[CPS-devel] Re: CPS3.4 + LDAP

Olivier Grisel ogrisel at nuxeo.com
Thu May 11 11:46:41 CEST 2006 

Aitzol Naberan a écrit :
> Thanks for your replies, I will mix both mails here to answer to your
> comments:
> 
> Olivier:
>> You probably do not need a MetaDirectory but you need a StackingDirectory to be able to translate primary keys (DN <-> group id)
> 
> I can get group_id from the meta directory mapping cn<->group. But it
> have a problem: I can't use local_role interface to asign local roles to
> a group. If I use a Stacking Directory (updated doc about directories
> will be great!) I can asign local roles to a group, but I can't see
> groups info in Directories search (but this is a minor problem, so I
> prefer the stack directory)

You can use both as for the members directories. The stacking is needed on top 
of the ldap dir to do the dn <-> cn translation of the primary key ("id field") 
and the meta dir can be used to rename name of some fields if necessary. The 
localrole interface should only use the fields that are tagged 'id field' and 
'title field' in the top level dirs.

> objectClass for groups is groupOfUniqueNames. For the roles I wil try
> same approach (I have something done), but if you have something in mind
> I will be happy to listen your ideas. Roles objectClass is also
> groupOfUniqueName.

Would it be possible to store the uid of the members instead of the dns in your 
groupOfUniqueNames field ?

>> Needless to say, if you've come to a satisfactory setup, we'd be more than happy to integrate it in CPSLDAPSetup. 

There should be an export tab for each directory or better you can use the 
export tab of portal_setup and export the directories, schemas and layouts steps.

> If is there a easy way of exporting my setup I have no problem to send it.
> 
> I don't understand very well the part of the read_process_exp-based
> part. Is there a way to execute a script from the schema? I say
> something like doing a search in LDAP to get user groups. Is this posible?

Yes, as I said earlier look at the members schemas: the fields cpsGroups and 
cpsRoles are computed fields that use crossSetList and crossGetList functions 
that are available in the fields namespaces.

-- 
Olivier

More information about the cps-devel mailing list
More information about CPS: CPS project - CVS - API

Hosting: Nuxeo: Zope service provider

This list archive provided by Nuxeo, the leaders of open source ECM. Check out the Nuxeo 5 open source, standards-based ECM project.