Florent Guillaume escribió: > On 18 Jul 2005, at 18:39, Gusti Gonzalez wrote: > >> Gusti Gonzalez escribió: >> >>> Hi, >>> >>> After over a day of looking, and googling, I found no document or mail, >>> or web page describing how to go along to configure CPS to use an LDAP >>> directory. >>> >>> Is there such a resource? >>> >>> There are some comments (in french, that I tried to understand via >>> Babel >>> Fish translator) about using CPSUserFolder or LDAPUserGroupsFolder, and >>> still is not clear to me if I should use CPSUserFolder (with some other >>> product or is self sufficient with LDAP) or LDAPUserGroupsFolder. >>> >>> My requirement would be to use an LDAP directory I already have, where >>> users and groups are already defined. >>> >>> What is the recommended/supported way of doing this? >>> >>> And, how do I set it up? >>> >>> I have managed to configure Plone with LDAPUserFolder. Is the procedure >>> similar with CPS? >>> >>> Any help (or redirection to the appropriate resource) would be greatly >>> appreciated. >>> >>> Best regards, >>> Gusti. >>> >> Hi, >> >> I have done the following: >> >> - Installed the LDAPUserGroupsFolder (ver 2.9.3 downloaded from nuxeo >> svn), in >> portal instance Products directory >> - Deleted my portal site's acl_users folder >> - Added an LDAPUserGroupsFolder at the root of the CPS site >> This in effect created a "acl_users (LDAP User Groups Folder) " >> folder in the >> root of the CPS site. >> >> - Configured the "acl_users (LDAP User Groups Folder) " "Configure" >> tab, much >> like the LDAPUserFolder product. >> >> - When I search for Users, thru the "Users" tab, search, I get the >> list of my >> LDAP users. OK. >> - When I search for Groups, thru the "Groups" tab, search, I get the >> list of >> LDAP Groups, OK. >> - I had no Roles yet in my LDAP server, so I created one. OK. No >> problem so far. >> >> - Then, I logged in to the CPS portal, with the superuser of the >> portal (created >> during setup of the Instance), and I am able to search for the users >> in the >> Directory (Members, Groups, and Roles). They get listed, when >> searched for. >> >> ... But, I can not log in as one of these users. It does not >> authenticate, >> apparently. >> >> What piece am I missing, in this configuration process? > > > Do your users have the Member role ? It's mandatory. > > Probably not related to the problems, but as I've said time and again, > if you install LDAPUserGroupsFolder, you MUST install CMFLDAP too, and > replace the portal_memberdata object with its version. > > Florent > > Florent,
I swear I read ALL threads related to "LDAP" on this newsgroup, and googled the web for "LDAP and CPS", and I did not find any information as the one you are now telling me. Maybe I was not looking in the right places. I apologize for this. Anyway, I have installed the CMFLDAP product. The CMFLDAP installation procedure outline in its INSTALL.txt could not fully be accomplished, as the CMFLDAP.Install complains that this is not a "CMF Site" nor a "Plone Site". Which is correct. It is a "CPS Site". So, I deleted the /cpssite/portal_memberdata object, and added a "CMFLDAP Tools" object. This object asked wheather to install a "LDAP Membership Tool" and/or "LDAP Member data Tool". I only selected the latter, as per your comments above. Should I have added the first one too? Now, I can login with any user in my LDAP directory. Great!. >From this setup (that is: CPSUserFolder, CMFLDAP, LDAPUserGroupsFolder), I have Groups, Users, and Roles (although have not created any yet), in my LDAP directory. The roles I have are the CPS native(builtin) ones. I can assign an LDAP Role to a Zope Role. And, I can assign Users to Groups. I did not find any way of assigning Roles to the LDAP Groups. Is this possible? Gusti. _______________________________________________ cps-users mailing list [email protected] http://lists.nuxeo.com/mailman/listinfo/cps-users
