Versions Compared

Old Version 1

changes.mady.by.user Scott Koranda

Saved on

compared with

New Version 2

changes.mady.by.user Scott Koranda

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. As the platform administrator or a CO administrator use the Collaborations menu to select the CO as the active working CO.
  2. From the Configuration menu choose Provisioning Targets to open the Provisioning Targets view.
  3. Click "Add Provisioning Target".
  4. Complete the form for the new provisioning target:
    1. Enter a description for this provisioner, such as "Primary Grouper Deployment".
    2. Choose "Grouper Provisioner" as the plugin.
    3. Select "Automatic Mode" as the status.
  5. Click "Add" to create the provisioner. A form to configure the Grouper Provisioner instance will be opened.
  6. Complete the form to configure the Grouper Provisioner instance:
    1. Enter a URL with scheme and host for the Grouper WS instance, eg. https://some.server.edu
    2. Enter the context path on the server where the Grouper WS can be found, eg. /grouper-ws
    3. Enter the login for the user that will access the Grouper WS and invoke WS calls, eg. GrouperSystem
    4. Enter the password for the user that will access the Grouper WS and invoke WS calls
    5. Enter the full Grouper stem or folder under which the CO groups will be created. A typical deployment pattern is to use the name of the CO as the leaf stem, but it is not a requirement. If the stem does not exist the provisioner will attempt to create it.
    6. Choose the identifier to be used as the Grouper UI login identifier. You will probably want to use the CO unique identifier if you defined one.
    7. Choose the email identifier to be used as the email attribute for the Grouper subject or user. A typical deployment pattern is to use the official email for the CO Person.
    8. The subject source view name is pre-populated with a default in the text box. We strongly recommend using the recommended default.  Please note the name of the view.
    9. Click "Save" to save the configuration.

  7. The Grouper Provisioner automatically creates a (per-CO) SQL view that Grouper can use as a source of subjects or users. Before Grouper can use the view, however, you must create a user in your database and grant it SELECT privileges on the view. For example with MySQL/MariaDB you might enter 

    Code Block
    CREATE USER 'grouper_subject_query'@'localhost' IDENTIFIED BY 'some_password';
GRANT SELECT ON cm_co_grouper_subjects_1 TO 'grouper_subject_query'@'localhost';