grouper-users - [grouper-users] using AD extended schema attribute for anchor
Subject: Grouper Users - Open Discussion List
List archive
- From: "Guenther, Dean R." <>
- To: "" <>
- Subject: [grouper-users] using AD extended schema attribute for anchor
- Date: Tue, 12 Jun 2018 18:10:27 +0000
- Accept-language: en-US
- Authentication-results: spf=none (sender IP is ) ;
- Ironport-phdr: 9a23:+dOxqhwSVhIK6cnXCy+O+j09IxM/srCxBDY+r6Qd2ugUIJqq85mqBkHD//Il1AaPAd2Graocw8Pt8InYEVQa5piAtH1QOLdtbDQizfssogo7HcSeAlf6JvO5JwYzHcBFSUM3tyrjaRsdF8nxfUDdrWOv5jAOBBr/KRB1JuPoEYLOksi7ze+/94HTbglSmDaxfa55IQmrownWqsQYm5ZpJLwryhvOrHtIeuBWyn1tKFmOgRvy5dq+8YB6/ShItP0v68BPUaPhf6QlVrNYFygpM3o05MLwqxbOSxaE62YGXWUXlhpIBBXF7A3/U5zsvCb2qvZx1S+HNsDwULs6Wymt771zRRHolikJKiI5/m/UhMN+jaJUvB2uqgdlzILIZYGYLuZyc7nfcN4cWGFPXtxRVytEAo6kYYcBDvcBMvher4nhp1sBswG+CRGxD+3h1DBHnHn21rAm3eg7Hw3NwQstH90TsHvKqtX1KKcSXv6vzKTTwzTDdO5W1S3j54fVbxAsuPeBVq9zf8rJ0UQjCRnKgkmNpYHgIj+Zy/kBvm2V7+dvSe6jl2sqqw9vrTWv28shj4zEi4MJxlza7Sl0wYI4KcelREN6YNOoCpRduiCAO4drTM4uX3lkuCgkxbAFpZK2eS0HxZslyhPfbvGKc4yF7xL+W+uULzp1gG9qd6i6ihuz7UStxOLxW8+p21hQtCVFiMPDtnUV2hzT9MeHTvx981+51zuT0A7f9uFJLVk6m6TcJZMt27kwmYENvkjZGS/2hVn2g7SRdkU5/Oin9v7rYq38pp+bK497lB3xMrgvmsy4B+Q0KA8OX3WH+eS4073j+k75TK9Wgf0xl6nVqJHaJcIFqa6lGwJZzJws5wqiAzqjzdgUgGQLIVdLeB+Ik4TlJ1TDIP7mAvq/nlihlTJmyvHaMrH/GpnNK2LMkLblfbZz8U5czw8zwMhQ55JJFL4BJu7zWk/vu9zCFRI4PRe0w/v9BNpjy4weRHqDArWFP6PKrV+I+uUvLvGDZI8Pvzb9NuAl6OD0jXMghF8dZrem3YEMaH2jGvRmIl6ZYWb3gtsfC2sKvww+TPD0h12YVz5ceWqyU7wm6j4lFY2mENSLeof4yrOb2zqjE4cTe3tLEEukEHH0ep+CVutWLi+eP4UpxjMeUqW5RpVkyAqjrhTSyrx7I/DS9zFC85/vyY4myffUkER42iF5Cdid3nvJB015l2VAfXl8lPRwvEF71leOy4BnmOEeGNBOsaAaGjwmPILRmrQpQ+v5XRjMK4+E
- Spamdiagnosticmetadata: NSPM
- Spamdiagnosticoutput: 1:99
I have an Active Directory extended schema attribute wsuExternalSystemID which contains a unique ID for each person. Its similar to what you might find in employeeID. This attribute is a confidential
attribute, and I have granted my ldap.pspng_activedirectory.user to have full access to this extended AD attribute. For my Grouper groups I build them with the SQL query select wsuExternalSystemID as subject_id from oraclepersonregistry where employeerole like ā%Hourly%ā and this successfully builds my group in Grouper. And each person it finds has the Unique ID with their wsuExternalSystemID as Iād expect. My question is, am I going to have any problem with using PSPNG to build a group in AD when the users are being referenced by an extended schema AD attribute? These are my userSearch values: changelog.consumer.pspng_activedirectory.userSearchBaseDn = ou=people,dc=testingAD,dc=wsu,dc=edu changelog.consumer.pspng_activedirectory.userSearchFilter = wsuExternalSystemID=${subject.id} changelog.consumer.pspng_activedirectory.userSearchAttributes = dn,cn,wsuexternalsystemid,userprincipalname,objectclass Dean Guenther |
- [grouper-users] using AD extended schema attribute for anchor, Guenther, Dean R., 06/12/2018
- [grouper-users] RE: using AD extended schema attribute for anchor, Coleman, Erik C, 06/13/2018
- [grouper-users] Re: using AD extended schema attribute for anchor, Guenther, Dean R., 06/13/2018
- [grouper-users] RE: using AD extended schema attribute for anchor, Coleman, Erik C, 06/13/2018
Archive powered by MHonArc 2.6.19.