You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 3 Next »


Wiki Home

Grouper Release Announcements

Grouper Guides

Grouper Deployment Guide

Community Contributions

Internal Developer Resources

Start with: Common SQL pattern

First six fields can show one at a time when the previous is filled in

  1. SQL external system ID (required)
  2. SQL pattern: drop down with options below (show after external system selected)
    1.  entitiesTable
      1. init start with membership structure to groupAttributes
      2. init start with group organization to flat
      3. init start with membershipDn to true
    2. entitiesTableWithAttributesTable
      1. init user attribute type: core
      2. init start with membership structure to groupAttributes
      3. init start with group organization to flat
      4. init start with membershipDn to false
      5. init start with membershipValue to subjectId
    3. entitiesTableWithAttributesTableAndMemberships
      1. init start with membership structure to entityAttributes
      2. init start with group object class to: top,groupOfNames
      3. init start with group membership attribute to: member
      4. init start with membershipDn to true
    4. entitiesTableMembershipsTable
    5. groupsTable
      1. init start with hasGroupsTable to true
      2. init start with hasGroupsAttributesTable to false
      3. init start with hasEntitiesTable to false
      4. init start with hasEntitiesAttributesTable to false
      5. init start with hasMembershipsTable to false
    6. groupsTableWithAttributesTable
      1. init start with membership structure to groupAttributes
      2. init start with group organization to bushy
      3. init start with membershipDn to true
    7. groupsTableWithAttributesTableAndMemberships
      1. init user attribute type: core
      2. init start with membership structure to groupAttributes
      3. init start with group organization to bushy
      4. init start with membershipDn to false
      5. init start with membershipValue to subjectId
    8. groupsTableMembershipsTable
    9. groupsTableEntitiesTableMembershipsTable
    10.  membershipsTable
      1. init start with membership structure to groupAttributes
      2. init start with group object class to: top,posixGroup
      3. init start with group membership attribute to: member
      4. init start with membershipDn to true
      5. init start with idIndex attribute to gidNumber
    11. other
      1. proceed with screen
  3. User attributes type: drop down with options, required (show after ldap pattern)
    1. Only uses built in core attributes e.g. subjectId, subjectIdentifier0-2, email, name, description or translations of those (value: core)
    2. Needs other subject source attributes (value: subjectSource)
    3. Needs a SQL or LDAP filter, but not other subject attributes.  If LDAP this is a different LDAP than the LDAP provisioning to (value: entityResolver)
    4. Needs subject source source attributes and SQL or LDAP filter.  If LDAP this is a different LDAP than the LDAP provisioning to (value: subjectSourceAndEntityResolver)
  4. Membership structure (default to membershipObjects): entityAttributes, groupAttributes, membershipObjects, notApplicable
  5. if (user attribute type is subjectSource or subjectSourceAndEntityResolver)
    1. list those attributes and validate against subject source (textfield, comma separated attributes, required)
  6. Ask if need group link (boolean default false)
  7. Ask if has group table (default false)
    1. If has group table, ask for group table name (required, validate on submit)
    2. If has group table, ask for group primary key column (suggest group_id_index) (required, validate on submit)
    3. If has group table, ask for list of other group columns, suggest names: group_uuid, group_name, group_id_index, group_extension, group_display_name, group_display_extension, group_description
  8.  If has group table, ask if has group attribute table (to store multi-valued attributes or memberships, not common)
    1. If has group attribute table, ask for group attribute table name (required, validate on submit)
    2. If has group attribute table, ask for column name which is foreign key to group table (suggest group_uuid) (required, validate on submit)
    3. If has group attribute table, ask for column name which is the attribute name (suggest attribute_name)  (required, validate on submit)
    4. If has group attribute table, ask for column name which is the attribute value (suggest attribute_value)  (required, validate on submit)
  9.  
    1. group base OU, and validate against LDAP (required textfield)
    2. what attribute is RDN for groups? (add to attribute list if not in there) (required textfield)
    3. what is RDN value for groups?  drop down required: extension, extensionUnderscoreIdIndex, idIndex, name, nameBackwardsUnderscoreMax64, other, script, uuid
    4. (if groupAttributes) membership attribute name
    5. (if not membershipValueDN): membership value (drop down required) (other, script, subjectId, subjectIdentifier0, subjectIdentifier1, subjectIdentifier2)
    6. idIndex attribute: (optional textfield, add to attribute list if not in there)
    7. matching search attribute different than RDN or idIndex? boolean default false
    8. if (matching search attribute different than RDN or idIndex) matching search attribute name (textfield required)
    9. if (matching search attribute different than RDN or idIndex) matching search attribute value (dropdown required: extension, idIndex, name, other, script, uuid)
    10. object classes for groups (optional textfield, comma separated)
    11. list other group ldap attributes (not configured yet): (optional textfield comma separated)
    12. ask if allow group DN override (boolean default false)
  10. if (not entityAttributes and not membershipValueDN), ask if need entity link for another reason (boolean default false)
  11. if membershipValueDN or entityLink or entityAttributes: LDAP entity info
    1. entity base OU, and validate against LDAP (required textfield)
    2. change entities in LDAP (besides entity attribute if doing entity attributes)? (boolean default false)
    3. (if change entities) RDN attribute for entities (required textfield)
    4. (if change entities) RDN value for entities (drop down required) (other, script, subjectId, subjectIdentifier0, subjectIdentifier1, subjectIdentifier2)
    5. (if entityAttributes) membership attribute name
    6. (if not membershipValueDN): membership value (drop down required)  (dropdown required: extension, idIndex, name, other, script, uuid)
    7. (if change entities) matching search attribute different than RDN? boolean default false
    8. (if not change entities or matching search attribute different than RDN) matching/search attribute name (required textfield)
    9. (if not change entities or matching search attribute different than RDN) matching/search attribute value (drop down required) (other, script, subjectId, subjectIdentifier0, subjectIdentifier1, subjectIdentifier2)
    10. object classes for entities (optional textfield, comma separated)
    11. list other entity ldap attributes (not configured yet):  (optional textfield)
    12. if entityAttributes and not membershipValueDN, ask if allow membership value override (boolean default false)
  12. add disabled full sync daemon? boolean default to true
  13. add disabled incremental sync daemon? boolean default to true






  • No labels