Re: [CPS-devel] Re: CPS3.4 + LDAP

Tue, 16 May 2006 00:42:52 -0700

Hi,

You will find in attachment my LDAP setup for members and groups.
These are the settings for an openldap directory with the use of samba and posix schemas.

With these settings, the CPS groups are the system groups used on the network.
Any group created through CPS is created in the ZODB (groups_zodb).

Hopes it will help,
Fabrice Robin

2006/5/15, Jean-Marc Orliaguet < [EMAIL PROTECTED]>:
Aitzol Naberan wrote:
> Olivier Grisel wrote:
>
>> Aitzol Naberan a écrit :
>>
>>> I can get group_id from the meta directory mapping cn<->group. But it
>>> have a problem: I can't use local_role interface to asign local roles to
>>> a group. If I use a Stacking Directory (updated doc about directories
>>> will be great!) I can asign local roles to a group, but I can't see
>>> groups info in Directories search (but this is a minor problem, so I
>>> prefer the stack directory)
>>>
>> You can use both as for the members directories. The stacking is needed
>> on top of the ldap dir to do the dn <-> cn translation of the primary
>> key ("id field") and the meta dir can be used to rename name of some
>> fields if necessary. The localrole interface should only use the fields
>> that are tagged 'id field' and 'title field' in the top level dirs.
>>
>>
> OK, I set up both directories ab¡nd now I get results from directory
> search and from rocal_roles_form (still some search problem, I get all
> the groups, the filter doesn't work).
>
>
>>> objectClass for groups is groupOfUniqueNames. For the roles I wil try
>>> same approach (I have something done), but if you have something in mind
>>> I will be happy to listen your ideas. Roles objectClass is also
>>> groupOfUniqueName.
>>>
>> Would it be possible to store the uid of the members instead of the dns
>> in your groupOfUniqueNames field ?
>>
>>
> I don't know if it is posible or not (sorry not a LDAP guru), but
> tomorrow I will probe my setup with another LDAP and with an AD.
>
>

Hi, could you please publish the files or maybe update the documentation
for LDAPUserFolderSetup when it works:-) ?. I started working on
connecting LDAP groups to CPS some months ago and didn't get any farther
than getting a list of group members.
thanks
_______________________________________________
cps-devel mailing list
http://lists.nuxeo.com/mailman/listinfo/cps-devel

_______________________________________________
cps-devel mailing list
http://lists.nuxeo.com/mailman/listinfo/cps-devel

Reply via email to