Authorization control of groups of users of systems using Globus-enabled
systems are handled by so-called "gridmap" files that specify access
control rules for various resources.
The Caltech Virtual Organization Group Manager offers a solution for
managing large groups of users using user and group information stored in an
LDAP database on machines running Globus.
Administration can be done remotely from any computer, with security handled
by the LDAP server.
Current functionality includes:
- Initialization of the LDAP server with top level nodes to store groups
- Creation/editing of groups and populating groups with users
- NEW Support for certificate LDAP server at
See the download page for the latest
Apr 1, 2003
Version 0.3.2 released, with support for instalaltions with both pygtk1 and
Jul 31, 2002
Version 0.3.1 released, with some bugfixes, and most importantly uses the
EDG subject line format (/-separated) even if a certificate uses a
comma-separated subject line.
Jul 26, 2002
Moved the project to Sourceforge. Thanks to the
SF people for their support!
Jul 23, 2002
RedHat 7.1, 7.2 and 7.3 packages for pygtk and python-ldap
are now available in the download area.
Jul 15, 2002
New release 0.3.0.
This is the result of a week's hacking at FNAL. Thanks to Yujun and Scott
for more testing!
- The internal organization of the LDAP directory was changed to match
the EDG setup. Thanks to Roberto Cecchini for his help to get this right.
The edg-mkgridmap tool can now be used to create grid-map files from
directories created by VOgroup, as well as the INFN VO scripts.
- All downloads are now asynchronous, with plenty of feedback during the
downloads. Hopefully this should mostly eliminate the 'blank wizard window'
effect seen when downloading data from slow sites.
- Fixed a bug where the application would crash when no ~/.VOgrouprc file was found.
- User information can now be downloaded from multiple CAs, and stored in
the same directory as the group information.
Due to the directory change above, it is recommended that you follow these
steps to reinitialize the ldap database (for OpenLDAP):
In order to populate the user database do the following:
- Shut down slapd
- Remove the database files that slapd was using. The directory
where these files are stored is specified in slapd.conf with the
- Restart slapd
- Start the VOgroup application.
- Connect using File->Connect and fill in the information
- Check the option Init LDAP database and fill in an
organization name in the Org field. Note that the organization name
is just a description, and does not affect the structure of the LDAP
directory in any way.
You should now be able to create and edit groups using the Group
- Connect to the LDAP server using File->Connect.
- Download the user information using File->Update user info.
Jul 2, 2002
New release (0.2.1), with some brown paper bag fixes. Thanks to Scott for
trying out 0.2.
Jul 1, 2002
Added support for certificates stored at a different location as the group
information. Use the newly available LDAP certificate server at
Apr 11, 2002
Created GroupMan page.
Modified on 26 Jul 2002/19:54:47 by conrad