Nuxeo mailing list archives
[CPS-devel] RE :Re: RE :Re: CPSLDAPSetup with Windows AD
RAAD Umar
raa at dsr.ch
Thu Jun 15 11:28:39 CEST 2006
First of all Olivier... I want to help you for all the help you provide... I would really get lost without it :-)
>This is indeed irrelevant ... The part I'm interested in is the complete python
>traceback (scroll the window on the right or http://getfirefox.com :)
You're right... I had to scroll to the right and it was here... But no need for that anymore... It works :-)
I can make queries from the ZMI to my AD and I can login and manage my users from the CPS interface as long as I log is as cpsadmin (user created in ZMI/Root Folder/acl_users with the member role)... I have one last problem but I'll describe it at the end of this mail.
>The ldap_bind_dn is not a dn which is a bad start :)
>The ldap_bind_dn should reference a real LDAP object (such as an admin >account for instance) that has the rights to manage (view/edit/create) >entries in the "ldap_base" branch.
You're right (again) there was an error in this line... The right value should have been:
"<property name="ldap_bind_dn">cps at gogol.ch</property>"
NOT "<property name="ldap_bind_dn">cps at dc1.gogol.ch</property>"
The members_ldap.xml model provided in this post:
http://svn.nuxeo.org/trac/pub/ticket/1661
is a bit confusing about that (And I get confused)
Another strange, but good, point is that when I go to manage the users (Users from AD) from the CPS interface they're already configured with the member role.
Now the few problems that I still have with that (2 in fact):
1) In the CPS interface, I log in as cpsadmin and go to "annuaires --> membres". There I make a search with * in username. It finds all my AD users and shows the infos about the first name, last name and mail address, but it doesn't show the usernames???
2) When I try to log in with one of the AD users (I checked that he has the member role) I receive the good old "L'authentification a échoué" message... In the event.log file I have this line :
"2006-06-15T10:43:31 ERROR getUserWithAuthentication Search on uid=cpsuser1 returned several entries, confusing authentication rejected"
What's strange about that is that I also have the same log when I try to log in as cpsadmin who doesn't exist in AD
"2006-06-15T10:46:00 ERROR getUserWithAuthentication Search on uid=cpsadmin returned several entries, confusing authentication rejected"
Any idea about that???
Thanks again for all your help
Umar
More information about the cps-devel
mailing list
This list archive provided by Nuxeo, the
leaders of open source ECM.
Check out the Nuxeo 5 open source,
standards-based ECM project.