[CPS-devel] Re: CPS3.4 + LDAP

Aitzol Naberan anaberan at codesyntax.com
Mon May 15 17:42:36 CEST 2006 


Olivier Grisel wrote:
> Aitzol Naberan a écrit :
>> I can get group_id from the meta directory mapping cn<->group. But it
>> have a problem: I can't use local_role interface to asign local roles to
>> a group. If I use a Stacking Directory (updated doc about directories
>> will be great!) I can asign local roles to a group, but I can't see
>> groups info in Directories search (but this is a minor problem, so I
>> prefer the stack directory)
> 
> 
> You can use both as for the members directories. The stacking is needed
> on top of the ldap dir to do the dn <-> cn translation of the primary
> key ("id field") and the meta dir can be used to rename name of some
> fields if necessary. The localrole interface should only use the fields
> that are tagged 'id field' and 'title field' in the top level dirs.
>
OK, I set up both directories ab¡nd now I get results from directory
search and from rocal_roles_form (still some search problem, I get all
the groups, the filter doesn't work).

>> objectClass for groups is groupOfUniqueNames. For the roles I wil try
>> same approach (I have something done), but if you have something in mind
>> I will be happy to listen your ideas. Roles objectClass is also
>> groupOfUniqueName.
> 
> 
> Would it be possible to store the uid of the members instead of the dns
> in your groupOfUniqueNames field ?
> 
I don't know if it is posible or not (sorry not a LDAP guru), but
tomorrow I will probe my setup with another LDAP and with an AD.

>>> Needless to say, if you've come to a satisfactory setup, we'd be more
>>> than happy to integrate it in CPSLDAPSetup. 
> 
> 
> There should be an export tab for each directory or better you can use
> the export tab of portal_setup and export the directories, schemas and
> layouts steps.
Are you interested in those files? If yes, where can I send you?

I have another problem, is I try to change a user's preference (ex,
webmail_acount yes/no) I get an error. It seems like CPS is trying to
write in LDAP a ZODB property (I think is something related with
CPSLDAPSetup, but I'm not so sure). Do you know something about that?

Thanks
-- 
Aitzol Naberan Burgaña
CodeSyntax
http://www.codesyntax.com
943 82 17 80

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: OpenPGP digital signature
Url : http://lists.nuxeo.com/pipermail/cps-devel/attachments/20060515/6a4f9179/signature.pgp

More information about the cps-devel mailing list
More information about CPS: CPS project - CVS - API

Hosting: Nuxeo: Zope service provider

This list archive provided by Nuxeo, the leaders of open source ECM. Check out the Nuxeo 5 open source, standards-based ECM project.