qu9w0zSUMMHqUbw5Xymp4qF2QxHqlSgHLSY0/mHJhMJtkKJVrhGvpx1jzIHbe4yaLuZycr/HcN8GWWZNQMBcXDFBDIOmaIsPCvIMMehGoon6o1sBsx6+ChOqBO/31zRGiWX23aw50+88DwzK0hErEtUQv3vIsNr4L6YSUeSxzKnJyzXDaPJW2Szn5IfWbx8hvOiBULRtesTS0UkiDx3JgkmfpID/Oz6Y2P4Bv3aB4+djTe6jlmoqpx9rrjSyxMogkIfEipwPxlzZ6yl12Ig1KsO7RUJnZNOpFZ9duiWEOIZzQ84tXnpntSI/x7IcpZG2fzYFxZE5yBHDdfCKfY6F6Q/5WumLOzd3nndldaq/hxms9UigzfXxVsiw0FZOrypFlN7MtnEW1xDJ9MeIV+Z98l+g2TaJyQ/T9vlJLV4omafUMZIsxrA9moANvUjZHSL6gED2g7WXdkUg9Oio8ePnYrD+q5CCK4B7lhrzMqUqmsy7AOQ4NA8OX2mA+eimyrLs4FD5TK1QjvIqiqnZrIzaJcMDq662GQ9V1Zsj6w6hADe8ydgYgGIHI0xfeBKclIXpP1DOIOvkDfeknVigijZrx/baPrL/GJXNKGbMkKv/cbpn9UFT1Rcznphj4MceBasGPer+QArsr9HCFTc4NRC52eDqFI87248DEyrbDbWeLbvfqxqV/e81OMGNYpMYojDwN6Jj6vLz2ywXg1gYKOOC2p8abXm+WrxLOUSaKVGmyoMMGmwivw46TertiUbEXDJOMSXhF5kg7y02Xdr1RbzIQZqg1eSM
  • Spamdiagnosticmetadata: NSPM
  • Spamdiagnosticoutput: 1:99

I am progressing with PSPNG running pretty smoothly now, so I’m moving on to prettying up the data, but encountered another snag… we are pushing most groups to a single flat OU, using the ${group.name} the group as the CN (i.e., “stem1:mygroup”). And by default, if you don’t specify samAccountName in groupCreationLDIFTemplate, that ends up getting assigned a random value by AD, which is rather ugly and unusable in some interfaces.

 

I’d like to set the samAccountName to something equally unique, but of course I cannot use “:” colon characters in AD group names so ${group.name} fails. Setting samAccountName to ${group.extension} is potentially not unique if I have two groups with the same extension (i.e., “stem1:mygroup” and “stem2:mygroup”). 

 

So is there some clever JEXL trick that I can do to replace “:” with a hyphen “-“ in the ${group.name}?  Or can I do something like “${group.parentStem}-${group.extension}”?  Does anyone have some LDIF templates they’d be willing to share? It is so hard to test JEXL!

 

Thanks!

 

-Erik

 

 

--

Erik Coleman <>

Identity and Acccess Management

Technology Services

University of Illinois at Urbana-Champaign

 

 




Archive powered by MHonArc 2.6.19.

Top of Page