Nuxeo mailing list archives
[CPS-devel] Re: RE :Re: RE :Re: CPSLDAPSetup with Windows AD
Olivier Grisel
ogrisel at nuxeo.com
Thu Jun 15 12:22:59 CEST 2006
RAAD Umar a écrit :
> You're right (again) there was an error in this line... The right value should have been:
>
> "<property name="ldap_bind_dn">cps at gogol.ch</property>"
> NOT "<property name="ldap_bind_dn">cps at dc1.gogol.ch</property>"
Hum, this is still not a dn.
> The members_ldap.xml model provided in this post:
> http://svn.nuxeo.org/trac/pub/ticket/1661
> is a bit confusing about that (And I get confused)
Ok the sample syntax in that package is misleading.
A dn should be something like:
cn=cps,ou=applications,dc=mysite,dc=net
And this LDAP object should be configured have full access right to the ldap
branch of your users.
> Another strange, but good, point is that when I go to manage the users (Users from AD) from the CPS interface they're already configured with the member role.
Yes, the Member role is now automatically computed in the members schema.
> Now the few problems that I still have with that (2 in fact):
>
> 1) In the CPS interface, I log in as cpsadmin and go to "annuaires --> membres". There I make a search with * in username. It finds all my AD users and shows the infos about the first name, last name and mail address, but it doesn't show the usernames???
This is hardcoded to show 'id' in the template which is bad: here is a better
version of the template :
http://svn.nuxeo.org/trac/pub/browser/CPS3/products/CPSDirectory/trunk/skins/cps_directory/getDirectoryResultFields.py
> 2) When I try to log in with one of the AD users (I checked that he has the member role) I receive the good old "L'authentification a échoué" message... In the event.log file I have this line :
>
> "2006-06-15T10:43:31 ERROR getUserWithAuthentication Search on uid=cpsuser1 returned several entries, confusing authentication rejected"
>
> What's strange about that is that I also have the same log when I try to log in as cpsadmin who doesn't exist in AD
>
> "2006-06-15T10:46:00 ERROR getUserWithAuthentication Search on uid=cpsadmin returned several entries, confusing authentication rejected"
>
> Any idea about that???
The id_field of your members directory is still set to "uid" instead of
sAMAccountName. You should check that in ZMI: portal_directories/members (
portal_directories/members_stack as well).
--
Olivier
More information about the cps-devel
mailing list
This list archive provided by Nuxeo, the
leaders of open source ECM.
Check out the Nuxeo 5 open source,
standards-based ECM project.