Hi list, I have merged the ogrisel-directory-references branches on usermanager and directory related projects. The main goal of this branch was to make it possible to store the groups directory on a LDAP server without breaking the SQL default setup.
To do so, I have removed the user2Group and group2Group directories and made the directory able to compute nxs:stringList fields on the fetched entries that hold the ids of the target entries of the referenced directory. Thus the UserManager is no longer in charge of computing the links between users and groups directories. Instead the users entries have a user:groups field with the list of group ids they belong to and groups entries have two new fields: group:subGroups and groups:parentGroups By default, those links are still stored in the user2group and group2group tables but those tables are not part of the groupDirectory definition thanks to the <tableReference /> tags found in the following file: http://svn.nuxeo.org/trac/nuxeo/browser/org.nuxeo.ecm.directory/trunk/sql/resources/default-sql-directories-bundle.xml To read users from an LDAP server, you can thus just deploy the following file: http://svn.nuxeo.org/trac/nuxeo/browser/org.nuxeo.ecm.directory/trunk/ldap/resources/default-ldap-users-directory-bundle.xml This will override the userDirectory definition and use <inverseReference/> tag to compute the values of the user:groups field by using the dualreference on group:members still defined in previous definition for the SQL groupDirectory. If you want to switch to full LDAP for both users and groups you must additionally deploy the following: http://svn.nuxeo.org/trac/nuxeo/browser/org.nuxeo.ecm.directory/trunk/ldap/resources/default-ldap-groups-directory-bundle.xml That will also override the groupDirectory definition and use <ldapReference/> tags to compute the membership relationships directly out of the LDAP content. I have also added a README.txt file at the root of the LDAPDirectory project to help setup a LDAP server: http://svn.nuxeo.org/trac/nuxeo/browser/org.nuxeo.ecm.directory/trunk/ldap/REAMDE.txt WARNING: because user2Group and group2Group are no longer directories I had to remove the 'id' column of the tables user2group and group2group. To upgrade a populated nxsqldirectory DB to the new scheme please follow the instructions included in: http://svn.nuxeo.org/trac/nuxeo/browser/org.nuxeo.ecm.directory/trunk/sql/resources/upgrade-reference-tables.sql If you don't mind loosing your users data, please just delete the matching files in your /opt/jboss/server/default/data/ . Thanks for your attention, -- Olivier _______________________________________________ ECM mailing list [email protected] http://lists.nuxeo.com/mailman/listinfo/ecm
