Skip to Content.
Sympa Menu

grouper-users - [grouper-users] Provisioning Grouper stem attribute values to LDAP

Subject: Grouper Users - Open Discussion List

List archive

[grouper-users] Provisioning Grouper stem attribute values to LDAP


Chronological Thread 
    < Chronological >      < Thread >
  • From: Robert Bradley <>
  • To: "" <>
  • Subject: [grouper-users] Provisioning Grouper stem attribute values to LDAP
  • Date: Wed, 1 Jun 2022 16:03:42 +0100
  • Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=it.ox.ac.uk; dmarc=pass action=none header.from=it.ox.ac.uk; dkim=pass header.d=it.ox.ac.uk; arc=none
  • Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=IjOttC6lDyGjZYhvBykJ9GWiN8kpV7OqDoHAadn8YYY=; b=VbUDcMH0xopco2g40c4WKc4bamLxdKHyVMRiXM4iM7h50n40Eh4uf+hT5xmftBHkzzWC+i2lE5GiMz4xOFWB8q6dXZ2+ATuTc0Iq20tAK4z9X+MH1QRpyqwPuDGyBE6Z9j/ncG9Z//uAFjVDVi+WHo+WBerCb7xK3i9VV5S2RFnGL5+pSWPMRD8OjW8k0b4f1AQ5mK9GpIeKdcRMHg/l66/7Hgkpq41pXNTuvLSj0hxIUNPeZFUVqUpbJOX3VgtYTT5KXXwuA3EdS+epjzdluPzcbKCb7sTyRtFpYVvisIJ+UpsgQr1EKEH1IWZbKOdiX9vrIYTuhqpQ3jPFVExEPw==
  • Arc-seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=X8r1utcxA77sxAXXB2/OHVtgyiCpAoeW7Eu5dntFtX6TAY1HFZSMgBZm1GGMr2XPeHHAIP7JWPfN2iT9Nbb9AiSEC2OV2og1onyFzIt+3vcfQT0NWgg2cxSzNhDWzlF77lTcGaHbWszpCrMvNTJX1sjbttf3e5pywiAm2manpjF8O54w/lqaoH8AbgDpMzEwzUOSj1FV9GtMXF5/NjGB5vmjM6OKlkjfDoMJHN1SpzoD8crCNKJsRtF6O8VpJpXyNrir+bHUNh7QoXx21tPo/MduDtJ3moKrydDLRrsqKK01l+Ypo7hTfbSg2NyqWJJ+gIgSkPsPSiex+q9MSfY7sg==
At the moment, we are using the old Grouper PSP with Grouper 2.2.2 to provision groups to LDAP in a bushy DN configuration. This means that we can also assign local attributes to a Grouper stem (such as departments for a course, or administrative unit IDs) and have these provisioned to LDAP as needed. For example:

dn: ou=grouper,dc=example,dc=com
objectClass: top
objectClass: grouperStem
ou: grouper

dn: ou=test,ou=grouper,dc=example,dc=com
objectClass: top
objectClass: grouperStem
ou: test
displayName: Test Stem
customStemAttribute: department-x

dn: cn=testGroup,ou=test,ou=grouper,dc=example,dc=com
objectClass: grouperGroup
cn: testGroup
displayName: Test Group
customGroupAttribute: blah
member: uid=12345,ou=people,dc=example,dc=com

As part of our long-running upgrade to Grouper 2.5, I am hoping to migrate our existing classic PSP setup to the new Grouper provisioning framework. However, whilst provisioning group attributes to LDAP is straightforward enough, I can't see any obvious way to provision stem attributes to the bushy OUs. Is there still some means of doing this in the new provisioning framework?

Thanks in advance,

Robert
--
Dr Robert Bradley
Identity and Access Management Team, IT Services, University of Oxford

Attachment: OpenPGP_signature
Description: OpenPGP digital signature


  • [grouper-users] Provisioning Grouper stem attribute values to LDAP, Robert Bradley, 06/01/2022

Archive powered by MHonArc 2.6.24.

Top of Page