Date: Thu, 28 Mar 2024 23:13:35 +0000 (UTC) Message-ID: <1050614849.7169.1711667615659@ip-10-10-7-29.ec2.internal> Subject: Exported From Confluence MIME-Version: 1.0 Content-Type: multipart/related; boundary="----=_Part_7168_1589297359.1711667615657" ------=_Part_7168_1589297359.1711667615657 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Content-Location: file:///C:/exported.html
The info on this page applies to Grouper 2.6 and above.
Note: probably should select minima= l attributes for entities, i.e. do not select objectClass
Provisioner in grouper-loader.properties
provisi= oner.ldapGroupsWithOverride.allowLdapGroupDnOverride =3D true provisioner.ldapGroupsWithOverride.class =3D edu.internet2.middleware.group= er.app.ldapProvisioning.LdapSync provisioner.ldapGroupsWithOverride.deleteGroups =3D true provisioner.ldapGroupsWithOverride.deleteGroupsIfNotExistInGrouper =3D true provisioner.ldapGroupsWithOverride.deleteMemberships =3D true provisioner.ldapGroupsWithOverride.deleteMembershipsIfNotExistInGrouper =3D= true provisioner.ldapGroupsWithOverride.groupDnType =3D flat provisioner.ldapGroupsWithOverride.groupSearchBaseDn =3D ou=3DGrouperGroups= ,dc=3Dexample,dc=3Dedu provisioner.ldapGroupsWithOverride.hasTargetEntityLink =3D true provisioner.ldapGroupsWithOverride.hasTargetGroupLink =3D true provisioner.ldapGroupsWithOverride.insertGroups =3D true provisioner.ldapGroupsWithOverride.insertMemberships =3D true provisioner.ldapGroupsWithOverride.ldapExternalSystemConfigId =3D personLda= p provisioner.ldapGroupsWithOverride.logAllObjectsVerbose =3D true provisioner.ldapGroupsWithOverride.numberOfEntityAttributes =3D 3 provisioner.ldapGroupsWithOverride.numberOfGroupAttributes =3D 5 provisioner.ldapGroupsWithOverride.operateOnGrouperEntities =3D true provisioner.ldapGroupsWithOverride.operateOnGrouperGroups =3D true provisioner.ldapGroupsWithOverride.operateOnGrouperMemberships =3D true provisioner.ldapGroupsWithOverride.provisioningType =3D groupAttributes provisioner.ldapGroupsWithOverride.selectAllEntities =3D true provisioner.ldapGroupsWithOverride.selectEntities =3D true provisioner.ldapGroupsWithOverride.selectGroups =3D true provisioner.ldapGroupsWithOverride.selectMemberships =3D true provisioner.ldapGroupsWithOverride.showAdvanced =3D true provisioner.ldapGroupsWithOverride.subjectSourcesToProvision =3D personLdap= Source provisioner.ldapGroupsWithOverride.targetEntityAttribute.0.fieldName =3D na= me provisioner.ldapGroupsWithOverride.targetEntityAttribute.0.isFieldElseAttri= bute =3D true provisioner.ldapGroupsWithOverride.targetEntityAttribute.0.select =3D true provisioner.ldapGroupsWithOverride.targetEntityAttribute.0.translateToMembe= rSyncField =3D memberToId2 provisioner.ldapGroupsWithOverride.targetEntityAttribute.1.isFieldElseAttri= bute =3D false provisioner.ldapGroupsWithOverride.targetEntityAttribute.1.matchingId =3D t= rue provisioner.ldapGroupsWithOverride.targetEntityAttribute.1.name =3D mail provisioner.ldapGroupsWithOverride.targetEntityAttribute.1.searchAttribute = =3D true provisioner.ldapGroupsWithOverride.targetEntityAttribute.1.select =3D true provisioner.ldapGroupsWithOverride.targetEntityAttribute.1.translateExpress= ionType =3D grouperProvisioningEntityField provisioner.ldapGroupsWithOverride.targetEntityAttribute.1.translateFromGro= uperProvisioningEntityField =3D attribute__subjectIdentifier0 provisioner.ldapGroupsWithOverride.targetEntityAttribute.2.isFieldElseAttri= bute =3D false provisioner.ldapGroupsWithOverride.targetEntityAttribute.2.multiValued =3D = true provisioner.ldapGroupsWithOverride.targetEntityAttribute.2.name =3D objectC= lass provisioner.ldapGroupsWithOverride.targetEntityAttribute.2.select =3D true provisioner.ldapGroupsWithOverride.targetEntityAttribute.2.translateExpress= ion =3D ${grouperUtil.toSet('person')} provisioner.ldapGroupsWithOverride.targetEntityAttribute.2.translateExpress= ionType =3D translationScript provisioner.ldapGroupsWithOverride.targetGroupAttribute.0.fieldName =3D nam= e provisioner.ldapGroupsWithOverride.targetGroupAttribute.0.insert =3D true provisioner.ldapGroupsWithOverride.targetGroupAttribute.0.isFieldElseAttrib= ute =3D true provisioner.ldapGroupsWithOverride.targetGroupAttribute.0.select =3D true provisioner.ldapGroupsWithOverride.targetGroupAttribute.0.translateExpressi= on =3D ${grouperUtil.defaultString(grouperProvisioningGroup.retrieveAttribu= teValueString('md_grouper_ldapGroupDnOverride'), 'cn=3D' + edu.internet2.mi= ddleware.grouper.util.GrouperUtil.ldapEscapeRdnValue(grouperProvisioningGro= up.name) + ',ou=3DGrouperGroups,dc=3Dexample,dc=3Dedu')} provisioner.ldapGroupsWithOverride.targetGroupAttribute.0.translateExpressi= onType =3D translationScript provisioner.ldapGroupsWithOverride.targetGroupAttribute.0.translateToGroupS= yncField =3D groupToId2 provisioner.ldapGroupsWithOverride.targetGroupAttribute.0.update =3D true provisioner.ldapGroupsWithOverride.targetGroupAttribute.1.insert =3D true provisioner.ldapGroupsWithOverride.targetGroupAttribute.1.isFieldElseAttrib= ute =3D false provisioner.ldapGroupsWithOverride.targetGroupAttribute.1.name =3D cn provisioner.ldapGroupsWithOverride.targetGroupAttribute.1.select =3D true provisioner.ldapGroupsWithOverride.targetGroupAttribute.1.translateExpressi= on =3D ${edu.internet2.middleware.grouper.util.GrouperUtil.ldapConvertDnToS= pecificValue(grouperUtil.defaultString(grouperProvisioningGroup.retrieveAtt= ributeValueString('md_grouper_ldapGroupDnOverride'), 'cn=3D' + edu.internet= 2.middleware.grouper.util.GrouperUtil.ldapEscapeRdnValue(grouperProvisionin= gGroup.name) + ',ou=3DGrouperGroups,dc=3Dexample,dc=3Dedu'))} provisioner.ldapGroupsWithOverride.targetGroupAttribute.1.translateExpressi= onType =3D translationScript provisioner.ldapGroupsWithOverride.targetGroupAttribute.1.update =3D true provisioner.ldapGroupsWithOverride.targetGroupAttribute.2.insert =3D true provisioner.ldapGroupsWithOverride.targetGroupAttribute.2.isFieldElseAttrib= ute =3D false provisioner.ldapGroupsWithOverride.targetGroupAttribute.2.matchingId =3D tr= ue provisioner.ldapGroupsWithOverride.targetGroupAttribute.2.name =3D gidNumbe= r provisioner.ldapGroupsWithOverride.targetGroupAttribute.2.searchAttribute = =3D true provisioner.ldapGroupsWithOverride.targetGroupAttribute.2.select =3D true provisioner.ldapGroupsWithOverride.targetGroupAttribute.2.translateExpressi= onType =3D grouperProvisioningGroupField provisioner.ldapGroupsWithOverride.targetGroupAttribute.2.translateFromGrou= perProvisioningGroupField =3D idIndexString provisioner.ldapGroupsWithOverride.targetGroupAttribute.2.update =3D true provisioner.ldapGroupsWithOverride.targetGroupAttribute.3.insert =3D true provisioner.ldapGroupsWithOverride.targetGroupAttribute.3.isFieldElseAttrib= ute =3D false provisioner.ldapGroupsWithOverride.targetGroupAttribute.3.multiValued =3D t= rue provisioner.ldapGroupsWithOverride.targetGroupAttribute.3.name =3D objectCl= ass provisioner.ldapGroupsWithOverride.targetGroupAttribute.3.select =3D true provisioner.ldapGroupsWithOverride.targetGroupAttribute.3.translateExpressi= on =3D ${grouperUtil.toSet('top', 'posixGroup')} provisioner.ldapGroupsWithOverride.targetGroupAttribute.3.translateExpressi= onType =3D translationScript provisioner.ldapGroupsWithOverride.targetGroupAttribute.3.update =3D true provisioner.ldapGroupsWithOverride.targetGroupAttribute.4.isFieldElseAttrib= ute =3D false provisioner.ldapGroupsWithOverride.targetGroupAttribute.4.membershipAttribu= te =3D true provisioner.ldapGroupsWithOverride.targetGroupAttribute.4.multiValued =3D t= rue provisioner.ldapGroupsWithOverride.targetGroupAttribute.4.name =3D descript= ion provisioner.ldapGroupsWithOverride.targetGroupAttribute.4.translateFromMemb= erSyncField =3D memberToId2 provisioner.ldapGroupsWithOverride.updateGroups =3D true provisioner.ldapGroupsWithOverride.userSearchBaseDn =3D ou=3DPeople,dc=3Dex= ample,dc=3Dedu
External system in grouper-loader.properties
ldap.pe= rsonLdap.pass =3D ******* ldap.personLdap.searchResultHandlers =3D org.ldaptive.handler.DnAttributeEn= tryHandler,edu.internet2.middleware.grouper.ldap.ldaptive.GrouperRangeEntry= Handler ldap.personLdap.uiTestAttributeName =3D dc ldap.personLdap.uiTestExpectedValue =3D example ldap.personLdap.uiTestFilter =3D (dc=3Dexample) ldap.personLdap.uiTestSearchDn =3D dc=3Dexample,dc=3Dedu ldap.personLdap.uiTestSearchScope =3D OBJECT_SCOPE ldap.personLdap.url =3D ldap://localhost:389 ldap.personLdap.user =3D cn=3Dadmin,dc=3Dexample,dc=3Dedu
Daemon jobs in grouper-loader.properties
otherJo= b.ldapGroupsWithOverrideFull.class =3D edu.internet2.middleware.grouper.app= .provisioning.GrouperProvisioningFullSyncJob otherJob.ldapGroupsWithOverrideFull.provisionerConfigId =3D ldapGroupsWithO= verride otherJob.ldapGroupsWithOverrideFull.quartzCron =3D 39 53 6 * * ? changeLog.consumer.ldapGroupsWithOverrideIncremental.class =3D edu.internet= 2.middleware.grouper.changeLog.esb.consumer.EsbConsumer changeLog.consumer.ldapGroupsWithOverrideIncremental.provisionerConfigId = =3D ldapGroupsWithOverride changeLog.consumer.ldapGroupsWithOverrideIncremental.publisher.class =3D ed= u.internet2.middleware.grouper.app.provisioning.ProvisioningConsumer changeLog.consumer.ldapGroupsWithOverrideIncremental.publisher.debug =3D fa= lse changeLog.consumer.ldapGroupsWithOverrideIncremental.quartzCron =3D 0 * * *= * ?
Subject source in subject.properties
subject= Api.source.myPeople.adapterClass =3D edu.internet2.middleware.grouper.subj.= GrouperLdapSourceAdapter2_5 subjectApi.source.myPeople.attribute.0.name =3D uid subjectApi.source.myPeople.attribute.0.translationType =3D sourceAttributeS= ameAsSubjectAttribute subjectApi.source.myPeople.attribute.1.name =3D mail subjectApi.source.myPeople.attribute.1.subjectIdentifier =3D true subjectApi.source.myPeople.attribute.1.translationType =3D sourceAttributeS= ameAsSubjectAttribute subjectApi.source.myPeople.attribute.2.name =3D name subjectApi.source.myPeople.attribute.2.sourceAttribute =3D cn subjectApi.source.myPeople.attribute.2.translationType =3D sourceAttribute subjectApi.source.myPeople.attribute.3.name =3D description subjectApi.source.myPeople.attribute.3.translation =3D ${subject_attribute_= _cn + ' (' +source_attribute__uid + ') - ' + source_attribute__businesscate= gory + ' - ' + source_attribute__edupersonaffiliation} subjectApi.source.myPeople.attribute.3.translationType =3D translation subjectApi.source.myPeople.extraAttributesFromSource =3D businessCategory, = eduPersonAffiliation subjectApi.source.myPeople.id =3D personLdapSource subjectApi.source.myPeople.name =3D My LDAP subjectApi.source.myPeople.numberOfAttributes =3D 4 subjectApi.source.myPeople.param.Description_AttributeType.value =3D descri= ption subjectApi.source.myPeople.param.Name_AttributeType.value =3D name subjectApi.source.myPeople.param.SubjectID_AttributeType.value =3D uid subjectApi.source.myPeople.param.emailAttributeName.value =3D mail subjectApi.source.myPeople.param.findSubjectByIdOnCheckConfig.value =3D tru= e subjectApi.source.myPeople.param.findSubjectByIdentifiedOnCheckConfig.value= =3D true subjectApi.source.myPeople.param.findSubjectByStringOnCheckConfig.value =3D= true subjectApi.source.myPeople.param.ldapServerId.value =3D personLdap subjectApi.source.myPeople.param.netId.value =3D mail subjectApi.source.myPeople.param.stringToFindOnCheckConfig.value =3D aa subjectApi.source.myPeople.param.subjectIdToFindOnCheckConfig.value =3D aan= derson subjectApi.source.myPeople.param.subjectIdentifierToFindOnCheckConfig.value= =3D aanderson@example.edu subjectApi.source.myPeople.search.search.param.filter.value =3D (&(|(|(= uid=3D%TERM%)(cn=3D*%TERM%*))(uid=3D%TERM%*))(objectclass=3Dperson)) subjectApi.source.myPeople.search.searchSubject.param.base.value =3D ou=3DP= eople,dc=3Dexample,dc=3Dedu subjectApi.source.myPeople.search.searchSubject.param.filter.value =3D (uid= =3D%TERM%) subjectApi.source.myPeople.search.searchSubject.param.scope.value =3D SUBTR= EE_SCOPE subjectApi.source.myPeople.search.searchSubjectByIdentifier.param.filter.va= lue =3D (mail=3D%TERM%) subjectApi.source.myPeople.searchAttribute.0.attributeName =3D description subjectApi.source.myPeople.searchAttributeCount =3D 1 subjectApi.source.myPeople.sortAttribute.0.attributeName =3D name subjectApi.source.myPeople.sortAttributeCount =3D 1 subjectApi.source.myPeople.types =3D person