Grouper Administration Guides


Grouper Video Training


Grouper Deployment Guide

Release Information

Grouper 2.4 Release Notes 
Grouper Versioning and Support Guidelines 
Grouper Downloads

Installation & Configuration

Architectural and High Level Diagrams 
Planning Guide 
Components Overview - lists components (including connectors) in Grouper and provides links to more info.
Prerequisites - Establish the Grouper environment.
Product Specifications - "Specsheet" for Grouper
Grouper Installer - Installs the Grouper API, quickstart data, UI, WS, and client; also used to do upgrading and patching
API Installation - Configure the API and integrate with existing identity stores.
Configuration Files and Overlays - Configuration approaches including using cascaded configuration files.
WS Installation - Build, secure, and deploy Grouper Web Services.
Initializing Administration of Privileges (the wheel group) - The first stem and group you should create.
Group and folder design ideas - Examples of how institutions have organized and delegated their folders and groups
Externalize and Encrypt Grouper LDAP and Database Passwords
Include Exclude and Require Groups - Helpful features as you design your groups
Getting Ready for Production with Grouper - steps to think about after Grouper installation
InCommon Trusted Access Platform Grouper Docker Documentation - step by step instructions on how to bring up Grouper in a Docker Swarm environment
Authentication to the Grouper UI - examples using Shibboleth or CAS

User Interfaces

Grouper UI Installation - Configure, build, and deploy Grouper's User Interfaces.
Grouper new UI - Allows navigating the tree structure, managing groups, managing favorites and more.
Customizing the Administrative UI - applies only to Grouper versions prior to Grouper 2.2
Grouper LITE UIs - Information on Grouper LITE UIs (used from v2.0 to v2.3 for Attribute Framework and External Subjects)
Grouper Visualization - API to see the relationships between Grouper objects
Grouper Visualization UI - Using the Visualization UI to build and display graphs


On-Going Administration

GrouperShell -  The gsh command line utility.
Grouper Daemon -  Background processing including: GrouperLoader, notifications and membership expiry.
Grouper Client - Client for Grouper LDAP and Web Services.
Move and Copy - How to move or copy groups or folders/stems.
Web Services  - A web application that exposes common Grouper business logic through SOAP and REST
Always Available Web Services and Client -  Web services that do not have a single point of failure.
Attribute Framework -  A framework for assigning metadata to Grouper objects.
Attribute Framework UI - User interfaces for defining and managing attributes
Grouper subject filter and attribute decorator - Restrict access to Subject attributes.
Grouper local entities - Manage access within Grouper for Subjects not managed in a Subject Source.
User Audit Log - How to review who made what changes and when.
Point in Time Auditing - Query the state of Grouper in the past.
Organizing Services In Grouper - Allows filtering of the registry by a service.
XML Import/Export Tool - Documentation for the XML Import/Export tool.
Legacy Import/Export Tool- Documentation for the original XML Import/Export tool.
Custom Group Types & Fields - (Deprecated as of Grouper 2.2)
Grouper Diagnostics - Gives the health of Grouper
Grouper overall summary administrative report - daily email report of status of Grouper 
Grouper Security Issues and Patches 

Ongoing Administration Tasks - Suggestions for ongoing Grouper administration tasks, including pruning the logs and registry, performing monitoring, and setting up notifications.

Access Management

Access Management Features Overview - An overview of when to use rules, roles, limits, and other access management features
Role and permission management - Allowing external applications to centrally manage roles and permissions in Grouper
Permission Limits - Setting up runtime constraints on permissions
Enabled and disabled (Start/End) dates - Setting up memberships to apply only in the future, or for a certain period of time
Rules - Attach actions on certain events to trigger certain results
Deprovisioning - Remove access when someone leaves
Attestation - Get reminders to review groups periodically

Provisioning and Integration

Integration Overview  - Considerations for integrating Grouper with an application

Provisioning Service Provider Next Generation - as of Grouper 2.3

Provisioning Service Provider  - Handles provisioning in Grouper  2.1 and above (replaces Ldappc and Ldappc-ng)

Grouper Messaging - allows messages to be sent and received from a messaging system 
Grouper Loader - Automatically manage Grouper memberships based on a data source
Subject API - Used to integrate a java application with a site's existing Identity Management operations
Notification (Change Log)  - Grouper can incrementally integrate with or provision external systems.
Hooks - Create connections from the Grouper API to your custom code
External Subjects - Managing external subjects.
Sync Grouper with another Grouper - Allows two group management systems to share a group.
Integer ID's on Grouper Objects - These integers can be used, for instance, as UNIX GIDs.
Shibboleth Integration (Grouper 2.1 and above) - Grouper as a Data Connector Extension for Shibboleth (newer architecture)
Shibboleth Integration (Prior to Grouper 2.1) - Grouper as a Data Connector Extension for Shibboleth.
Exposing Groups Through Shibboleth 
ESB Connector - Integrating Grouper with an event-driven ESB architecture.
Notifications - Java interface for handling Grouper events
XMPP Notifications - Handling XMPP Notifications
Grouper integration with Kuali Rice - Use Grouper groups in Kuali applications and middleware, and use Kuali Enterprise Workflow in Grouper groups management.
Grouper integration with uPortal -  Grouper uPortal integration.
Grouper integration with SCIM - SCIM stands for System for Cross-domain Identity Management (this integration is available in Grouper 2.2 and above).
Grouper Atlassian Connector - Allows you to manage Atlassian (Jira, Confluence) groups and person information.
Grouper VOOT Connector - Implements the VOOT specification for cross-domain read access to groups.
SQL Integration - Accessing Grouper data from SQL

Utilities

Unresolvable Subject Deletion Utility - Documentation for the command line usdu tool.
Bad Membership Finder Utility - Documentation for the findbadmemberships command line script.

Glossary, Roadmap and Other

Glossary - Important Definitions

Getting Started with Grouper Book (not complete)

Community Contributions (read about other Grouper deployments and share your own)

Grouper Online Training Videos

Grouper Roadmap