[CPS-devel] Re: RE :Re: RE :Re: CPSLDAPSetup with Windows AD

Thu, 15 Jun 2006 03:23:24 -0700 

RAAD Umar a écrit :


You're right (again) there was an error in this line... The right value should 
have been:

"<property name="ldap_bind_dn">[EMAIL PROTECTED]</property>"
NOT "<property name="ldap_bind_dn">[EMAIL PROTECTED]</property>"


Hum, this is still not a dn.


The members_ldap.xml model provided in this post:
http://svn.nuxeo.org/trac/pub/ticket/1661
is a bit confusing about that (And I get confused)


Ok the sample syntax in that package is misleading.

A dn should be something like:

cn=cps,ou=applications,dc=mysite,dc=net
And this LDAP object should be configured have full access right to the ldap branch of your users. 


Another strange, but good, point is that when I go to manage the users (Users 
from AD) from the CPS interface they're already configured with the member role.


Yes, the Member role is now automatically computed in the members schema.


Now the few problems that I still have with that (2 in fact):

1) In the CPS interface, I log in as cpsadmin and go to "annuaires --> 
membres". There I make a search with * in username. It finds all my AD users and shows 
the infos about the first name, last name and mail address, but it doesn't show the 
usernames???
This is hardcoded to show 'id' in the template which is bad: here is a better version of the template : 

http://svn.nuxeo.org/trac/pub/browser/CPS3/products/CPSDirectory/trunk/skins/cps_directory/getDirectoryResultFields.py



2) When I try to log in with one of the AD users (I checked that he has the member role) 
I receive the good old "L'authentification a échoué" message... In the 
event.log file I have this line :

"2006-06-15T10:43:31 ERROR getUserWithAuthentication Search on uid=cpsuser1 returned 
several entries, confusing authentication rejected"

What's strange about that is that I also have the same log when I try to log in 
as cpsadmin who doesn't exist in AD

"2006-06-15T10:46:00 ERROR getUserWithAuthentication Search on uid=cpsadmin returned 
several entries, confusing authentication rejected"

Any idea about that???
The id_field of your members directory is still set to "uid" instead of sAMAccountName. You should check that in ZMI: portal_directories/members ( portal_directories/members_stack as well). 

--
Olivier

_______________________________________________
cps-devel mailing list
http://lists.nuxeo.com/mailman/listinfo/cps-devel

Reply via email to