This is want i need to do.
I need to authenticate all users of CPS with LDAP.
I need to manage Groups and Roles within LDAP - This is a requirement from Management as we have around 3000 users.
We have in Active Directory (AD), Users assigned to Groups. Each group is a business unit, ie: IT Services, Human Resources etc
I need to give these AD groups access to business unit specific workspaces.
eg: the IT Services AD group has access to the IT Services Workspace.
Business Units only have access to their workspace and not other business unit workspaces.
Roles need to be set up also using AD. Certain users within a group must have certain Privileges to a workspace.
eg: user called Sam has a Reviewer role, users Bruce, John and James have Member roles and user Kate only has Reader role to the specific workspace / business unit they belong too.
Reader can only read content within the workspace. (not necessary but would be nice to have, providing you can revoke rights)
Member: creates content
Reviewer: Approves/Manages/Publishes content created by members in the Workspace
These roles will be created in AD, though i understand that all users get the Member role unless specified so i only need to create the Reviewer/Manager and Reader Roles?
There will need to be a role type for each business unit also.
What is the mapping between AD and CPS in regards to Groups and Roles. do they need to be the same name or is there a mapping process?
Am i able to give a user from another business unit, access to a specific folder within another business units workspace?
i hope this is achievable
your time is most appreciated
cheers,
_______________________________________________ cps-devel mailing list http://lists.nuxeo.com/mailman/listinfo/cps-devel
