...
- As the platform administrator or a CO administrator use the Collaborations menu to select the CO as the active working CO.
- From the Configuration menu choose Provisioning Targets to open the Provisioning Targets view.
- Click "Add Provisioning Target".
- Complete the form for the new provisioning target:
- Enter a description for this provisioner, such as "Primary Grouper Deployment".
- Choose "Grouper Provisioner" as the plugin.
- Select "Automatic Mode" as the status.
- Click "Add" to create the provisioner. A form to configure the Grouper Provisioner instance will be opened.
- Complete the form to configure the Grouper Provisioner instance:
- Enter a URL with scheme and host for the Grouper WS instance, eg. https://some.server.edu
- Enter the context path on the server where the Grouper WS can be found, eg. /grouper-ws
- Enter the login for the user that will access the Grouper WS and invoke WS calls, eg. GrouperSystem
- Enter the password for the user that will access the Grouper WS and invoke WS calls
- Enter the full Grouper stem or folder under which the CO groups will be created. A typical deployment pattern is to use the name of the CO as the leaf stem, but it is not a requirement. If the stem does not exist the provisioner will attempt to create it.
- Choose the identifier to be used as the Grouper UI login identifier. You will probably want to use the CO unique identifier if you defined one.
- Choose the email identifier to be used as the email attribute for the Grouper subject or user. A typical deployment pattern is to use the official email for the CO Person.
- The subject source view name is pre-populated with a default in the text box. We strongly recommend using the recommended default. Please note the name of the view.
- Click "Save" to save the configuration.
The Grouper Provisioner automatically creates a (per-CO) SQL view that Grouper can use as a source of subjects or users. Before Grouper can use the view, however, you must create a user in your database and grant it SELECT privileges on the view. For example with MySQL/MariaDB you might enter
Code Block CREATE USER 'grouper_subject_query'@'localhost' IDENTIFIED BY 'some_password'; GRANT SELECT ON cm_co_grouper_subjects_1 TO 'grouper_subject_query'@'localhost';