Damian Georgiou a écrit :
Am i correct to say i don't need to change the layout or schema, just
impliment the backing/stacking/meta?
It depends on whether you want the LDAP/AD server to maintain the consistency
between groups and members or if you want CPS to do that. Currently the cross
references in CPSLDAPSetup are maintained thanks to the computed cpsGroups
field in the members schema.
I want all user / group management to occure in LDAP/AD and reflected in CPS
automatically.
No group maintenance to be performed in CPS at all.
Then you should rewrite the schemas to remove the computed fields and use the
storage instead.
apologies for my slowness in grasping this authentication concept. I have it
working in plone fine (different authentication method used) but as plone
doesn't meet our requirements (the critical ones that is). CPS does. I am
determined to win :)
What is the LDAP class your groups use? Is there a groups attribute on each >
user entries on your LDAP, if so which one?
In regards to the user, the objectClass is memberOf (a group).
In regards to the group the objectClass can either be member or uniqueMember.
Then you should adapt the schemas in CPS accordingly for the
LDAPBackingDirectory and the StackingDirectory and you can do field renaming at
the MetaDirectory level to be able to keep the current schema for the toplevel
MetaDirectory for instance.
--
Olivier
_______________________________________________
cps-devel mailing list
http://lists.nuxeo.com/mailman/listinfo/cps-devel
