[CPS-devel] Re: CPS3.4 + LDAP

Fabrice Robin robin.fabrice at gmail.com
Tue May 16 09:42:46 CEST 2006 

Hi,

You will find in attachment my LDAP setup for members and groups.
These are the settings for an openldap directory with the use of samba and
posix schemas.

With these settings, the CPS groups are the system groups used on the
network.
Any group created through CPS is created in the ZODB (groups_zodb).

Hopes it will help,
Fabrice Robin

2006/5/15, Jean-Marc Orliaguet <jmo at ita.chalmers.se>:
>
> Aitzol Naberan wrote:
> > Olivier Grisel wrote:
> >
> >> Aitzol Naberan a écrit :
> >>
> >>> I can get group_id from the meta directory mapping cn<->group. But it
> >>> have a problem: I can't use local_role interface to asign local roles
> to
> >>> a group. If I use a Stacking Directory (updated doc about directories
> >>> will be great!) I can asign local roles to a group, but I can't see
> >>> groups info in Directories search (but this is a minor problem, so I
> >>> prefer the stack directory)
> >>>
> >> You can use both as for the members directories. The stacking is needed
> >> on top of the ldap dir to do the dn <-> cn translation of the primary
> >> key ("id field") and the meta dir can be used to rename name of some
> >> fields if necessary. The localrole interface should only use the fields
> >> that are tagged 'id field' and 'title field' in the top level dirs.
> >>
> >>
> > OK, I set up both directories ab¡nd now I get results from directory
> > search and from rocal_roles_form (still some search problem, I get all
> > the groups, the filter doesn't work).
> >
> >
> >>> objectClass for groups is groupOfUniqueNames. For the roles I wil try
> >>> same approach (I have something done), but if you have something in
> mind
> >>> I will be happy to listen your ideas. Roles objectClass is also
> >>> groupOfUniqueName.
> >>>
> >> Would it be possible to store the uid of the members instead of the dns
> >> in your groupOfUniqueNames field ?
> >>
> >>
> > I don't know if it is posible or not (sorry not a LDAP guru), but
> > tomorrow I will probe my setup with another LDAP and with an AD.
> >
> >
>
> Hi, could you please publish the files or maybe update the documentation
> for LDAPUserFolderSetup when it works:-) ?. I started working on
> connecting LDAP groups to CPS some months ago and didn't get any farther
> than getting a list of group members.
> thanks
> _______________________________________________
> cps-devel mailing list
> http://lists.nuxeo.com/mailman/listinfo/cps-devel
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.nuxeo.com/pipermail/cps-devel/attachments/20060516/b74f47be/attachment-0001.htm

More information about the cps-devel mailing list
More information about CPS: CPS project - CVS - API

Hosting: Nuxeo: Zope service provider

This list archive provided by Nuxeo, the leaders of open source ECM. Check out the Nuxeo 5 open source, standards-based ECM project.