...
| Note |
|---|
This document is a work in progress. Improvements to wiki formatting are welcome. |
| Table of Contents |
|---|
Introduction
Grouper groups, memberships, and stems may be provisioned using the provisioning service provider (psp, formerly known as ldappcng).
Usage
...
The psp may be run using GrouperShell (gsh).
...
One of -bulkCalc, -bulkDiff, -bulkSync, -calc <id>, -diff <id>, or -sync <id> must be specified. All other arguments are optional.
Introduction
...
Grouper groups, memberships, and stems may be provisioned using the provisioning service provider (psp, formerly known as ldappcng).
The psp serves as an (incomplete) SPMLv2 provisioning service provider, which provisions objects to targets. Objects consist of identifiers, attributes, and references to other objects. Group memberships may be considered to be references.
Provisioned objects are calculated from source data returned by the Shibboleth Attribute Resolver. The Shibboleth Attribute Resolver accepts many data connectors (sources), including LDAP, RDBMS, and Grouper.
The psp provisions targets using a standard provisioning language, SPMLv2. An SPMLv2 to ldap connector is provided, based on VT Ldap. Provisioning non-LDAP targets requires a target specific connector, for example, SPMLv2 to RDBMS.
Currently, the psp supports SPMLv2 requests represented as java objects via the Oasis SPMLv2 implementation. The requestor is Grouper's cli, gsh.
Getting Started with Real-Time Provisioning
...