Grouper Administration Guides
Installation & Configuration
Architectural and High Level Diagrams
Components Overview - lists components (including connectors) in Grouper and provides links to more info.
Product Specifications - "Specsheet" for Grouper
Grouper Installer - Installs the Grouper API, quickstart data, UI, WS, and client; also used to do upgrading and patching
API Installation - Configure the API and integrate with existing identity stores.
Configuration Files and Overlays - Configuration approaches including using cascaded configuration files.
WS Installation - Build, secure, and deploy Grouper Web Services.
Initializing Administration of Privileges (the wheel group) - The first stem and group you should create.
Group and folder design ideas - Examples of how institutions have organized and delegated their folders and groups
Externalize and Encrypt Grouper LDAP and Database Passwords
Getting Ready for Production with Grouper - steps to think about after Grouper installation
InCommon Trusted Access Platform Grouper Docker Documentation - step by step instructions on how to bring up Grouper in a Docker Swarm environment
Authentication to the Grouper UI - examples using Shibboleth or CAS
Authentication to the UI and Web Services in 2.5+
Grouper new UI - Allows navigating the tree structure, managing groups, managing favorites and more.
Grouper Custom UI - Helps end users and administrators view and troubleshoot access
Grouper UI Templates - Allows Grouper users to accomplish multiple tasks at once and save time and be more consistent
Grouper Visualization - API to see the relationships between Grouper objects
Grouper Visualization UI - Using the Visualization UI to build and display graphs
Grouper LITE UIs - OLD - Information on Grouper LITE UIs (used from v2.0 to v2.3 for Attribute Framework and External Subjects)
Customizing the Administrative UI - OLD and OUTDATED APPROACH - applies only to Grouper versions prior to Grouper 2.2
GrouperShell - The gsh command line utility.
Grouper Daemon - Background processing including: GrouperLoader, notifications and membership expiry.
Grouper Client - Client for Grouper LDAP and Web Services.
Move and Copy - How to move or copy groups or folders/stems.
Web Services - Exposing common Grouper business logic through SOAP and REST
Always Available Web Services and Client - Web services that do not have a single point of failure.
Attribute Framework - A framework for assigning metadata to Grouper objects.
Grouper Reporting - Flexible reporting capability
Grouper subject filter and attribute decorator - Restrict access to Subject attributes.
Grouper local entities - Manage access within Grouper for Subjects not managed in a Subject Source.
User Audit Log - How to review who made what changes and when.
Point in Time Auditing - Query the state of Grouper in the past.
Organizing Services In Grouper - Allows filtering of the registry by a service.
XML Import/Export Tool - Documentation for the XML Import/Export tool.
Grouper Diagnostics - Gives the health of Grouper
Grouper overall summary administrative report - daily email report of status of Grouper
Grouper Security Issues and Patches
Ongoing Administration Tasks - Suggestions for ongoing Grouper administration tasks, including pruning the logs and registry, performing monitoring, and setting up notifications.
Custom Group Types & Fields - (Deprecated as of Grouper 2.2)
Access Management Features Overview - An overview of when to use rules, roles, limits, and other access management features
Role and permission management - Allowing external applications to centrally manage roles and permissions in Grouper
Permission Limits - Setting up runtime constraints on permissions
Enabled and disabled (Start/End) dates - Setting up memberships to apply only in the future, or for a certain period of time
Rules - Attach actions on certain events to trigger certain results
Attribute based access control (ABAC) with scripted groups - Using scripted groups to increase efficiency in implementing access policy
Deprovisioning - Remove access when someone leaves
Attestation - Get reminders to review groups periodically
Grouper Automatically Managed Recent Memberships - grace periods
Provisioning and Integration
Provisioning Framework - Grouper v4 and above
Integration Overview - Considerations for integrating Grouper with an application
Provisioning Service Provider Next Generation - Grouper 2.3 through Grouper 2.5
Grouper Messaging - allows messages to be sent and received from a messaging system
Grouper Loader - Automatically manage Grouper memberships based on a data source
Subject API - Used to integrate a java application with a site's existing Identity Management operations
Notification (Change Log) - Grouper can incrementally integrate with or provision external systems.
Hooks - Create connections from the Grouper API to your custom code
External Subjects - Managing external subjects.
Sync Grouper with another Grouper - Allows two group management systems to share a group.
Integer ID's on Grouper Objects - These integers can be used, for instance, as UNIX GIDs.
Shibboleth Integration (Grouper 2.1 and above) - Grouper as a Data Connector Extension for Shibboleth (newer architecture)
Shibboleth Integration (Prior to Grouper 2.1) - Grouper as a Data Connector Extension for Shibboleth.
Exposing Groups Through Shibboleth
ESB Connector - Integrating Grouper with an event-driven ESB architecture.
Notifications - Java interface for handling Grouper events
XMPP Notifications - Handling XMPP Notifications
Grouper integration with uPortal - Grouper uPortal integration.
Grouper integration with SCIM - SCIM stands for System for Cross-domain Identity Management (this integration is available in Grouper 2.2 and above).
Grouper Atlassian Connector - Allows you to manage Atlassian (Jira, Confluence) groups and person information.
Grouper VOOT Connector - Implements the VOOT specification for cross-domain read access to groups.
SQL Integration - Accessing Grouper data from SQL
Grouper Remedy Integration - integration with Remedy (SaaS) and Digital Marketplace
Grouper Azure Provisioner - synchronizes Grouper groups and users to Microsoft Azure Active Directory/Office 365
Using SQL to do things in Grouper
Universal Subject Daemon Utility (USDU) in Grouper 2.5+
Unresolvable Subject Deletion Utility - Documentation for the command line USDU tool (prior to Grouper 2.5)
Bad Membership Finder Utility - Documentation for the findbadmemberships command line script.
Cursor based paging to download large amounts of data without missing records during inserts/deletes
JEXL Script Tester
Glossary, Roadmap and Other