Main Grouper Loader page

Common setup 

  <source adapterClass="edu.internet2.middleware.grouper.subj.GrouperJndiSourceAdapter">
    <id>cmuDirectory</id>
    <name>CMU Directory</name>
    <type>person</type>
    <init-param>
      <param-name>INITIAL_CONTEXT_FACTORY</param-name>
      <param-value>com.sun.jndi.ldap.LdapCtxFactory</param-value>
    </init-param>
    <init-param>
      <param-name>PROVIDER_URL</param-name>
      <param-value>ldap://ldap.andrew.cmu.edu:389</param-value>
    </init-param>
    <init-param>
      <param-name>SECURITY_AUTHENTICATION</param-name>
      <param-value>none</param-value>
    </init-param>
     <init-param>
      <param-name>SubjectID_AttributeType</param-name>
      <param-value>guid</param-value>
    </init-param>
     <init-param>
      <param-name>SubjectID_formatToLowerCase</param-name>
      <param-value>false</param-value>
    </init-param>
    <init-param>
      <param-name>Name_AttributeType</param-name>
      <param-value>cn</param-value>
    </init-param>
    <init-param>
      <param-name>Description_AttributeType</param-name>
      <param-value>cn</param-value>
    </init-param>
    <!--     
    /// Scope Values can be: OBJECT_SCOPE, ONELEVEL_SCOPE, SUBTREE_SCOPE 
    /// For filter use 
     -->
    <search>
        <searchType>searchSubject</searchType>
        <param>
            <param-name>filter</param-name>
            <param-value>
                (&amp; (guid=%TERM%) (objectclass=cmuPerson))
            </param-value>
        </param>
        <param>
            <param-name>scope</param-name>
            <param-value>
                SUBTREE_SCOPE            
            </param-value>
        </param>
        <param>
            <param-name>base</param-name>
            <param-value>
                ou=person,dc=cmu,dc=edu
            </param-value>
        </param>
         
    </search>
    <search>
        <searchType>searchSubjectByIdentifier</searchType>
        <param>
            <param-name>filter</param-name>
            <param-value>
                (&amp; (cmuAndrewCommonNamespaceId=%TERM%) (objectclass=cmuPerson))
            </param-value>
        </param>
        <param>
            <param-name>scope</param-name>
            <param-value>
                SUBTREE_SCOPE            
            </param-value>
        </param>
        <param>
            <param-name>base</param-name>
            <param-value>
                ou=person,dc=cmu,dc=edu
            </param-value>
        </param>
    </search>
    
    <search>
       <searchType>search</searchType>
         <param>
            <param-name>filter</param-name>
            <param-value>
                (&amp; (|(guid=%TERM%)(|(cn=*%TERM%*)(cmuAndrewCommonNamespaceId=*%TERM%*)))(objectclass=cmuPerson))
            </param-value>
        </param>
        <param>
            <param-name>scope</param-name>
            <param-value>
                SUBTREE_SCOPE            
            </param-value>
        </param>
         <param>
            <param-name>base</param-name>
            <param-value>
                ou=person,dc=cmu,dc=edu
            </param-value>
        </param>
    </search>
    <init-param>
      <param-name>sortAttribute0</param-name>
      <param-value>cn</param-value>
    </init-param>
    <init-param>
      <param-name>searchAttribute0</param-name>
      <param-value>searchAttribute0</param-value>
    </init-param>

    <internal-attribute>searchAttribute0</internal-attribute>

    <!-- ///Attributes you would like to display when doing a search  -->
    <attribute>cn</attribute>
    <attribute>guid</attribute>
    <attribute>cmuAndrewCommonNamespaceId</attribute>
   
  </source>

#################################
## LDAP connections
#################################
# specify the ldap connection with user, pass, url
# the string after "ldap." is the ID of the connection, and it should not have
# spaces or other special chars in it.  In this case is it "personLdap"

ldap.personLdap.url = ldap://ldap.andrew.cmu.edu/dc=cmu,dc=edu
ldap.personLdap.user = 
ldap.personLdap.pass = 

 

LDAP Simple group

test:testGroup:         grouperLoaderLdapDef
subject attribute name: guid
search base DN:         ou=person
quartz cron:            0 0 8 * * ?
filter:                 (& (cmuAndrewCommonNamespaceId=*dest*) (objectClass=cmuPerson))
server ID:              personLdap
type:                   LDAP_SIMPLE

log4j.logger.edu.internet2.middleware.grouper.app.loader = DEBUG
Run the loader job from GSH

 

gsh 0% grouperSession = GrouperSession.startRootSession(); 
gsh 1% loaderGroup = GroupFinder.findByName(grouperSession, "test:testGroup");
gsh 2% loaderRunOneJob(loaderGroup);
2013-06-02 16:47:28,725: [main] DEBUG GrouperLoaderType.syncOneGroupMembership(1926) -  - test:testGroup start syncing membership
2013-06-02 16:47:28,726: [main] DEBUG GrouperLoaderType.syncOneGroupMembership(1942) -  - test:testGroup syncing 13 rows
2013-06-02 16:47:28,733: [main] DEBUG GrouperLoaderType.syncOneGroupMembership(2055) -  - Done assigning privilege to related groups: test:testGroup
2013-06-02 16:47:28,881: [main] DEBUG GrouperLoaderType.syncOneGroupMembership(2149) -  - test:testGroup will add subject to group: CMU Directory/4A10366C-D7F4-11D5-8000-080020CC75D3, 1 of 13 subjects
2013-06-02 16:47:29,175: [main] DEBUG GrouperLoaderType.syncOneGroupMembership(2149) -  - test:testGroup will add subject to group: CMU Directory/00000000-0000-1000-3F70-0800207F02E6, 2 of 13 subjects
2013-06-02 16:47:29,301: [main] DEBUG GrouperLoaderType.syncOneGroupMembership(2149) -  - test:testGroup will add subject to group: CMU Directory/00000000-0000-1000-79FA-0800207F02E6, 3 of 13 subjects
2013-06-02 16:47:29,405: [main] DEBUG GrouperLoaderType.syncOneGroupMembership(2149) -  - test:testGroup will add subject to group: CMU Directory/2BF70E82-BD36-11D9-8000-0003BA2FA263, 4 of 13 subjects
2013-06-02 16:47:29,717: [main] DEBUG GrouperLoaderType.syncOneGroupMembership(2149) -  - test:testGroup will add subject to group: CMU Directory/07696C48-CBA2-11D9-8001-0003BA2FA263, 5 of 13 subjects
2013-06-02 16:47:29,854: [main] DEBUG GrouperLoaderType.syncOneGroupMembership(2149) -  - test:testGroup will add subject to group: CMU Directory/AE334D56-7E40-11DD-8001-0003BA2FA263, 6 of 13 subjects
2013-06-02 16:47:29,970: [main] DEBUG GrouperLoaderType.syncOneGroupMembership(2149) -  - test:testGroup will add subject to group: CMU Directory/1A97ED54-3C6D-11DE-8001-0003BA2FA263, 7 of 13 subjects
2013-06-02 16:47:30,267: [main] DEBUG GrouperLoaderType.syncOneGroupMembership(2149) -  - test:testGroup will add subject to group: CMU Directory/7404BCDC-9794-11DE-8001-0003BA2FA263, 8 of 13 subjects
2013-06-02 16:47:30,426: [main] DEBUG GrouperLoaderType.syncOneGroupMembership(2149) -  - test:testGroup will add subject to group: CMU Directory/293ABE32-109C-11DF-8000-0003BA2FA263, 9 of 13 subjects
2013-06-02 16:47:30,554: [main] DEBUG GrouperLoaderType.syncOneGroupMembership(2149) -  - test:testGroup will add subject to group: CMU Directory/8F2D682C-6261-11DF-8000-0003BA2FA263, 10 of 13 subjects
2013-06-02 16:47:30,841: [main] DEBUG GrouperLoaderType.syncOneGroupMembership(2149) -  - test:testGroup will add subject to group: CMU Directory/D6914E6E-E0D7-11DF-8001-00144F799A7A, 11 of 13 subjects
2013-06-02 16:47:30,991: [main] DEBUG GrouperLoaderType.syncOneGroupMembership(2149) -  - test:testGroup will add subject to group: CMU Directory/55F202B2-72F9-11E0-8001-00144F799A7A, 12 of 13 subjects
2013-06-02 16:47:31,099: [main] DEBUG GrouperLoaderType.syncOneGroupMembership(2149) -  - test:testGroup will add subject to group: CMU Directory/8B075248-925C-11E2-8000-00144F799A7A, 13 of 13 subjects
2013-06-02 16:47:32,211: [main] DEBUG GrouperLoaderType$10.callback(2256) -  - Group: test:testGroup add Subject id: 55F202B2-72F9-11E0-8001-00144F799A7A, sourceId: pennDirectory, alreadyAdded: false
2013-06-02 16:47:32,254: [main] DEBUG GrouperLoaderType$10.callback(2256) -  - Group: test:testGroup add Subject id: 00000000-0000-1000-3F70-0800207F02E6, sourceId: pennDirectory, alreadyAdded: false
2013-06-02 16:47:32,302: [main] DEBUG GrouperLoaderType$10.callback(2256) -  - Group: test:testGroup add Subject id: AE334D56-7E40-11DD-8001-0003BA2FA263, sourceId: pennDirectory, alreadyAdded: false
2013-06-02 16:47:32,346: [main] DEBUG GrouperLoaderType$10.callback(2256) -  - Group: test:testGroup add Subject id: 07696C48-CBA2-11D9-8001-0003BA2FA263, sourceId: pennDirectory, alreadyAdded: false
2013-06-02 16:47:32,402: [main] DEBUG GrouperLoaderType$10.callback(2256) -  - Group: test:testGroup add Subject id: 1A97ED54-3C6D-11DE-8001-0003BA2FA263, sourceId: pennDirectory, alreadyAdded: false
2013-06-02 16:47:32,447: [main] DEBUG GrouperLoaderType$10.callback(2256) -  - Group: test:testGroup add Subject id: 4A10366C-D7F4-11D5-8000-080020CC75D3, sourceId: pennDirectory, alreadyAdded: false
2013-06-02 16:47:32,486: [main] DEBUG GrouperLoaderType$10.callback(2256) -  - Group: test:testGroup add Subject id: 2BF70E82-BD36-11D9-8000-0003BA2FA263, sourceId: pennDirectory, alreadyAdded: false
2013-06-02 16:47:32,529: [main] DEBUG GrouperLoaderType$10.callback(2256) -  - Group: test:testGroup add Subject id: 8F2D682C-6261-11DF-8000-0003BA2FA263, sourceId: pennDirectory, alreadyAdded: false
2013-06-02 16:47:32,577: [main] DEBUG GrouperLoaderType$10.callback(2256) -  - Group: test:testGroup add Subject id: 00000000-0000-1000-79FA-0800207F02E6, sourceId: pennDirectory, alreadyAdded: false
2013-06-02 16:47:32,621: [main] DEBUG GrouperLoaderType$10.callback(2256) -  - Group: test:testGroup add Subject id: D6914E6E-E0D7-11DF-8001-00144F799A7A, sourceId: pennDirectory, alreadyAdded: false
2013-06-02 16:47:32,678: [main] DEBUG GrouperLoaderType$10.callback(2256) -  - Group: test:testGroup add Subject id: 293ABE32-109C-11DF-8000-0003BA2FA263, sourceId: pennDirectory, alreadyAdded: false
2013-06-02 16:47:32,721: [main] DEBUG GrouperLoaderType$10.callback(2256) -  - Group: test:testGroup add Subject id: 7404BCDC-9794-11DE-8001-0003BA2FA263, sourceId: pennDirectory, alreadyAdded: false
2013-06-02 16:47:32,769: [main] DEBUG GrouperLoaderType$10.callback(2256) -  - Group: test:testGroup add Subject id: 8B075248-925C-11E2-8000-00144F799A7A, sourceId: pennDirectory, alreadyAdded: false
2013-06-02 16:47:32,769: [main] INFO  GrouperLoaderType.syncOneGroupMembership(2301) -  - test:testGroup done syncing membership, processed 13 records.  Total members: 13, inserts: 13, deletes: 0
loader ran successfully, inserted 13 memberships, deleted 0 memberships, total membership count: 13

 

LDAP groups from attributes

 

Attribute nameValue

Grouper loader LDAP group name expression

groupsFromAttributes:${groupAttribute}
Grouper loader LDAP subject ID type subjectIdentifier
Grouper loader LDAP subject attribute name cmuAndrewCommonNamespaceId
Grouper loader LDAP search base DN ou=person
Grouper loader LDAP type LDAP_GROUPS_FROM_ATTRIBUTES
Grouper loader LDAP group attribute name cmuDepartment
Grouper loader LDAP source ID cmuDirectory
Grouper loader LDAP quartz cron0 0 8 * * ?
Grouper loader LDAP server IDpersonLdap
Grouper loader LDAP filter(&(objectClass=cmuPerson)(cmuAndrewId=al*)(|(cmuDepartment=Mechanical Engineering)(cmuDepartment=Biological Sciences)(cmuDepartment=English)))
Run the job

 

 

These groups / memberships were created

 

 

LDAP Group List


Text values:

Attribute nameValue

Grouper loader LDAP search base DN

ou=group
Grouper loader LDAP group name expressiongroupList:${loaderLdapElUtils.convertDnToSpecificValue(groupAttributes['dn'])}
Grouper loader LDAP source IDcmuDirectory
Grouper loader LDAP subject expression${loaderLdapElUtils.convertDnToSpecificValue(subjectId)}
Grouper loader LDAP quartz cron0 0 8 * * ?
Grouper loader LDAP typeLDAP_GROUP_LIST
Grouper loader LDAP subject ID typesubjectId
Grouper loader LDAP server IDpersonLdap
Grouper loader LDAP subject attribute namemember
Grouper loader LDAP filter(&(objectClass=cmuGroup)(cn=softdist2:system*))


Run the job



See the results