wiki:GrouperInstall

Version 6 (modified by uaguest_SPatel1@…, 11 years ago) (diff)

--

This document explains the installation steps for Grouper.

Install Grouper API

  1. Download and copy the API to /tmp/ on grinnell. The tarball is located at http://www.internet2.edu/grouper/release/2.1.4/grouper.api-2.1.4.tar.gz.
  1. Extract and build.
[root@grinnell ~]# mkdir /srv/grouper
[root@grinnell ~]# cd /srv/grouper/
[root@grinnell grouper]# cp /tmp/grouper.api-2.1.4.tar.gz .
[root@grinnell grouper]# gunzip grouper.api-2.1.4.tar.gz
[root@grinnell grouper]# tar xf grouper.api-2.1.4.tar
[root@grinnell grouper]# cd grouper.api-2.1.4
[root@grinnell grouper.api-2.1.4]# ant dist
Buildfile: build.xml

init:
    [mkdir] Created dir: /srv/grouper/grouper.api-2.1.4/dist/build/test
    [mkdir] Created dir: /srv/grouper/grouper.api-2.1.4/ext/conf

init.conf:

compile:
    [mkdir] Created dir: /srv/grouper/grouper.api-2.1.4/dist/build/grouper
    [javac] Compiling 869 source files to /srv/grouper/grouper.api-2.1.4/dist/build/grouper
    [javac] warning: [options] bootstrap class path not set in conjunction with -source 1.5
    [javac] Note: Some input files use unchecked or unsafe operations.
    [javac] Note: Recompile with -Xlint:unchecked for details.
    [javac] 1 warning
    [javac] Compiling 14 source files to /srv/grouper/grouper.api-2.1.4/dist/build/grouper
    [javac] warning: [options] bootstrap class path not set in conjunction with -source 1.5
    [javac] 1 warning
     [copy] Copying 941 files to /srv/grouper/grouper.api-2.1.4/dist/build/grouper

ext.init:
    [mkdir] Created dir: /srv/grouper/grouper.api-2.1.4/ext/bin
    [mkdir] Created dir: /srv/grouper/grouper.api-2.1.4/ext/doc

ext.compile:
   [subant] No sub-builds to iterate on

ext.init:

ext.install:
   [subant] No sub-builds to iterate on

test.compile:
    [javac] Compiling 401 source files to /srv/grouper/grouper.api-2.1.4/dist/build/test
    [javac] warning: [options] bootstrap class path not set in conjunction with -source 1.5
    [javac] /srv/grouper/grouper.api-2.1.4/src/test/edu/internet2/middleware/grouper/util/GrouperUtilTest.java:147: warning: unmappable character for encoding ASCII
    [javac]     String testString = "H13_FRA2007, Questions d?histoire de la lit?rature";
    [javac]                                                  ^
    [javac] /srv/grouper/grouper.api-2.1.4/src/test/edu/internet2/middleware/grouper/util/GrouperUtilTest.java:147: warning: unmappable character for encoding ASCII
    [javac]     String testString = "H13_FRA2007, Questions d?histoire de la lit?rature";
    [javac]                                                                     ^
    [javac] /srv/grouper/grouper.api-2.1.4/src/test/edu/internet2/middleware/grouper/xml/TestXml.java:423: warning: unmappable character for encoding ASCII
    [javac]       Group gA = new GroupSave(grouperSession).assignGroupNameToEdit("t??st:??Group").assignName("t??st:??Group")
    [javac]                                                                        ^
    [javac] /srv/grouper/grouper.api-2.1.4/src/test/edu/internet2/middleware/grouper/xml/TestXml.java:423: warning: unmappable character for encoding ASCII
    [javac]       Group gA = new GroupSave(grouperSession).assignGroupNameToEdit("t??st:??Group").assignName("t??st:??Group")
    [javac]                                                                         ^
    [javac] /srv/grouper/grouper.api-2.1.4/src/test/edu/internet2/middleware/grouper/xml/TestXml.java:423: warning: unmappable character for encoding ASCII
    [javac]       Group gA = new GroupSave(grouperSession).assignGroupNameToEdit("t??st:??Group").assignName("t??st:??Group")
    [javac]                                                                             ^
    [javac] /srv/grouper/grouper.api-2.1.4/src/test/edu/internet2/middleware/grouper/xml/TestXml.java:423: warning: unmappable character for encoding ASCII
    [javac]       Group gA = new GroupSave(grouperSession).assignGroupNameToEdit("t??st:??Group").assignName("t??st:??Group")
    [javac]                                                                              ^
    [javac] /srv/grouper/grouper.api-2.1.4/src/test/edu/internet2/middleware/grouper/xml/TestXml.java:423: warning: unmappable character for encoding ASCII
    [javac]       Group gA = new GroupSave(grouperSession).assignGroupNameToEdit("t??st:??Group").assignName("t??st:??Group")
    [javac]                                                                                                    ^
    [javac] /srv/grouper/grouper.api-2.1.4/src/test/edu/internet2/middleware/grouper/xml/TestXml.java:423: warning: unmappable character for encoding ASCII
    [javac]       Group gA = new GroupSave(grouperSession).assignGroupNameToEdit("t??st:??Group").assignName("t??st:??Group")
    [javac]                                                                                                     ^
    [javac] /srv/grouper/grouper.api-2.1.4/src/test/edu/internet2/middleware/grouper/xml/TestXml.java:423: warning: unmappable character for encoding ASCII
    [javac]       Group gA = new GroupSave(grouperSession).assignGroupNameToEdit("t??st:??Group").assignName("t??st:??Group")
    [javac]                                                                                                         ^
    [javac] /srv/grouper/grouper.api-2.1.4/src/test/edu/internet2/middleware/grouper/xml/TestXml.java:423: warning: unmappable character for encoding ASCII
    [javac]       Group gA = new GroupSave(grouperSession).assignGroupNameToEdit("t??st:??Group").assignName("t??st:??Group")
    [javac]                                                                                                          ^
    [javac] /srv/grouper/grouper.api-2.1.4/src/test/edu/internet2/middleware/grouper/xml/TestXml.java:424: warning: unmappable character for encoding ASCII
    [javac]         .assignDisplayName("t??st:??Group").assignDescription("t??st:??Group").assignCreateParentStemsIfNotExist(true).save();
    [javac]                              ^
    [javac] /srv/grouper/grouper.api-2.1.4/src/test/edu/internet2/middleware/grouper/xml/TestXml.java:424: warning: unmappable character for encoding ASCII
    [javac]         .assignDisplayName("t??st:??Group").assignDescription("t??st:??Group").assignCreateParentStemsIfNotExist(true).save();
    [javac]                               ^
    [javac] /srv/grouper/grouper.api-2.1.4/src/test/edu/internet2/middleware/grouper/xml/TestXml.java:424: warning: unmappable character for encoding ASCII
    [javac]         .assignDisplayName("t??st:??Group").assignDescription("t??st:??Group").assignCreateParentStemsIfNotExist(true).save();
    [javac]                                   ^
    [javac] /srv/grouper/grouper.api-2.1.4/src/test/edu/internet2/middleware/grouper/xml/TestXml.java:424: warning: unmappable character for encoding ASCII
    [javac]         .assignDisplayName("t??st:??Group").assignDescription("t??st:??Group").assignCreateParentStemsIfNotExist(true).save();
    [javac]                                    ^
    [javac] /srv/grouper/grouper.api-2.1.4/src/test/edu/internet2/middleware/grouper/xml/TestXml.java:424: warning: unmappable character for encoding ASCII
    [javac]         .assignDisplayName("t??st:??Group").assignDescription("t??st:??Group").assignCreateParentStemsIfNotExist(true).save();
    [javac]                                                                 ^
    [javac] /srv/grouper/grouper.api-2.1.4/src/test/edu/internet2/middleware/grouper/xml/TestXml.java:424: warning: unmappable character for encoding ASCII
    [javac]         .assignDisplayName("t??st:??Group").assignDescription("t??st:??Group").assignCreateParentStemsIfNotExist(true).save();
    [javac]                                                                  ^
    [javac] /srv/grouper/grouper.api-2.1.4/src/test/edu/internet2/middleware/grouper/xml/TestXml.java:424: warning: unmappable character for encoding ASCII
    [javac]         .assignDisplayName("t??st:??Group").assignDescription("t??st:??Group").assignCreateParentStemsIfNotExist(true).save();
    [javac]                                                                      ^
    [javac] /srv/grouper/grouper.api-2.1.4/src/test/edu/internet2/middleware/grouper/xml/TestXml.java:424: warning: unmappable character for encoding ASCII
    [javac]         .assignDisplayName("t??st:??Group").assignDescription("t??st:??Group").assignCreateParentStemsIfNotExist(true).save();
    [javac]                                                                       ^
    [javac] /srv/grouper/grouper.api-2.1.4/src/test/edu/internet2/middleware/grouper/xml/TestXml.java:455: warning: unmappable character for encoding ASCII
    [javac]       assertDoNotFindGroupByName( s, "t??st:??Group" );
    [javac]                                        ^
    [javac] /srv/grouper/grouper.api-2.1.4/src/test/edu/internet2/middleware/grouper/xml/TestXml.java:455: warning: unmappable character for encoding ASCII
    [javac]       assertDoNotFindGroupByName( s, "t??st:??Group" );
    [javac]                                         ^
    [javac] /srv/grouper/grouper.api-2.1.4/src/test/edu/internet2/middleware/grouper/xml/TestXml.java:455: warning: unmappable character for encoding ASCII
    [javac]       assertDoNotFindGroupByName( s, "t??st:??Group" );
    [javac]                                             ^
    [javac] /srv/grouper/grouper.api-2.1.4/src/test/edu/internet2/middleware/grouper/xml/TestXml.java:455: warning: unmappable character for encoding ASCII
    [javac]       assertDoNotFindGroupByName( s, "t??st:??Group" );
    [javac]                                              ^
    [javac] /srv/grouper/grouper.api-2.1.4/src/test/edu/internet2/middleware/grouper/xml/TestXml.java:466: warning: unmappable character for encoding ASCII
    [javac]       gA  = assertFindGroupByName( s, "t??st:??Group" );
    [javac]                                         ^
    [javac] /srv/grouper/grouper.api-2.1.4/src/test/edu/internet2/middleware/grouper/xml/TestXml.java:466: warning: unmappable character for encoding ASCII
    [javac]       gA  = assertFindGroupByName( s, "t??st:??Group" );
    [javac]                                          ^
    [javac] /srv/grouper/grouper.api-2.1.4/src/test/edu/internet2/middleware/grouper/xml/TestXml.java:466: warning: unmappable character for encoding ASCII
    [javac]       gA  = assertFindGroupByName( s, "t??st:??Group" );
    [javac]                                              ^
    [javac] /srv/grouper/grouper.api-2.1.4/src/test/edu/internet2/middleware/grouper/xml/TestXml.java:466: warning: unmappable character for encoding ASCII
    [javac]       gA  = assertFindGroupByName( s, "t??st:??Group" );
    [javac]                                               ^
    [javac] /srv/grouper/grouper.api-2.1.4/src/test/edu/internet2/middleware/grouper/xml/importXml/XmlLegacyTest.java:418: warning: unmappable character for encoding ASCII
    [javac]       Group gA = new GroupSave(grouperSession).assignGroupNameToEdit("t??st:??Group").assignName("t??st:??Group")
    [javac]                                                                        ^
    [javac] /srv/grouper/grouper.api-2.1.4/src/test/edu/internet2/middleware/grouper/xml/importXml/XmlLegacyTest.java:418: warning: unmappable character for encoding ASCII
    [javac]       Group gA = new GroupSave(grouperSession).assignGroupNameToEdit("t??st:??Group").assignName("t??st:??Group")
    [javac]                                                                         ^
    [javac] /srv/grouper/grouper.api-2.1.4/src/test/edu/internet2/middleware/grouper/xml/importXml/XmlLegacyTest.java:418: warning: unmappable character for encoding ASCII
    [javac]       Group gA = new GroupSave(grouperSession).assignGroupNameToEdit("t??st:??Group").assignName("t??st:??Group")
    [javac]                                                                             ^
    [javac] /srv/grouper/grouper.api-2.1.4/src/test/edu/internet2/middleware/grouper/xml/importXml/XmlLegacyTest.java:418: warning: unmappable character for encoding ASCII
    [javac]       Group gA = new GroupSave(grouperSession).assignGroupNameToEdit("t??st:??Group").assignName("t??st:??Group")
    [javac]                                                                              ^
    [javac] /srv/grouper/grouper.api-2.1.4/src/test/edu/internet2/middleware/grouper/xml/importXml/XmlLegacyTest.java:418: warning: unmappable character for encoding ASCII
    [javac]       Group gA = new GroupSave(grouperSession).assignGroupNameToEdit("t??st:??Group").assignName("t??st:??Group")
    [javac]                                                                                                    ^
    [javac] /srv/grouper/grouper.api-2.1.4/src/test/edu/internet2/middleware/grouper/xml/importXml/XmlLegacyTest.java:418: warning: unmappable character for encoding ASCII
    [javac]       Group gA = new GroupSave(grouperSession).assignGroupNameToEdit("t??st:??Group").assignName("t??st:??Group")
    [javac]                                                                                                     ^
    [javac] /srv/grouper/grouper.api-2.1.4/src/test/edu/internet2/middleware/grouper/xml/importXml/XmlLegacyTest.java:418: warning: unmappable character for encoding ASCII
    [javac]       Group gA = new GroupSave(grouperSession).assignGroupNameToEdit("t??st:??Group").assignName("t??st:??Group")
    [javac]                                                                                                         ^
    [javac] /srv/grouper/grouper.api-2.1.4/src/test/edu/internet2/middleware/grouper/xml/importXml/XmlLegacyTest.java:418: warning: unmappable character for encoding ASCII
    [javac]       Group gA = new GroupSave(grouperSession).assignGroupNameToEdit("t??st:??Group").assignName("t??st:??Group")
    [javac]                                                                                                          ^
    [javac] /srv/grouper/grouper.api-2.1.4/src/test/edu/internet2/middleware/grouper/xml/importXml/XmlLegacyTest.java:419: warning: unmappable character for encoding ASCII
    [javac]         .assignDisplayName("t??st:??Group").assignDescription("t??st:??Group").assignCreateParentStemsIfNotExist(true).save();
    [javac]                              ^
    [javac] /srv/grouper/grouper.api-2.1.4/src/test/edu/internet2/middleware/grouper/xml/importXml/XmlLegacyTest.java:419: warning: unmappable character for encoding ASCII
    [javac]         .assignDisplayName("t??st:??Group").assignDescription("t??st:??Group").assignCreateParentStemsIfNotExist(true).save();
    [javac]                               ^
    [javac] /srv/grouper/grouper.api-2.1.4/src/test/edu/internet2/middleware/grouper/xml/importXml/XmlLegacyTest.java:419: warning: unmappable character for encoding ASCII
    [javac]         .assignDisplayName("t??st:??Group").assignDescription("t??st:??Group").assignCreateParentStemsIfNotExist(true).save();
    [javac]                                   ^
    [javac] /srv/grouper/grouper.api-2.1.4/src/test/edu/internet2/middleware/grouper/xml/importXml/XmlLegacyTest.java:419: warning: unmappable character for encoding ASCII
    [javac]         .assignDisplayName("t??st:??Group").assignDescription("t??st:??Group").assignCreateParentStemsIfNotExist(true).save();
    [javac]                                    ^
    [javac] /srv/grouper/grouper.api-2.1.4/src/test/edu/internet2/middleware/grouper/xml/importXml/XmlLegacyTest.java:419: warning: unmappable character for encoding ASCII
    [javac]         .assignDisplayName("t??st:??Group").assignDescription("t??st:??Group").assignCreateParentStemsIfNotExist(true).save();
    [javac]                                                                 ^
    [javac] /srv/grouper/grouper.api-2.1.4/src/test/edu/internet2/middleware/grouper/xml/importXml/XmlLegacyTest.java:419: warning: unmappable character for encoding ASCII
    [javac]         .assignDisplayName("t??st:??Group").assignDescription("t??st:??Group").assignCreateParentStemsIfNotExist(true).save();
    [javac]                                                                  ^
    [javac] /srv/grouper/grouper.api-2.1.4/src/test/edu/internet2/middleware/grouper/xml/importXml/XmlLegacyTest.java:419: warning: unmappable character for encoding ASCII
    [javac]         .assignDisplayName("t??st:??Group").assignDescription("t??st:??Group").assignCreateParentStemsIfNotExist(true).save();
    [javac]                                                                      ^
    [javac] /srv/grouper/grouper.api-2.1.4/src/test/edu/internet2/middleware/grouper/xml/importXml/XmlLegacyTest.java:419: warning: unmappable character for encoding ASCII
    [javac]         .assignDisplayName("t??st:??Group").assignDescription("t??st:??Group").assignCreateParentStemsIfNotExist(true).save();
    [javac]                                                                       ^
    [javac] /srv/grouper/grouper.api-2.1.4/src/test/edu/internet2/middleware/grouper/xml/importXml/XmlLegacyTest.java:453: warning: unmappable character for encoding ASCII
    [javac]       assertDoNotFindGroupByName( s, "t??st:??Group" );
    [javac]                                        ^
    [javac] /srv/grouper/grouper.api-2.1.4/src/test/edu/internet2/middleware/grouper/xml/importXml/XmlLegacyTest.java:453: warning: unmappable character for encoding ASCII
    [javac]       assertDoNotFindGroupByName( s, "t??st:??Group" );
    [javac]                                         ^
    [javac] /srv/grouper/grouper.api-2.1.4/src/test/edu/internet2/middleware/grouper/xml/importXml/XmlLegacyTest.java:453: warning: unmappable character for encoding ASCII
    [javac]       assertDoNotFindGroupByName( s, "t??st:??Group" );
    [javac]                                             ^
    [javac] /srv/grouper/grouper.api-2.1.4/src/test/edu/internet2/middleware/grouper/xml/importXml/XmlLegacyTest.java:453: warning: unmappable character for encoding ASCII
    [javac]       assertDoNotFindGroupByName( s, "t??st:??Group" );
    [javac]                                              ^
    [javac] /srv/grouper/grouper.api-2.1.4/src/test/edu/internet2/middleware/grouper/xml/importXml/XmlLegacyTest.java:467: warning: unmappable character for encoding ASCII
    [javac]       gA  = assertFindGroupByName( s, "t??st:??Group" );
    [javac]                                         ^
    [javac] /srv/grouper/grouper.api-2.1.4/src/test/edu/internet2/middleware/grouper/xml/importXml/XmlLegacyTest.java:467: warning: unmappable character for encoding ASCII
    [javac]       gA  = assertFindGroupByName( s, "t??st:??Group" );
    [javac]                                          ^
    [javac] /srv/grouper/grouper.api-2.1.4/src/test/edu/internet2/middleware/grouper/xml/importXml/XmlLegacyTest.java:467: warning: unmappable character for encoding ASCII
    [javac]       gA  = assertFindGroupByName( s, "t??st:??Group" );
    [javac]                                              ^
    [javac] /srv/grouper/grouper.api-2.1.4/src/test/edu/internet2/middleware/grouper/xml/importXml/XmlLegacyTest.java:467: warning: unmappable character for encoding ASCII
    [javac]       gA  = assertFindGroupByName( s, "t??st:??Group" );
    [javac]                                               ^
    [javac] Note: Some input files use or override a deprecated API.
    [javac] Note: Recompile with -Xlint:deprecation for details.
    [javac] Note: Some input files use unchecked or unsafe operations.
    [javac] Note: Recompile with -Xlint:unchecked for details.
    [javac] 51 warnings
     [copy] Copying 7 files to /srv/grouper/grouper.api-2.1.4/dist/build/test

dist:
    [mkdir] Created dir: /srv/grouper/grouper.api-2.1.4/dist/lib
     [copy] Copying 1 file to /srv/grouper/grouper.api-2.1.4/dist/build/grouper
     [copy] Copying 1 file to /srv/grouper/grouper.api-2.1.4/dist/build/grouper
     [copy] Copying 1 file to /srv/grouper/grouper.api-2.1.4/dist/build/grouper
     [copy] Copying 1 file to /srv/grouper/grouper.api-2.1.4/dist/build/grouper
      [jar] Building jar: /srv/grouper/grouper.api-2.1.4/dist/lib/grouper-20130602.jar
     [copy] Copying 1 file to /srv/grouper/grouper.api-2.1.4/dist/lib
    [mkdir] Created dir: /srv/grouper/grouper.api-2.1.4/dist/lib/test
      [jar] Building jar: /srv/grouper/grouper.api-2.1.4/dist/lib/test/grouper-test.jar

BUILD SUCCESSFUL
Total time: 40 seconds

Basic Grouper Configuration

  1. Find the following properties in /srv/grouper/grouper.api-2.1.4/conf/grouper.properties and update the values.
groups.create.grant.all.read = false
groups.create.grant.all.view = false
groups.wheel.use = true
grouperIncludeExclude.use = true

The first two properties will prevent everybody from having read and view access to newly created groups by default. The third property will allow the use of a wheel group. Members of the wheel group have full access in Grouper. The name of this wheel group is etc:sysadmingroup. And the forth property allows the use of include/exclude groups.

  1. Configure database settings. Find the following properties in /srv/grouper/grouper.api-2.1.4/conf/grouper.hibernate.properties and update the values.
hibernate.connection.url = jdbc:oracle:thin:@msct.alaska.edu:1536:MSCT
hibernate.connection.username = grouper
hibernate.connection.password = <password>
  1. Configure subject source settings in /srv/grouper/grouper.api-2.1.4/conf/sources.xml.

a) Delete the entire source element with the id jdbc.

b) Add source element for LDAP. Be sure to update the password.

  <source adapterClass="edu.internet2.middleware.grouper.subj.GrouperJndiSourceAdapter">
    <id>ldap</id>
    <name>Alaska Person Source</name>
    <type>person</type>
    <init-param>
      <param-name>INITIAL_CONTEXT_FACTORY</param-name>
      <param-value>com.sun.jndi.ldap.LdapCtxFactory</param-value>
    </init-param>
    <init-param>
      <param-name>PROVIDER_URL</param-name>
      <param-value>ldaps://edir.alaska.edu:636</param-value>
    </init-param>
    <init-param>
      <param-name>SECURITY_AUTHENTICATION</param-name>
      <param-value>simple</param-value>
    </init-param>
    <init-param>
      <param-name>SECURITY_PRINCIPAL</param-name>
      <param-value>uid=grouper03,ou=resource,dc=alaska,dc=edu</param-value>
    </init-param>
    <init-param>
      <param-name>SECURITY_CREDENTIALS</param-name>
      <param-value>secret</param-value>
    </init-param>
     <init-param>
      <param-name>SubjectID_AttributeType</param-name>
      <param-value>BannerID</param-value>
    </init-param>
     <init-param>
      <param-name>SubjectID_formatToLowerCase</param-name>
      <param-value>false</param-value>
    </init-param>
    <init-param>
      <param-name>Name_AttributeType</param-name>
      <param-value>displayName</param-value>
    </init-param>
    <init-param>
      <param-name>Description_AttributeType</param-name>
      <param-value>displayName</param-value>
    </init-param>

    /// Scope Values can be: OBJECT_SCOPE, ONELEVEL_SCOPE, SUBTREE_SCOPE
    /// For filter use

    <search>
        <searchType>searchSubject</searchType>
        <param>
            <param-name>filter</param-name>
            <param-value>
                (BannerID=%TERM%)
            </param-value>
        </param>
        <param>
            <param-name>scope</param-name>
            <param-value>
                SUBTREE_SCOPE
            </param-value>
        </param>
        <param>
            <param-name>base</param-name>
            <param-value>
                ou=people,dc=alaska,dc=edu
            </param-value>
        </param>

    </search>
    <search>
        <searchType>searchSubjectByIdentifier</searchType>
        <param>
            <param-name>filter</param-name>
            <param-value>
                (UASystemID=%TERM%)
            </param-value>
        </param>
        <param>
            <param-name>scope</param-name>
            <param-value>
                SUBTREE_SCOPE
            </param-value>
        </param>
        <param>
            <param-name>base</param-name>
            <param-value>
                ou=people,dc=alaska,dc=edu
            </param-value>
        </param>
    </search>

    <search>
       <searchType>search</searchType>
         <param>
            <param-name>filter</param-name>
            <param-value>
                (|(BannerID=%TERM%)(UASystemID=%TERM%)(cn=*%TERM%*)(displayName=*%TERM%*))
            </param-value>
        </param>
        <param>
            <param-name>scope</param-name>
            <param-value>
                SUBTREE_SCOPE
            </param-value>
        </param>
         <param>
            <param-name>base</param-name>
            <param-value>
                ou=people,dc=alaska,dc=edu
            </param-value>
        </param>
    </search>
    <init-param>
      <param-name>subjectVirtualAttribute_0_searchAttribute0</param-name>
      <param-value>${subjectUtils.defaultIfBlank(subject.getAttributeValueOrCommaSeparated('UASystemID'), "")},${subjectUtils.defaultIfBlank(subject.getAttributeValueOrCommaSeparated('cn'), "")},${subjectUtils.defaultIfBlank(subject.getAttributeValueOrCommaSeparated('BannerID'), "")},${subjectUtils.defaultIfBlank(subject.getAttributeValueOrCommaSeparated('displayName'), "")}</param-value>
    </init-param>
    <init-param>
      <param-name>sortAttribute0</param-name>
      <param-value>sn</param-value>
    </init-param>
    <init-param>
      <param-name>searchAttribute0</param-name>
      <param-value>searchAttribute0</param-value>
    </init-param>

     <!--
     <!- - ##########################  STATUS SECTION for searches to filter out inactives and allow
                                                     the user to filter by status with e.g. status=all
                                                     this is optional, and advanced - ->
     <!- - column or attribute which represents the status - - >
     <!- -
     <init-param>
       <param-name>statusDatastoreFieldName</param-name>
       <param-value>status</param-value>
     </init-param> - - >
     <!- - search string from user which represents the status.  e.g. status=active - - >
     <!- -
     <init-param>
       <param-name>statusLabel</param-name>
       <param-value>status</param-value>
     </init-param> - - >
     <!- - available statuses from screen (if not specified, any will be allowed). comma separated list.
          Note, this is optional and you probably dont want to configure it, it is mostly necessary
          when you have multiple sources with statuses...  if someone types an invalid status
          and you have this configured, it will not filter by it - - >
     <!- -
     <init-param>
       <param-name>statusesFromUser<param-name>
       <param-value>Active, Inactive, Pending, All</param-value>
     </init-param> - - >
     <!- - all label from the user - - >
     <!- -
     <init-param>
       <param-name>statusAllFromUser</param-name>
       <param-value>All</param-value>
     </init-param> - - >
     <!- - if no status is specified, this will be used (e.g. for active only).  Note, the value should be of the
          form the user would type in - - >
     <!- -
     <init-param>
       <param-name>statusSearchDefault</param-name>
       <param-value>status=active</param-value>
     </init-param> - - >
     <!- - translate between screen values of status, and the data store value.  Increment the 0 to 1, 2, etc for more translations.
          so the user could enter: status=active, and that could translate to status_col=A.  The 'user' is what the user types in,
          the 'datastore' is what is in the datastore.  The user part is not case-sensitive.  Note, this could be a many to one - - >
     <!- -
     <init-param>
       <param-name>statusTranslateUser0</param-name>
       <param-value>active</param-value>
     </init-param>
     <init-param>
       <param-name>statusTranslateDatastore0</param-name>
       <param-value>A</param-value>
     </init-param> - - >
     <!- - ########################## END STATUS SECTION - - >
     -->

    <internal-attribute>searchAttribute0</internal-attribute>

    ///Attributes you would like to display when doing a search
    <attribute>cn</attribute>
    <attribute>sn</attribute>
    <attribute>displayName</attribute>
    <attribute>BannerID</attribute>
    <attribute>UASystemID</attribute>

  </source>

With this configuration, the subject id is BannerID. UASystemID is a subject identifier.

Install Grouper database and startup GSH to initialize Grouper objects

[root@grinnell grouper.api-2.1.4]# ./bin/gsh.sh -registry -check
Using GROUPER_HOME: /srv/grouper/grouper.api-2.1.4
Using GROUPER_CONF: /srv/grouper/grouper.api-2.1.4/conf
Using JAVA: java
using MEMORY: 64m-750m
Grouper starting up: version: 2.1.4, build date: 2013/06/02 08:38:25, env: <no label configured>
grouper.properties read from: /srv/grouper/grouper.api-2.1.4/conf/grouper.properties
Grouper current directory is: /srv/grouper/grouper.api-2.1.4
log4j.properties read from:   /srv/grouper/grouper.api-2.1.4/conf/log4j.properties
Grouper is logging to file:   /srv/grouper/grouper.api-2.1.4/logs/grouper_error.log, at min level WARN for package: edu.internet2.middleware.grouper, based on log4j.properties
grouper.hibernate.properties: /srv/grouper/grouper.api-2.1.4/conf/grouper.hibernate.properties
grouper.hibernate.properties: grouper@jdbc:oracle:thin:@msct.alaska.edu:1536:MSCT
sources.xml read from:        /srv/grouper/grouper.api-2.1.4/conf/sources.xml
sources.xml groupersource id: g:gsa
sources.xml ldap source id:   ldap: uid=grouper03,ou=resource,dc=alaska,dc=edu@ldaps://edir.alaska.edu:636
sources.xml groupersource id: grouperEntities
(note, might need to type in your response multiple times (Java stdin is flaky))
(note, you can whitelist or blacklist db urls and users in the grouper.properties)
Are you sure you want to schemaexport all tables (dropThenCreate=F,writeAndRunScript=F) in db user 'grouper', db url 'jdbc:oracle:thin:@msct.alaska.edu:1536:MSCT'? (y|n):
y
Continuing...
Grouper ddl object type 'Grouper' has dbVersion: 0 and java version: 26
Grouper ddl object type 'Subject' has dbVersion: 0 and java version: 1
Grouper database schema DDL requires updates
(should run script manually and carefully, in sections, verify data before drop statements, backup/export important data before starting, follow change log on confluence, dont run exact same script in multiple envs - generate a new one for each env),
script file is:
/srv/grouper/grouper.api-2.1.4/ddlScripts/grouperDdl_20130602_08_56_15_817.sql
Note: this script was not executed due to option passed in
To run script via gsh, carefully review it, then run this:
gsh -registry -runsqlfile /srv/grouper/grouper.api-2.1.4/ddlScripts/grouperDdl_20130602_08_56_15_817.sql
[root@grinnell grouper.api-2.1.4]# ./bin/gsh.sh -registry -runsqlfile ddlScripts/grouperDdl_20130602_08_56_15_817.sql
Using GROUPER_HOME: /srv/grouper/grouper.api-2.1.4
Using GROUPER_CONF: /srv/grouper/grouper.api-2.1.4/conf
Using JAVA: java
using MEMORY: 64m-750m
(note, might need to type in your response multiple times (Java stdin is flaky))
(note, you can whitelist or blacklist db urls and users in the grouper.properties)
Are you sure you want to run the sql file in db user 'grouper', db url 'jdbc:oracle:thin:@msct.alaska.edu:1536:MSCT'? (y|n):
y
Continuing...
Script was executed successfully

Grouper starting up: version: 2.1.4, build date: 2013/06/02 08:38:25, env: <no label configured>
grouper.properties read from: /srv/grouper/grouper.api-2.1.4/conf/grouper.properties
Grouper current directory is: /srv/grouper/grouper.api-2.1.4
log4j.properties read from:   /srv/grouper/grouper.api-2.1.4/conf/log4j.properties
Grouper is logging to file:   /srv/grouper/grouper.api-2.1.4/logs/grouper_error.log, at min level WARN for package: edu.internet2.middleware.grouper, based on log4j.properties
grouper.hibernate.properties: /srv/grouper/grouper.api-2.1.4/conf/grouper.hibernate.properties
grouper.hibernate.properties: grouper@jdbc:oracle:thin:@msct.alaska.edu:1536:MSCT
sources.xml read from:        /srv/grouper/grouper.api-2.1.4/conf/sources.xml
sources.xml groupersource id: g:gsa
sources.xml ldap source id:   ldap: uid=grouper03,ou=resource,dc=alaska,dc=edu@ldaps://edir.alaska.edu:636
sources.xml groupersource id: grouperEntities
[root@grinnell grouper.api-2.1.4]#
[root@grinnell grouper.api-2.1.4]#
[root@grinnell grouper.api-2.1.4]#
[root@grinnell grouper.api-2.1.4]# ./bin/gsh.sh
Using GROUPER_HOME: /srv/grouper/grouper.api-2.1.4
Using GROUPER_CONF: /srv/grouper/grouper.api-2.1.4/conf
Using JAVA: java
using MEMORY: 64m-750m
Grouper starting up: version: 2.1.4, build date: 2013/06/02 08:38:25, env: <no label configured>
grouper.properties read from: /srv/grouper/grouper.api-2.1.4/conf/grouper.properties
Grouper current directory is: /srv/grouper/grouper.api-2.1.4
log4j.properties read from:   /srv/grouper/grouper.api-2.1.4/conf/log4j.properties
Grouper is logging to file:   /srv/grouper/grouper.api-2.1.4/logs/grouper_error.log, at min level WARN for package: edu.internet2.middleware.grouper, based on log4j.properties
grouper.hibernate.properties: /srv/grouper/grouper.api-2.1.4/conf/grouper.hibernate.properties
grouper.hibernate.properties: grouper@jdbc:oracle:thin:@msct.alaska.edu:1536:MSCT
sources.xml read from:        /srv/grouper/grouper.api-2.1.4/conf/sources.xml
sources.xml groupersource id: g:gsa
sources.xml ldap source id:   ldap: uid=grouper03,ou=resource,dc=alaska,dc=edu@ldaps://edir.alaska.edu:636
sources.xml groupersource id: grouperEntities
Grouper warning: cannot find group from config: wheel group from grouper.properties key: groups.wheel.group: etc:sysadmingroup
Grouper note: auto-created attributeDefName: etc:attribute:attrExternalSubjectInvite:externalSubjectInvite
Grouper note: auto-created attributeDefName: etc:attribute:attrExternalSubjectInvite:externalSubjectInviteExpireDate
Grouper note: auto-created attributeDefName: etc:attribute:attrExternalSubjectInvite:externalSubjectInviteDate
Grouper note: auto-created attributeDefName: etc:attribute:attrExternalSubjectInvite:externalSubjectEmailAddress
Grouper note: auto-created attributeDefName: etc:attribute:attrExternalSubjectInvite:externalSubjectInviteGroupUuids
Grouper note: auto-created attributeDefName: etc:attribute:attrExternalSubjectInvite:externalSubjectInviteMemberId
Grouper note: auto-created attributeDefName: etc:attribute:attrExternalSubjectInvite:externalSubjectInviteUuid
Grouper note: auto-created attributeDefName: etc:attribute:attrExternalSubjectInvite:externalSubjectInviteEmailWhenRegistered
Grouper note: auto-created attributeDefName: etc:attribute:attrExternalSubjectInvite:externalSubjectInviteEmail
Grouper note: auto-created attributeDefName: etc:attribute:rules:rule
Grouper note: auto-created attributeDefName: etc:attribute:rules:ruleActAsSubjectId
Grouper note: auto-created attributeDefName: etc:attribute:rules:ruleActAsSubjectIdentifier
Grouper note: auto-created attributeDefName: etc:attribute:rules:ruleActAsSubjectSourceId
Grouper note: auto-created attributeDefName: etc:attribute:rules:ruleCheckType
Grouper note: auto-created attributeDefName: etc:attribute:rules:ruleCheckOwnerId
Grouper note: auto-created attributeDefName: etc:attribute:rules:ruleCheckOwnerName
Grouper note: auto-created attributeDefName: etc:attribute:rules:ruleCheckStemScope
Grouper note: auto-created attributeDefName: etc:attribute:rules:ruleCheckArg0
Grouper note: auto-created attributeDefName: etc:attribute:rules:ruleCheckArg1
Grouper note: auto-created attributeDefName: etc:attribute:rules:ruleIfOwnerId
Grouper note: auto-created attributeDefName: etc:attribute:rules:ruleIfOwnerName
Grouper note: auto-created attributeDefName: etc:attribute:rules:ruleIfConditionEl
Grouper note: auto-created attributeDefName: etc:attribute:rules:ruleIfConditionEnum
Grouper note: auto-created attributeDefName: etc:attribute:rules:ruleIfConditionEnumArg0
Grouper note: auto-created attributeDefName: etc:attribute:rules:ruleIfConditionEnumArg1
Grouper note: auto-created attributeDefName: etc:attribute:rules:ruleIfStemScope
Grouper note: auto-created attributeDefName: etc:attribute:rules:ruleThenEl
Grouper note: auto-created attributeDefName: etc:attribute:rules:ruleThenEnum
Grouper note: auto-created attributeDefName: etc:attribute:rules:ruleThenEnumArg0
Grouper note: auto-created attributeDefName: etc:attribute:rules:ruleThenEnumArg1
Grouper note: auto-created attributeDefName: etc:attribute:rules:ruleThenEnumArg2
Grouper note: auto-created attributeDefName: etc:attribute:rules:ruleValid
Grouper note: auto-created attributeDefName: etc:attribute:rules:ruleRunDaemon
Grouper note: auto-created attributeDefName: etc:attribute:permissionLimits:limitExpression
Grouper note: auto-created attributeDefName: etc:attribute:permissionLimits:limitIpOnNetworks
Grouper note: auto-created attributeDefName: etc:attribute:permissionLimits:limitIpOnNetworkRealm
Grouper note: auto-created attributeDefName: etc:attribute:permissionLimits:limitLabelsContain
Grouper note: auto-created attributeDefName: etc:attribute:permissionLimits:limitAmountLessThan
Grouper note: auto-created attributeDefName: etc:attribute:permissionLimits:limitAmountLessThanOrEqual
Grouper note: auto-created attributeDefName: etc:attribute:permissionLimits:limitWeekday9to5
Grouper note: auto-created attributeDefName: etc:attribute:attrLoader:attributeLoader
Grouper note: auto-created attributeDefName: etc:attribute:attrLoader:attributeLoaderType
Grouper note: auto-created attributeDefName: etc:attribute:attrLoader:attributeLoaderDbName
Grouper note: auto-created attributeDefName: etc:attribute:attrLoader:attributeLoaderScheduleType
Grouper note: auto-created attributeDefName: etc:attribute:attrLoader:attributeLoaderQuartzCron
Grouper note: auto-created attributeDefName: etc:attribute:attrLoader:attributeLoaderIntervalSeconds
Grouper note: auto-created attributeDefName: etc:attribute:attrLoader:attributeLoaderPriority
Grouper note: auto-created attributeDefName: etc:attribute:attrLoader:attributeLoaderAttrsLike
Grouper note: auto-created attributeDefName: etc:attribute:attrLoader:attributeLoaderAttrQuery
Grouper note: auto-created attributeDefName: etc:attribute:attrLoader:attributeLoaderAttrSetQuery
Grouper note: auto-created attributeDefName: etc:attribute:attrLoader:attributeLoaderActionQuery
Grouper note: auto-created attributeDefName: etc:attribute:attrLoader:attributeLoaderActionSetQuery
Grouper note: auto-created attributeDefName: etc:attribute:loaderLdap:grouperLoaderLdap
Grouper note: auto-created attributeDefName: etc:attribute:loaderLdap:grouperLoaderLdapType
Grouper note: auto-created attributeDefName: etc:attribute:loaderLdap:grouperLoaderLdapServerId
Grouper note: auto-created attributeDefName: etc:attribute:loaderLdap:grouperLoaderLdapFilter
Grouper note: auto-created attributeDefName: etc:attribute:loaderLdap:grouperLoaderLdapQuartzCron
Grouper note: auto-created attributeDefName: etc:attribute:loaderLdap:grouperLoaderLdapSearchDn
Grouper note: auto-created attributeDefName: etc:attribute:loaderLdap:grouperLoaderLdapSubjectAttribute
Grouper note: auto-created attributeDefName: etc:attribute:loaderLdap:grouperLoaderLdapSourceId
Grouper note: auto-created attributeDefName: etc:attribute:loaderLdap:grouperLoaderLdapSubjectIdType
Grouper note: auto-created attributeDefName: etc:attribute:loaderLdap:grouperLoaderLdapAndGroups
Grouper note: auto-created attributeDefName: etc:attribute:loaderLdap:grouperLoaderLdapSearchScope
Grouper note: auto-created attributeDefName: etc:attribute:loaderLdap:grouperLoaderLdapPriority
Grouper note: auto-created attributeDefName: etc:attribute:loaderLdap:grouperLoaderLdapGroupsLike
Grouper note: auto-created attributeDefName: etc:attribute:loaderLdap:grouperLoaderLdapGroupAttribute
Grouper note: auto-created attributeDefName: etc:attribute:loaderLdap:grouperLoaderLdapAttributeFilterExpression
Grouper note: auto-created attributeDefName: etc:attribute:loaderLdap:grouperLoaderLdapExtraAttributes
Grouper note: auto-created attributeDefName: etc:attribute:loaderLdap:grouperLoaderLdapErrorUnresolvable
Grouper note: auto-created attributeDefName: etc:attribute:loaderLdap:grouperLoaderLdapGroupNameExpression
Grouper note: auto-created attributeDefName: etc:attribute:loaderLdap:grouperLoaderLdapGroupDisplayNameExpression
Grouper note: auto-created attributeDefName: etc:attribute:loaderLdap:grouperLoaderLdapGroupDescriptionExpression
Grouper note: auto-created attributeDefName: etc:attribute:loaderLdap:grouperLoaderLdapSubjectExpression
Grouper note: auto-created attributeDefName: etc:attribute:loaderLdap:grouperLoaderLdapGroupTypes
Grouper note: auto-created attributeDefName: etc:attribute:loaderLdap:grouperLoaderLdapReaders
Grouper note: auto-created attributeDefName: etc:attribute:loaderLdap:grouperLoaderLdapViewers
Grouper note: auto-created attributeDefName: etc:attribute:loaderLdap:grouperLoaderLdapAdmins
Grouper note: auto-created attributeDefName: etc:attribute:loaderLdap:grouperLoaderLdapUpdaters
Grouper note: auto-created attributeDefName: etc:attribute:loaderLdap:grouperLoaderLdapOptins
Grouper note: auto-created attributeDefName: etc:attribute:loaderLdap:grouperLoaderLdapOptouts
Grouper note: auto-created attributeDefName: etc:attribute:entities:entitySubjectIdentifier
Type help() for instructions
gsh 0% addGroup("etc", "sysadmingroup", "sysadmingroup")
group: name='etc:sysadmingroup' displayName='etc:sysadmingroup' uuid='481175bb2a9a4e909273eec0a8fc7b21'
gsh 1% quit

Start Grouper Daemon

[root@grinnell ~]# cd /srv/grouper/grouper.api-2.1.4
[root@grinnell grouper.api-2.1.4]# nohup ./bin/gsh.sh -loader &
[1] 2217
[root@grinnell grouper.api-2.1.4]# nohup: ignoring input and appending output to `nohup.out'

The Grouper Daemon can later be stopped by killing the process.

Add basic folder structure

This is partially based on the structure discussed here: https://iam.alaska.edu/grouper/wiki/Phase1Planning

Folder display names should probably be changed to something more friendly.

[root@grinnell grouper.api-2.1.4]# ./bin/gsh.sh Using GROUPER_HOME: /srv/grouper/grouper.api-2.1.4 Using GROUPER_CONF: /srv/grouper/grouper.api-2.1.4/conf Using JAVA: java using MEMORY: 64m-750m Grouper starting up: version: 2.1.4, build date: 2013/06/02 08:38:25, env: <no label configured> grouper.properties read from: /srv/grouper/grouper.api-2.1.4/conf/grouper.properties Grouper current directory is: /srv/grouper/grouper.api-2.1.4 log4j.properties read from: /srv/grouper/grouper.api-2.1.4/conf/log4j.properties Grouper is logging to file: /srv/grouper/grouper.api-2.1.4/logs/grouper_error.log, at min level WARN for package: edu.internet2.middleware.grouper, based on log4j.properties grouper.hibernate.properties: /srv/grouper/grouper.api-2.1.4/conf/grouper.hibernate.properties grouper.hibernate.properties: grouper@jdbc:oracle:thin:@msct.alaska.edu:1536:MSCT sources.xml read from: /srv/grouper/grouper.api-2.1.4/conf/sources.xml sources.xml groupersource id: g:gsa sources.xml ldap source id: ldap: uid=grouper03,ou=resource,dc=alaska,dc=edu@ldaps://edir.alaska.edu:636 sources.xml groupersource id: grouperEntities Type help() for instructions gsh 0% addRootStem("ua", "ua") stem: name='ua' displayName='ua' uuid='11c11b24137f4c28834d5a9b6e45fee4' gsh 1% addStem("ua", "inst", "inst") stem: name='ua:inst' displayName='ua:inst' uuid='1a35d8a7ca804572a5adb894bf25aa0c' gsh 2% addStem("ua:inst", "buildings", "buildings") stem: name='ua:inst:buildings' displayName='ua:inst:buildings' uuid='05ccd68f773d420aab4769f2a728b79d'