Versions Compared

Old Version 164

changes.mady.by.user Tom Zeller

Saved on

compared with

New Version 165

changes.mady.by.user Tom Zeller

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

To provision, polling every 60 seconds for changes :

...

bin/gsh.sh

...

-psp

...

-bulkSync

...

-interval

...

60

...

To calculate how an object should be provisioned :

...

...

bin/gsh.sh

...

-psp

...

-calc

...

stem:groupName

...

no arguments

Display usage.

-bulkCalc

Calculate provisioning for all identifiers.

-bulkDiff

Determine provisioning difference for all identifiers.

-bulkSync

Synchronize provisioning for all identifiers.

-calc <id>

Calculate provisioning for an identifier.

-diff <id>

Determine provisioning difference for an identifier.

-sync <id>

Synchronize provisioning for an identifier.

-entityName <id>

Provisioned object or schema entity id. For example, group, member, etc.

-interval <seconds>

Number of seconds between the start of recurring provisioning iterations. If omitted, only one provisioning cycle is performed.

-conf <dir>

Path to configuration directory.

-logSpml

Log SPML requests and responses.

-output <file>

Print SPML responses to output file. Defaults to stdout.

-printRequests

Print SPML requests as well as responses.

-requestID <id>

SPML request identifier.

-returnData

Return data (identifier and attributes).

-returnEverything

Return everything (identifier, attributes, and references).

-returnIdentifier

Return identifier only.

-targetID <id>

Target identifier.

...

This configuration example applies to OpenLDAP, and includes provisioning the mailLocalAddress attribute sourced from the Grouper attribute framework.

examples

psp-example-grouper-to-openldap

DN structure

bushy

member

member DNs

hasMember

member names

isMemberOf

group names

For this example, a (new attribute framework) attribute of etc:attribute:mailLocalAddress will need to be created in Grouper. Here is example code using the Grouper API :

Code Block
java
java
GrouperSession.startRootSession();
Stem etcAttributeStem = StemFinder.findByName(GrouperSession.staticGrouperSession(), "etc:attribute", true);
AttributeDef attributeDef = etcAttributeStem.addChildAttributeDef("mailLocalAddressAttributeDef", AttributeDefType.attr);
attributeDef.setAssignToGroup(true);
attributeDef.setMultiValued(true);
attributeDef.setValueType(AttributeDefValueType.string);
attributeDef.store();
etcAttributeStem.addChildAttributeDefName(attributeDef, "mailLocalAddress", "mailLocalAddress");

...

examples

...

psp-example-grouper-to-openldap

...

DN structure

...

bushy

...

member

...

member DNs

...

hasMember

...

member names

...

isMemberOf

...

Configuration Example : Grouper to Active Directory
...