Mario Olimpio de Menezes a écrit : > ok, I did this; now I suppose my ldap directory (members) will be used only in > read-only mode. > > How do I setup default role 'Member' for every authenticated user? Couldn't > find where/how to setup this. Right on time: I have just checked that in the current revision of the CPSLDASetup product : http://svn.nuxeo.org/trac/pub/changeset/34732 > Only problem now is how to enable Ldap users to login into CPS Portal. This is due to a bug in CPS 3.4 that has been fixed in the trunk: http://svn.nuxeo.org/trac/pub/ticket/1560 http://svn.nuxeo.org/trac/pub/changeset/34693 > I can search Directories for members; this working, so I suppose my connection > to ldap server is ok, at least for search. > > I couldn't understand how to store roles/groups on ZODB instead of ldap > server. This is the case by default. The roles/groups are stored in ZODBDirectories. Only the members_ldap dir points to the LDAP server. Cross references between dirs are achieved thanks to read/write expr in the members schema (crossGetList/crossSetList). > Nobody can login except Zope admin! When I try to define roles for some user, > I get an error because I can't write to the ldap server and I don't know how > to define another backing for roles/groups. You should use the roles directory to add roles to users. The members dir should be read-only in your setup now. -- Olivier
Hosting: Nuxeo: Zope service provider