Group Expansion Tutorial
Suppose you wish to configure group expansion for an Aspire system. Your system will have a CIFS connector, SharePoint 2010 connector and a Lotus Notes connector. Group membership in the organisation is held in Active Directory and the Lotus Notes user name is held in the lnUserName attribute of the user in Active Directory. You search engine will request group expansion using http requests.
Group Expansion Components Required
In order to provide group expansion for the above scenario, you will need to use:
- The Aspire LDAP Cache Service
- You will require this service to provide Active Directory attributes to the group expansion request in order to get the Lotus Notes username. You will also need it in order to provide “external” groups to the SharePoint 2010 connector.
- The Aspire Group Expansion Manager Service
- You will require this service in order to serve group expansion requests via http and to route the requests to the various content source connectors to collect groups.
Installation Process
Overview
The basic order of installation to attain the configuration noted above would be:
- Install LDAP Cache service
- Install content source connectors
- Install Group Expansion Manager service
It is possible to install the connectors before the LDAP Cache service, but you would need to revisit the SharePoint Connector after the LDAP Cache was installed so the above order is preferable.
Detail on installing and configuring the LDAP Cache and Group Expansion Manager services is given below
Install the LDAP Cache service
See the tutorial here for details.
Install the Connectors
Installing the connectors is not covered in this guide. Refer to the appropriate documentation. Note however, that when you install the SharePoint connector (or any other that requires external groups) you should configure it to use the LDAP Cache service for external groups.
Install the Group Expansion Manager service
Content source management page |
|
| Using the settings button on the right hand side of the screen to load the Services console. |
|
| |
| Select Add service and then the Group Expansion Manager |
|
The service will now load the configuration screen. This may take a moment if the connection to the internet is slow. Once the service has been downloaded, you will see the following: |
|
| Enter a service name: |
|
| Click the Service tab at the top of the screen or use the arrow at the right of the screen to move to the service configuration screen. You will now see the service configuration. In order to use Active Directory you must configure the group expansion manager with an LDAP Cache. Use the LDAP Cache drop down and select the LDAP cache you installed earlier. |
|
Scroll down to configure the expanders – the content sources to which the expansion request will be sent. Add the SharePoint connector and the Notes connector, by pressing the Add link under Expanders and select the connector from the drop down. You don’t need to add the CIFS connector as this only uses Active Directory groups and and we have those by virtue of having checked the Attach LDAP Groups and configuring the LDAP Cache. As you add the SharePoint connector, you can leave the Lookup Attribute Path blank, as we want to use whatever username is passed to us on the original group expansion request. However, for the Notes connector, we want the username looked up to be taken from the user’s lnUserName LDAP attribute. When connected to the LDAP Cache, all the LDAP attributes for the user are added to the expansion request under the path /doc/ldap. As we want to look up the lnUserName attribute for the Notes expansion, we add a Lookup Attribute Path of /doc/ldap/lnUserName. |
|
Once the Expanders are configured, press Save at the top of the screen to save the configuration and load the service. Again this may take a moment while the required components are downloaded. Once the service is installed, you will be taken back to the services home page. The configuration of the group expansion is now complete. |
|
Overview
Content Tools