Just found something that had been right in front of my face: On Fri, Sep 07, 2012 at 11:20:57AM -0500, Michael Jinks wrote: > > Dos assignment to groups happen within VCL or would that need to happen > at the IdP? If in VCL, I can't find the interface.
I just (re)discovered the "Add" box at the bottom fo the "Edit" interface under the User Groups interface. Added myself to our shib-admin@UCHICAGO group, maybe that will help... But something else is still not quite right. Under "Manage" -> "Groups", the shib-admin group appears, but the shib-staff group does not. It does appear in the Privileges interface though. When I try to add it, I get an error saying that a group by that name already exists. So, unless I can figure out how to make shib-user appear in Manage -> Groups, I don't see a way to add users to that group, unless it happens automatically upstreadm, e.g. at the IdP, e.g. seeded by Grouper or whatever. What am I still not seeing? Thanks. Sorry if I'm being dense.
