Skip to Content.
Sympa Menu

grouper-users - [grouper-users] Issues with replacing the Subject store after install grouper with installer

Subject: Grouper Users - Open Discussion List

List archive

[grouper-users] Issues with replacing the Subject store after install grouper with installer


Chronological Thread 
  • From: "Adam Chang" <>
  • To:
  • Subject: [grouper-users] Issues with replacing the Subject store after install grouper with installer

I installed the grouper with the installer and tried to replace the DB from
hsql to mysql and point the subject store to the ldap.

- Switching the DB is pretty straight forward. Just add these 3 lines in the
grouper.hibernet.properties

hibernate.connection.url = jdbc:mysql://localhost:3306/grouper_schema
hibernate.connection.username = YOURDBUSERNAME
hibernate.connection.password = PASSWORD

** if you are using mysql 8, replace the mysql-connector-java-5.1.45.jar with
mysql-connector-java-8.0.16.jar so the new mysql SHA password plugin can work.
** make sure apply the changes (properties file, jar) in these 3 locations.
\grouper.apiBinary-2.4.0\conf\
\grouper.ui-2.4.0\dist\grouper\WEB-INF\classes\
\grouper.ws-2.4.0\grouper-ws\build\dist\grouper-ws\WEB-INF\classes\

Then run cmd /c c:\OITDevEnv\Grouper\gi\grouper.apiBinary-2.4.0\bin\gsh.bat -
registry -runscript and you will see the blank tables created.

- However I cannot get the redirecting subject store to LDAP work.
After tweaking the properties files below, I got this error. It seemed to
indicate the grouper did query the ldap but failed.

Error querying ldap server id: ucildap, searchDn: ou=people,dc=uci,dc=edu,
filter: '(& (uid=grouperTestSubjectByIdOnStartupASDFGHJ)
(objectclass=person))', returning attributes: [Ljava.lang.String;@55f5c62d

Here are my questions.
1. Where is this grouperTestSubjectByIdOnStartupASDFGHJ coming from? Seems
grouper tried to replace the place holder %TERM% in the subject.properties but
I thought the value should come from the user input from the UI and UI is not
even up yet?
2. Should I start the loader first or the UI (tomcat) first?
3. What does the loader do? Does it point to the subject store to LDAP but
not loading the group information from LDAP?

Here are my other properties files.
** grouper-loader.properties
loader.autoadd.typesAttributes = true
ldap.ucildap.url = ldap://ldap.oit.uci.edu/dc=uci,dc=edu
ldap.ucildap.user =
ldap.ucildap.pass =

** grouper.properties
grouper.attribute.loader.autoconfigure=true

** subject.properties
subject.sources.xml.location =
subjectApi.source.ucildap.id = ucildap
subjectApi.source.ucildap.name = UCI OIT Public LDAP
subjectApi.source.ucildap.types = person
subjectApi.source.ucildap.adapterClass =
edu.internet2.middleware.grouper.subj.GrouperJndiSourceAdapter
subjectApi.source.ucildap.param.INITIAL_CONTEXT_FACTORY.value =
com.sun.jndi.ldap.LdapCtxFactory
subjectApi.source.ucildap.param.PROVIDER_URL.value =
ldap://ldap.oit.uci.edu:389/dc=uci,dc=edu
subjectApi.source.ucildap.param.SECURITY_AUTHENTICATION.value = none
subjectApi.source.ucildap.param.SubjectID_AttributeType.value = uid
subjectApi.source.ucildap.param.SubjectID_formatToLowerCase.value = false
subjectApi.source.ucildap.param.Name_AttributeType.value = cn
subjectApi.source.ucildap.param.Description_AttributeType.value = nameLong
subjectApi.source.ucildap.param.subjectVirtualAttributeVariable_grouperUtilElSafe.value
= edu.internet2.middleware.grouper.util.GrouperUtilElSafe
subjectApi.source.ucildap.param.subjectVirtualAttribute_0_nameLong.value = $
{grouperUtilElSafe.appendIfNotBlankString(grouperUtilElSafe.defaultIfBlank(subject.getAttributeValue('cn'),
''), ' - ',
grouperUtilElSafe.defaultIfBlank(subject.getAttributeValue('eduPersonSchoolCollegeName'),
''))}
subjectApi.source.ucildap.param.sortAttribute0.value = nameLong
subjectApi.source.ucildap.param.searchAttribute0.value = namelong
subjectApi.source.ucildap.param.emailAttributeName.value = mail
subjectApi.source.ucildap.param.ldapServerId.value = ucildap
subjectApi.source.ucildap.search.searchSubject.param.filter.value = (& (uid=
%TERM%) (objectclass=person))
subjectApi.source.ucildap.search.searchSubject.param.scope.value =
ONELEVEL_SCOPE
subjectApi.source.ucildap.search.searchSubject.param.base.value =
ou=people,dc=uci,dc=edu
subjectApi.source.ucildap.search.searchSubjectByIdentifier.param.filter.value
= (& (uid=%TERM%) (objectclass=person))
subjectApi.source.ucildap.search.searchSubjectByIdentifier.param.scope.value =
ONELEVEL_SCOPE
subjectApi.source.ucildap.search.search.param.filter.value = (& (|(|(uid=%TERM
%)(cn=*%TERM%*))(uid=%TERM%))(objectclass=person))
subjectApi.source.ucildap.search.search.param.scope.value = ONELEVEL_SCOPE
subjectApi.source.ucildap.search.search.param.base.value = ou=person
subjectApi.source.ucildap.attributes = department, departmentNumber, sn,
displayName, uciAffiliation, mail
subjectApi.source.ucildap.internalAttributes = searchAttribute0


Thanks.
Regards,
~Adam


  • [grouper-users] Issues with replacing the Subject store after install grouper with installer, Adam Chang, 07/12/2019

Archive powered by MHonArc 2.6.19.

Top of Page