Child pages
  • Grouper Call 11 Jan-2017
Skip to end of metadata
Go to start of metadata


Grouper Call Wed. Jan. 11, 2017 

Attending: Chris Hyzer, Shilen Patel, Jim Fox, Emily Eisbruch, Bert Bee-Lindgren

Intellectual Property Reminder:


New Action Items 

[AI] (Jim) provide info on University of Washington provisioning to Office 365

[AI] (Bert) email the list about Office365 versus Dropbox and next PSP project

[AI] (All) review the  TIER Grouper deployment guide work

[AI] (Chris) put example in properties file for sources.xml patch


Carry Over Action Items  

[AI] (Chris) GRP-1418: removeMembers redirect to main page for non-wheel user with Admin priv 

[AI] (Chris)  Attribute framework documentation DONE , see new diagrams!

[AI] (Chris)  GRP-1420: Member removal from group shows recent activity as GrouperSystem

[AI] (Bert) follow up and reply to email on Hibernate Connection Pool issue

[AI] (Chris) follow up on Diagnostic servlet needs patch

[AI] (Bert) document how to build PSP NG and patch it  [Bert needs to finish last couple steps] (AI for Chris to try it afterwards)

[AI] (Chris) put “make_patch” command in github  

[AI] (Bert) Put these in jira: Grace Periods, Membership Rules, People/Account subjects  

[AI] (Bert)  document the solution to “turn off old psp issue” that was raised on the list

[AI] (Bert) create PSP-NG Training Video (after necessary patches) using Camtasia

[AI] (Chris) see if UI authn pulls from source.  I.e. if someone authenticated as GrouperSystem


Completed  Action Items 

[AI] (Chris) Handle issue of paging in some web service calls DONE

[AI] (Chris) records not deleted from change log table from columbia DONE

[AI] (Chris)  work on Attribute framework documentation DONE

[AI] (Chris)  work on Get Groups lite WS paging DONE

[AI] Chris find out more about PSP at Penn and how it’s going (apply latest pspng patches) DONE

[AI] (Bert and Chris) discuss the best approach to groups requiring full sync [Done] 

[AI] (Bert) email the Grouper users list on how to handle the “LDAP  must have member in group” issue [Done]

[AI] (Bert) l ook into Compile issue: Bert to look into it. Is Bert’s work area in sync? [Done]

[AI] (Bert) Follow up on Erik Coleman issue of bushy groups in AD [Done 

[AI] (Chris) Configure sources.xml as properties file, (DONE)

[AI] (Bert) Start discussion about how to handle empty groups (not allowed in some LDAPs) and see if community can decide on a single approach [Done]



Current work tasks 

Vivek – 

Accessibility, Wrapping this up


TIER API in installer

  Working to get this up and running

Misagh – gradle

Chris –working on patches

Bert – PSPNG 

  •   Working to get membership implemented the way the community wants it implemented
  • Work on non-LDAP provisioner, another supported endpoint, see 2016 TechEx slides
    • Office365?
    • Dropbox (GA Tech is interested in Dropbox)
      • Q: Would Dropbox involve a lot of groups being synced?
      • A: Bert: there are many funding-related groups in Dropbox
      • End-user created groups with external people in them
      • Issues around naming end-user created groups, need to enforce prefixes, such as the dept. name
    • Or Google?
    • Suggestion: focus on Office365
      • Office365 has different set of rules from LDAP
      • University of Washington provisions to Office 365 via AD in cloud?, it’s not simple
      •   [AI] (Jim) provide info on University of Washington provisioning to Office 365
      • Note: Office365 can have  unusual restrictions on groups
      •   [AI] (Bert) email the list about Office365 versus Dropbox and next PSP project


Shilen – real time loader


  • Triggers to loader table to populate an incremental table
  • Will work for SQL lists
  • Has committed code, this may become a patch to Grouper 2.3
  • Writing test cases

Shilen hopes to finish writing and doing test cases between now and next Grouper call

Bill – TIER Grouper deployment guide

[AI] (All) review the Grouper Deployment Guide work

Issue roundup

  •   Loader memory issues
    • -Xloggc:/srv/logs/udacity-provider-buzzapi-provider.1.gc
      • Example output:
        • CommandLine flags: -XX:-BytecodeVerificationLocal -XX:-BytecodeVerificationRemote -XX:InitialHeapSize=262908480 -XX:MaxHeapSize=536870912 -XX:+PrintGC -XX:+PrintGCTimeStamps -XX:+UseCompressedOops -XX:+UseParallelGC
        • 1720.047: [Full GC 98211K->34767K(172544K), 0.0902460 secs]
        • (Memory Leak → growth in that Full GC result)
  • Grouper install on postgres (AI for Chris)
  • Multiple LDAP sources in pspng (AI for Bert)
  •   Global Summit 
  •   Global Summit Grouper BoF (thanks Emily for organizing)
  • Sources.xml to properties (patch done)
    •   ([AI] Chris put example in properties file for sources.xml patch
  • UI audits truncated (patch done)
  • Jira will be upgraded January 14, 2017
  • PSP bushy vs flat email
  • GRP-1455: Grouper versions done match (patch done)
  • GRP-1451: if the subject id attribute does not exist for a record in an ldap loader job, give descriptive exception
  • GRP-1452: regex replace in subject source can cause issues if subject id has dollar sign
  • Penn AD patch seems to work
  • Cherry pick TIER
  • AD range attribute support (done right Bert?) (Yes)
  • Diagrams on attribute framework
  • Remove group performance (AI for Chris)
  • GRP-1439: old records delete from table performance (patch done)
  • GRP-1449: paging in WS (patch done)
  • GRP-1440: usability of combo (patch done)
  • GRP-1446: performance of trace privileges (patch done)
  • Modeling NIS groups
  • Unit tests in hsql (issues)
  • GRP-1447: mysql driver in WS (patch done)


Grouper Roadmap:

Goal : Grouper 2.4 Release by 2017 Global Summit (end of April), so wrap up development work by mid-March 

Add new messaging strategies:

  •   AWS- Chris
  • Rabbit MQ - Bert

Bert has question on Grouper Instrumentation for PSP

Will review more roadmap items on next Grouper call


Next Grouper Call: Wed. Jan. 25, 2017 at noon ET





  • No labels