uPortal IRC Logs-2011-09-27
[09:16:17 CDT(-0500)] <brandon> hey
[09:16:57 CDT(-0500)] <brandon> trying to setup smartldapgroupstore and i'm a little confused
[09:17:47 CDT(-0500)] <brandon> it looks like my basedn isn't setup right because i am getting a PartialResultException
[09:17:58 CDT(-0500)] <brandon> but it is the same basedn i've been using all along
[10:42:13 CDT(-0500)] <brandon> hey
[10:42:26 CDT(-0500)] <brandon> so I have SmartLdapGroupStore setup now without getting any exceptions
[10:42:46 CDT(-0500)] <brandon> but what do I do now to map it to urportal?
[10:45:11 CDT(-0500)] <athena> what do you mean by map?
[10:46:20 CDT(-0500)] <brandon> i don't think i really understand what it is doing
[10:46:37 CDT(-0500)] <athena> so basically uportal has a groups api where it can get groups from lots of places
[10:46:37 CDT(-0500)] <brandon> i followed the wiki guide but now how do i know what group a user belongs to
[10:46:44 CDT(-0500)] <athena> for example, the local database, or ldap
[10:46:53 CDT(-0500)] <brandon> or how the hierarchy is setup
[10:47:00 CDT(-0500)] <athena> generally what you do is make the ldap root be a member of the everyone group
[10:47:08 CDT(-0500)] <athena> then you have a structure like
[10:47:21 CDT(-0500)] <athena> everyone -> ldap root -> some custom ldap group -> users in that group
[10:49:10 CDT(-0500)] <brandon> ok, so SmartLdapGroupStore replaces PAGs, right?
[10:49:55 CDT(-0500)] <athena> not exactly - they're just different implementations
[10:49:58 CDT(-0500)] <athena> and you can use multiple ones
[10:50:07 CDT(-0500)] <athena> so you could use smart ldap group store to get all the regular ldap groups
[10:50:32 CDT(-0500)] <athena> and then also use PAGS to do something like create an ad-hoc group of all users that have email addresses ending in university.edu, or something that's not represented in the LDAP group structure
[10:50:42 CDT(-0500)] <athena> though it likely makes most sense to just use the LDAP groups when you can
[10:50:54 CDT(-0500)] <brandon> yeah, that's what i'm going for
[10:52:26 CDT(-0500)] <brandon> on one level we basically have 3 user groups then different groups underneath, the hierarchy is setup in ldap/ad
[10:52:47 CDT(-0500)] <brandon> i was looking for a way to have each user's memberOf att. be one of those top level groups
[10:53:35 CDT(-0500)] <brandon> looking at the Person Attributes for a user gives me: memberOf CN=STAFF,CN=Users,DC=college,DC=campus for a user
[10:57:43 CDT(-0500)] <brandon> or i guess i could follow this guide: https://wiki.jasig.org/display/~steve.swinsburg/A+simple+LDAP+group+based+uPortal+setup and use PAGS
[10:58:03 CDT(-0500)] <brandon> but instead of affiliation i would need to use memberOf if i'm using AD?