This page is for the Grouper Development Team

LDAP containerDocument how to run LDAP container for unit tests
LDAP container dataPopulate the LDAP container with users and groups.  We can have various OU's for various situations
Grouper subject source for LDAPUnit test subject override map source to connect to LDAP
Refactor group dn configMaybe we need a parent DN, the bushy or flat, and the translation from group to cn

Simple group membership provisioner full sync, synchronousProvision subject IDs to a group attribute in LDAP.  Assume groups already exist

LDAP provisioning diagnosticsAdd some configs needed for this, then have a diagnostics page (like subject API diagnostics)
to run through configs and make sure valid (without doing a full sync)

isActiveDirectoryIs this in the LDAP config?  Remove from LDAP provisioning config?  Drive other defaults from this

Simple user attribute provisioner full sync, synchronousProvision group names to a user attribute in LDAP.  Assume users already exist

Verify sync table cache attributes Verify the memberFromId2, groupToId3, etc attributes

Link up the full sync to the sync table jobs and logsMake sure the status of the group is logged to the correct tables

Subject API link for group membershipsLook up subject in subject source and get an attribute to use for group membership list

Subject API link for user attributesLook up subject in subject source and get an attribute to use for looking up user in ldap

Ensure subject attribute is cached in sync tablesEnsure the subject attribute is cached in sync tables

Ensure subject attribute set by USDUEnsure USDU run will process all subjects and set attributes in sync tables

Target user linkLook up target subject before provisioning group memberships.  Provision based on user attribute

Ensure target user link cached in sync tablesTarget user link should be cached in sync tables

Target group linkLook up target group before provisioning user attributes.  Provision based on group attribute

Ensure target group link cached in sync tablesTarget group link should be cached in sync tables

userSearchAttributesEnsure the correct attribute are retrieved by ldap, or the default ones (ones we know about)

createMissingUsersIf false, and not exist, error.  Create users as needed using the user LDIF. 
Document which objects are available and merge helper methods from the
PSPNG util to the grouper util helper var?

userAttributesMultivaluedWhy do we need this?  When creating users?

createMissingGroupsIf false, and not exist, error.  Create groups as needed using the group LDIF. 
Document which objects are available.

groupAttributesMultivaluedWhy do we need this?  When creating groups?

deleteInTargetIfInTargetAndNotGrouperGrouper is system of record

deleteInTargetIfDeletedInGrouperHow do we do this?  Incremental or PIT if deleted in last day?  Might need to adjust the workflow to 
accommodate if full sync and group deletes

Review all configs and make sure implementedMake sure all other configs are either implemented or on the below list

membershipFieldsGet grouper data from other fields (members, admin, managers, readers)

Error handling with cacheMake sure the logic uses cached values unless there is an error, then resolve everything from scratch

Subject sources to provisionMake a duplicate subject source and make sure the provisioner only provisions configured sources

Allow clean subject link in full provisioningPass flag from UI in full sync message to resolve all subjects

  • No labels