| Include Page |
|---|
| spaceKey | Grouper |
|---|
| pageTitle | Navigation |
|---|
|
Initializing Administration of Grouper Privileges
...
| No Format |
|---|
| title | conf/grouper.properties |
|---|
|
# A wheel group allows you to enable non-GrouperSystem subjects to act
# like a root user when interacting with the registry.
groups.wheel.use = true
# Set to the name of the group you want to treat as the wheel group.
# The members of this group will be treated as root-like users.
groups.wheel.group = etc:sysadmingroup
|
...
| No Format |
|---|
| title | conf/grouper.properties |
|---|
|
configuration.autocreate.system.groups = true
|
...
| No Format |
|---|
|
gsh 0% addRootStem("etc", "Grouper Administration")
stem: name='etc' displayName='Grouper Administration' uuid='f7687876-2c94-4635-997c-f2793fb8152d'
gsh 1% addGroup("etc", "sysadmingroup", "SysAdmin Group")
group: name='etc:sysadmingroup' displayName='Grouper Administration:SysAdmin Group' uuid='6f77fb36-b466-481a-84a7-7af609f1ad09
|
...
Whether you've set the wheel group to be automatially automatically created, or you've used GrouperShell to create it, you'll need to add members to the wheel group. Once the wheel group is established, and things are working, the person designated as wheel can use the UI or use GrouperShell to manage other wheel members. Here is an example using GrouperShell:
| No Format |
|---|
|
gsh 0% addMember("etc:sysadmingroup", "SD00125")
true
|
In this example "SD00125" is the subjectId of a person, as determined outside of gsh by, in this case, an LDAP query to a directory that acts as a subject source to Grouper:
| Code Block |
|---|
% ldapsearch \-b dc=kitn,dc=edu uid=tbarton
dn: kitnEduPersonRegId=SD00125,ou=people,dc=kitn,dc=edu
objectClass: top
objectClass: person
objectClass: inetOrgPerson
objectClass: kitnEduPerson
kitnEduPersonRegId: SD00125
cn: Barton, Tom
sn: Barton
description: Professor, Mathematics
uid: tbarton
|
...
See Also
Grouper Glossary