Thx !
Unfortunately, there's no more explanation of this topics in the Nuxeo Book
(exept 2 paragraphs). I need local user for Nuxeo : I don't want to create new
LDAP user though the Nuxeo interface. Where should i but this readonly
properties if it is correct ?
Here is my LDAP-donfig.xml :
<?xml version="1.0"?>
<component name="lm-ldap-config">
<implementation class="org.nuxeo.ecm.directory.ldap.LDAPDirectoryDescriptor"
/>
<implementation class="org.nuxeo.ecm.directory.ldap.LDAPServerDescriptor" />
<require>org.nuxeo.ecm.directory.ldap.LDAPDirectoryFactory</require>
<!-- the groups SQL directories are required to make this bundle work -->
<require>org.nuxeo.ecm.directory.sql.storage</require>
<extension target="org.nuxeo.ecm.directory.ldap.LDAPDirectoryFactory"
point="servers">
<!-- Configuration of a server connection
A single server declaration can point to a cluster of replicated
servers (using OpenLDAP's slapd + sluprd for instance). To leverage
such a cluster and improve availibility, please provide one
<ldapUrl/> tag for each replica of the cluster.
-->
<server name="default">
<ldapUrl>ldap://cldap1.es.corp.leroymerlin.com:389</ldapUrl>
<!-- Credentials used by Nuxeo5 to browse the directory, create
and modify entries.
Only the authentication of users (bind) use the credentials entered
through the login form if any.
-->
<bindDn>*DATA*</bindDn>
<bindPassword>*DATA*</bindPassword>
</server>
</extension>
<extension target="org.nuxeo.ecm.directory.ldap.LDAPDirectoryFactory"
point="directories">
<directory name="userDirectory">
<server>default</server>
<schema>user</schema>
<idField>username</idField>
<passwordField>password</passwordField>
<searchBaseDn>*DATA*</searchBaseDn>
<searchClass>privPerson</searchClass>
<!-- <searchFilter>*DATA*</searchFilter> -->
<!-- To additionally restricte entries you can add an
arbitrary search filter such as the following:
<searchFilter>(&(sn=toto*)(myCustomAttribute=somevalue))</searchFilter>
Beware that "&" writes "&" in XML.
-->
<!-- use subtree if the people branch is nested -->
<searchScope>subtree</searchScope>
<creationBaseDn>ou=people,dc=example,dc=com</creationBaseDn>
<creationClass>top</creationClass>
<creationClass>person</creationClass>
<creationClass>organizationalPerson</creationClass>
<creationClass>inetOrgPerson</creationClass>
<rdnAttribute>uid</rdnAttribute>
<fieldMapping name="username">uid</fieldMapping>
<fieldMapping name="password">userPassword</fieldMapping>
<fieldMapping name="firstName">givenName</fieldMapping>
<fieldMapping name="lastName">sn</fieldMapping>
<fieldMapping name="company">privDefaultDepartment</fieldMapping>
<fieldMapping name="email">mail</fieldMapping>
<references>
<inverseReference field="groups" directory="groupDirectory"
dualReferenceField="members" />
</references>
</directory>
<!--
<directory name="groupDirectory">
<server>default</server>
<schema>group</schema>
<idField>groupname</idField>
<searchBaseDn>*DATA*</searchBaseDn>
<searchClass>groupOfUniqueNames</searchClass>
<searchScope>subtree</searchScope>
<creationBaseDn>ou=groups,dc=example,dc=com</creationBaseDn>
<creationClass>top</creationClass>
<creationClass>groupOfUniqueNames</creationClass>
<rdnAttribute>cn</rdnAttribute>
<fieldMapping name="groupname">cn</fieldMapping>
<fieldMapping name="members">uniqueMember</fieldMapping>
<fieldMapping name="subGroups">uniqueMember</fieldMapping>
<references>
<ldapReference field="members" directory="userDirectory" />
<ldapReference field="subGroups" directory="groupDirectory" />
<inverseReference field="parentGroups" directory="groupDirectory"
dualReferenceField="subGroups" />
</references>
</directory>
-->
</extension>
<require>org.nuxeo.ecm.platform.usermanager.UserManagerImpl</require>
<extension target="org.nuxeo.ecm.platform.usermanager.UserService"
point="userManager">
<userManager class="org.nuxeo.ecm.platform.usermanager.UserManagerImpl">
<defaultAdministratorId>*DATA*</defaultAdministratorId>
<defaultGroup>members</defaultGroup>
<userSortField>lastName</userSortField>
<userListingMode>search_only</userListingMode>
</userManager>
</extension>
</component>
_______________________________________________
ECM mailing list
[email protected]
http://lists.nuxeo.com/mailman/listinfo/ecm
