To retrieve and combine the security groups from SharePoint and a claims provider other than Active Directory, create the following tasks in the OmniGroupServer configuration file.
SynchronizeGroups fetch action to the SharePoint connector, according to the schedule that you configure.To retrieve and combine security groups
In the [Repositories] section, create three repositories - one for the SharePoint groups, one for groups retrieved from the claims provider, and another to combine the information. For example:
[Repositories] GroupServerDefaultRepositories=Combine Number=3 0=SharePointOnPremise 1=Claims 2=Combine
In the section that you created to retrieve the SharePoint groups, create a task to extract the information from SharePoint. You can use the following configuration parameters (for a complete list of configuration parameters, refer to the OmniGroupServer Reference):
GroupServerJobType
|
The type of task that OmniGroupServer must run. To retrieve SharePoint groups, set this parameter to Connector. This instructs OmniGroupServer to send the SynchronizeGroups fetch action to the connector. |
ConnectorHost
|
The host name or IP address of the machine that hosts the SharePoint connector. |
ConnectorPort
|
The ACI port of the connector. |
ConnectorTask
|
The name of a fetch task in the connector’s configuration file that contains the information and credentials required to connect to the SharePoint repository. |
For example:
[SharepointOnPremise] GroupServerJobType=Connector ConnectorHost=localhost ConnectorPort=7024 ConnectorTask=SharePointOnPremise
In the section that you created to retrieve the users and groups from the claims provider, configure a task to extract the information. The following example shows how you might extract information from an ASP.NET claims provider using ODBC. For a complete list of configuration parameters that you can use, refer to the OmniGroupServer Reference.
[Claims]
GroupServerLibrary=ogs_dbodbc
ConnectionString=DSN=SP2013FBA;UID=user;PWD=password;Database=DatabaseName
ExecuteSection0=Database_GetUsers
ExecuteSection1=Database_GetGroups
ExecuteSection2=Database_GetGroupMembers
GroupServerOpApplyTo0=GROUP
GroupServerOp0=PREPEND
GroupServerOpParam0=SQL_ROLE_PROVIDER:
GroupServerOpApplyTo1=USER
GroupServerOp1=PREPEND
GroupServerOpParam1=SQL_MEMBERSHIP_PROVIDER:
[Database_GetUsers]
SQLStatement=SELECT DISTINCT UserName FROM dbo.aspnet_Users
AddType=USER
UserColumn=UserName
[Database_GetGroups]
SQLStatement=SELECT DISTINCT RoleName FROM dbo.aspnet_Roles
AddType=GROUP
GroupColumn=RoleName
[Database_GetGroupMembers]
SQLStatement=SELECT U.UserName,R.RoleName FROM FBA_USER_DB.dbo.aspnet_Users U
JOIN FBA_USER_DB.dbo.aspnet_UsersInRoles UIR ON U.UserId = UIR.UserId
JOIN FBA_USER_DB.dbo.aspnet_Roles R ON R.RoleId = UIR.RoleId
AddType=USERGROUP
UserColumn=UserName
GroupColumn=RoleName
The value of the SQLStatement parameter must be on one line.
In the section that you created for combining the security groups, configure a task to combine the group information. You can use the following configuration parameters (for a complete list of configuration parameters, refer to the OmniGroupServer Reference):
GroupServerJobType
|
The type of task that OmniGroupServer must run. Set this parameter to Combine. |
GroupServerSections
|
The names of the repositories in the configuration file that you want to merge. |
GroupServerStartDelaySecs
|
The number of seconds to wait before starting the task. It is important to set this parameter so that the combine operation does not start until the security groups have been retrieved. This ensures that the combine operation uses the latest information. The delay that you specify only has to ensure that the other jobs start first. |
For example:
[Combine] GroupServerJobType=Combine GroupServerSections=SharepointOnPremise,Claims GroupServerStartDelaySecs=10
(Optional) You can set further parameters to define the schedule for the tasks. To run all of the tasks on the same schedule, set these parameters in the [Default] section. To run a task on a different schedule, set these parameters in the task section.
GroupServerStartTime
|
The time when a task starts. |
GroupServerRepeatSecs
|
The number of seconds that should elapse before the Group Server repeats a task. |
For example:
[Default] GroupServerStartTime=12:00 GroupServerRepeatSecs=3600
|
|