I meant Olivier Grisel. I don't see any response from Olivier Adams in this
thread (except in your most recent post, Olivier Grisel). Where did you see
Olivier Adams' post? I am looking at this thread, where your post just ended
up and where I'm responding:
http://www.nuxeo.org/discussions/thread.jspa?threadID=971
In any case, I replaced my entire references section in
default-ldap-groups-directory-bundle.xml with Olivier Adams' suggested
configuration, uploaded to my server, restarted JBoss, and still I'm having the
same problems. To Olivier Adams' statement about member vs. memberOf in the
groups schema, the members of a group are in fact listed with the member
attribute and not memberOf. In a user schema, the groups to which a user
belongs are listed with memberOf attributes.
I will provide you a restatement of the application behaviors as they currently
stand followed by the current versions of my config files with all suggested
changes incorporated.
APPLICATION BEHAVIORS (what's working, what's not, and all error messages I
could find from the browser).
1) I can successfully log in with an AD user.
2) If I go to "Members management" and I search for * I can successfully list
all users from my AD.
3) If I click on a user in that list, under the "View" tab I can successfully
see the AD groups to which that user belongs listed after "Groups for this
user".
4) If I click the "Edit" tab for that user, I get the following Tomcat error:
+HTTP Status 404 -
/nuxeo/nxdoc/default/67c235ba-e6f9-4f93-badf-ce298b86b75b/edit_user+
+--------------------------------------------------------------------------------+
+type Status report+
+message /nuxeo/nxdoc/default/67c235ba-e6f9-4f93-badf-ce298b86b75b/edit_user+
+description The requested resource
(/nuxeo/nxdoc/default/67c235ba-e6f9-4f93-badf-ce298b86b75b/edit_user) is not
available.+
+--------------------------------------------------------------------------------+
+Apache Tomcat/5.5.20+
5) If I click the Groups tab and search for Domain Admins, it comes back
without an error but the one result found shows a group name comes back as
"null". If I click on the "null", I get the following Nuxeo error (not Tomcat,
this one has a Nuxeo logo):
+An error occurred+
+???java.lang.NullPointerException???+
+Back+
+Change Username+
+Show Stacktrace+
If I show the stacktrace, here's the result:
+javax.servlet.ServletException Exception: java.lang.NullPointerException.
message: null javax.faces.webapp.FacesServlet.service(FacesServlet.java:256)
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252)
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
org.apache.myfaces.webapp.filter.ExtensionsFilter.doFilter(ExtensionsFilter.java:100)
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
org.apache.myfaces.webapp.filter.ExtensionsFilter.doFilter(ExtensionsFilter.java:147)
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
org.jboss.seam.servlet.SeamRedirectFilter.doFilter(SeamRedirectFilter.java:32)
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl._invokeDoFilter(TrinidadFilterImpl.java:209)
org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl._doFilterImpl(TrinidadFilterImpl.java:166)
org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl.doFilter(TrinidadFilterImpl.java:139)
org.apache.myfaces.trinidad.webapp.TrinidadFilter.doFilter(TrinidadFilter.java:92)
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
org.ajax4jsf.framework.ajax.xmlfilter.BaseXMLFilter.doXmlFilter(BaseXMLFilter.java:96)
org.ajax4jsf.framework.ajax.xmlfilter.BaseFilter.doFilter(BaseFilter.java:220)
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
org.nuxeo.ecm.platform.ui.web.rest.FancyURLFilter.doFilter(FancyURLFilter.java:115)
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
org.nuxeo.ecm.platform.ui.web.auth.NuxeoAuthenticationFilter.doFilter(NuxeoAuthenticationFilter.java:414)
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
org.nuxeo.ecm.platform.ui.web.shield.NuxeoExceptionFilter.doFilter(NuxeoExceptionFilter.java:104)
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
org.jboss.seam.servlet.SeamExceptionFilter.doFilter(SeamExceptionFilter.java:46)
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178)
org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:175)
org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:74)
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
org.jboss.web.tomcat.tc5.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:156)
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869)
org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:664)
org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)
org.apache.tomcat.util.net.MasterSlaveWorkerThread.run(MasterSlaveWorkerThread.java:112)
java.lang.Thread.run(Thread.java:595) org.nuxeo.ecm.core.api.WrappedException
Exception: java.lang.NullPointerException. message: null
org.nuxeo.ecm.webapp.security.GroupManagerActionsBean.refreshGroup(GroupManagerActionsBean.java:177)
org.nuxeo.ecm.webapp.security.GroupManagerActionsBean.viewGroup(GroupManagerActionsBean.java:158)
org.nuxeo.ecm.webapp.security.GroupManagerActionsBean$$FastClassByCGLIB$$e4be0e96.invoke()
net.sf.cglib.proxy.MethodProxy.invoke(MethodProxy.java:149)
org.jboss.seam.intercept.RootInvocationContext.proceed(RootInvocationContext.java:45)
org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:55)
org.jboss.seam.interceptors.OutcomeInterceptor.interceptOutcome(OutcomeInterceptor.java:21)
sun.reflect.GeneratedMethodAccessor147.invoke(Unknown Source)
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
java.lang.reflect.Method.invoke(Method.java:585)
org.jboss.seam.util.Reflections.invoke(Reflections.java:18)
org.jboss.seam.intercept.Interceptor.aroundInvoke(Interceptor.java:169)
org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:64)
org.jboss.seam.interceptors.RollbackInterceptor.rollbackIfNecessary(RollbackInterceptor.java:29)
sun.reflect.GeneratedMethodAccessor146.invoke(Unknown Source)
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
java.lang.reflect.Method.invoke(Method.java:585)
org.jboss.seam.util.Reflections.invoke(Reflections.java:18)
org.jboss.seam.intercept.Interceptor.aroundInvoke(Interceptor.java:169)
org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:64)
org.jboss.seam.interceptors.BijectionInterceptor.bijectNonreentrantComponent(BijectionInterceptor.java:89)
org.jboss.seam.interceptors.BijectionInterceptor.bijectComponent(BijectionInterceptor.java:68)
sun.reflect.GeneratedMethodAccessor149.invoke(Unknown Source)
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
java.lang.reflect.Method.invoke(Method.java:585)
org.jboss.seam.util.Reflections.invoke(Reflections.java:18)
org.jboss.seam.intercept.Interceptor.aroundInvoke(Interceptor.java:169)
org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:64)
org.jboss.seam.interceptors.ConversationInterceptor.endOrBeginLongRunningConversation(ConversationInterceptor.java:52)
sun.reflect.GeneratedMethodAccessor145.invoke(Unknown Source)
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
java.lang.reflect.Method.invoke(Method.java:585)
org.jboss.seam.util.Reflections.invoke(Reflections.java:18)
org.jboss.seam.intercept.Interceptor.aroundInvoke(Interceptor.java:169)
org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:64)
org.jboss.seam.interceptors.MethodContextInterceptor.aroundInvoke(MethodContextInterceptor.java:27)
sun.reflect.GeneratedMethodAccessor144.invoke(Unknown Source)
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
java.lang.reflect.Method.invoke(Method.java:585)
org.jboss.seam.util.Reflections.invoke(Reflections.java:18)
org.jboss.seam.intercept.Interceptor.aroundInvoke(Interceptor.java:169)
org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:64)
org.jboss.seam.interceptors.ExceptionInterceptor.handleExceptions(ExceptionInterceptor.java:39)
sun.reflect.GeneratedMethodAccessor143.invoke(Unknown Source)
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
java.lang.reflect.Method.invoke(Method.java:585)
org.jboss.seam.util.Reflections.invoke(Reflections.java:18)
org.jboss.seam.intercept.Interceptor.aroundInvoke(Interceptor.java:169)
org.jboss.seam.intercept.SeamInvocationContext.proceed(SeamInvocationContext.java:64)
org.jboss.seam.intercept.RootInterceptor.createSeamInvocationContext(RootInterceptor.java:144)
org.jboss.seam.intercept.RootInterceptor.invokeInContexts(RootInterceptor.java:129)
org.jboss.seam.intercept.RootInterceptor.invoke(RootInterceptor.java:102)
org.jboss.seam.intercept.JavaBeanInterceptor.interceptInvocation(JavaBeanInterceptor.java:145)
org.jboss.seam.intercept.JavaBeanInterceptor.intercept(JavaBeanInterceptor.java:80)
org.nuxeo.ecm.webapp.security.GroupManagerActionsBean$$EnhancerByCGLIB$$4e830446.viewGroup()
sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
java.lang.reflect.Method.invoke(Method.java:585)
com.sun.el.parser.AstValue.invoke(AstValue.java:151)
com.sun.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:283)
com.sun.facelets.el.TagMethodExpression.invoke(TagMethodExpression.java:68)
javax.faces.component.MethodBindingMethodExpressionAdapter.invoke(MethodBindingMethodExpressionAdapter.java:77)
com.sun.faces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:91)
javax.faces.component.UICommand.broadcast(UICommand.java:383)
javax.faces.component.UIData.broadcast(UIData.java:854)
org.ajax4jsf.framework.ajax.AjaxViewRoot.processEvents(AjaxViewRoot.java:180)
org.ajax4jsf.framework.ajax.AjaxViewRoot.broadcastEvents(AjaxViewRoot.java:158)
org.ajax4jsf.framework.ajax.AjaxViewRoot.processApplication(AjaxViewRoot.java:329)
com.sun.faces.lifecycle.InvokeApplicationPhase.execute(InvokeApplicationPhase.java:97)
com.sun.faces.lifecycle.LifecycleImpl.phase(LifecycleImpl.java:251)
com.sun.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:117)
javax.faces.webapp.FacesServlet.service(FacesServlet.java:244)
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252)
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
org.apache.myfaces.webapp.filter.ExtensionsFilter.doFilter(ExtensionsFilter.java:100)
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
org.apache.myfaces.webapp.filter.ExtensionsFilter.doFilter(ExtensionsFilter.java:147)
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
org.jboss.seam.servlet.SeamRedirectFilter.doFilter(SeamRedirectFilter.java:32)
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl._invokeDoFilter(TrinidadFilterImpl.java:209)
org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl._doFilterImpl(TrinidadFilterImpl.java:166)
org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl.doFilter(TrinidadFilterImpl.java:139)
org.apache.myfaces.trinidad.webapp.TrinidadFilter.doFilter(TrinidadFilter.java:92)
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
org.ajax4jsf.framework.ajax.xmlfilter.BaseXMLFilter.doXmlFilter(BaseXMLFilter.java:96)
org.ajax4jsf.framework.ajax.xmlfilter.BaseFilter.doFilter(BaseFilter.java:220)
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
org.nuxeo.ecm.platform.ui.web.rest.FancyURLFilter.doFilter(FancyURLFilter.java:115)
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
org.nuxeo.ecm.platform.ui.web.auth.NuxeoAuthenticationFilter.doFilter(NuxeoAuthenticationFilter.java:414)
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
org.nuxeo.ecm.platform.ui.web.shield.NuxeoExceptionFilter.doFilter(NuxeoExceptionFilter.java:104)
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
org.jboss.seam.servlet.SeamExceptionFilter.doFilter(SeamExceptionFilter.java:46)
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178)
org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:175)
org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:74)
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
org.jboss.web.tomcat.tc5.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:156)
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869)
org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:664)
org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)
org.apache.tomcat.util.net.MasterSlaveWorkerThread.run(MasterSlaveWorkerThread.java:112)
java.lang.Thread.run(Thread.java:595)+
6) If I click back, then try searching on the groups for * (as I did in Users
to get a list of all users), I get the following error:
+HTTP Status 404 -
/nuxeo/nxdoc/default/67c235ba-e6f9-4f93-badf-ce298b86b75b/view_groups+
+--------------------------------------------------------------------------------+
+type Status report+
+message /nuxeo/nxdoc/default/67c235ba-e6f9-4f93-badf-ce298b86b75b/view_groups+
+description The requested resource
(/nuxeo/nxdoc/default/67c235ba-e6f9-4f93-badf-ce298b86b75b/view_groups) is not
available.+
+--------------------------------------------------------------------------------+
+Apache Tomcat/5.5.20+
7) Now, if I click back and try to reproduce the Domain Admins group search, I
get the same Tomcat error and NOT the Nuxeo error I got before...weird. Even
if I go back another page, then come back and just click on the "Groups" tab
under member management, I get the same Tomcat error (without even reaching the
group search page). This error will continue until I log out and log back in,
at which point it will let me back in to the group search page.
*CURRENT XML CONFIGURATION WITH MOST RECENT CHANGES INCLUDED:*
*default-ldap-groups-directory-bundle.xml:*
+<?xml version="1.0"?>+
+<component name="org.nuxeo.ecm.directory.ldap.storage.groups">+
+<implementation+
+class="org.nuxeo.ecm.directory.ldap.LDAPDirectoryDescriptor" />+
+<implementation+
+class="org.nuxeo.ecm.directory.ldap.LDAPServerDescriptor" />+
+<require>org.nuxeo.ecm.directory.ldap.LDAPDirectoryFactory</require>+
+<!-- the groups LDAP directory for users is required to make this bundle
work -->+
+<require>org.nuxeo.ecm.directory.ldap.storage.users</require>+
+<extension target="org.nuxeo.ecm.directory.ldap.LDAPDirectoryFactory"+
+point="directories">+
+<directory name="groupDirectory">+
+<!-- Reuse the default server configuration defined for userDirectory
-->+
+<server>default</server>+
+<schema>group</schema>+
+<idField>sAMAccountName</idField>+
+<searchBaseDn>dc=esperion,dc=com</searchBaseDn>+
+<searchFilter>(objectClass=group)</searchFilter>+
+<searchScope>subtree</searchScope>+
+<readOnly>false</readOnly>+
+<!-- comment <cache* /> tags to disable the cache -->+
+<!-- cache timeout in seconds -->+
+<cacheTimeout>3600</cacheTimeout>+
+<!-- maximum number of cached entries before global invalidation -->+
+<cacheMaxSize>1000</cacheMaxSize>+
+<creationBaseDn>cn=Users,dc=esperion,dc=com</creationBaseDn>+
+<creationClass>top</creationClass>+
+<creationClass>group</creationClass>+
+<rdnAttribute>sAMAccountName</rdnAttribute>+
+<fieldMapping name="groupname">sAMAccountName</fieldMapping>+
+<references>+
+<ldapReference directory="userDirectory" field="groups"
forceDnConsistencyCheck="false" staticAttributeId="member" />+
+<ldapReference directory="groupDirectory" field="subGroups"
forceDnConsistencyCheck="false" staticAttributeId="member" />+
+<inverseReference directory="groupDirectory" dualReferenceField="subGroups"
field="parentGroups" />+
+</references>+
+</directory>+
+</extension>+
+</component>+
*default-ldap-users-directory-bundle.xml*
+<?xml version="1.0"?>+
+<component name="org.nuxeo.ecm.directory.ldap.storage.users">+
+<implementation class="org.nuxeo.ecm.directory.ldap.LDAPDirectoryDescriptor"
/>+
+<implementation class="org.nuxeo.ecm.directory.ldap.LDAPServerDescriptor" />+
+<require>org.nuxeo.ecm.directory.ldap.LDAPDirectoryFactory</require>+
+<!-- the groups SQL directories are required to make this bundle work -->+
+<require>org.nuxeo.ecm.directory.sql.storage</require>+
+<extension target="org.nuxeo.ecm.directory.ldap.LDAPDirectoryFactory"+
+point="servers">+
+<!-- Configuration of a server connection+
+A single server declaration can point to a cluster of replicated+
+servers (using OpenLDAP's slapd + sluprd for instance). To leverage+
+such a cluster and improve availibility, please provide one+
+<ldapUrl/> tag for each replica of the cluster.+
+-->+
+<server name="default">+
+<ldapUrl>ldap://172.16.10.10:3268</ldapUrl>+
+<!-- Optional servers from the same cluster for failover+
+and load balancing:+
+<ldapUrl>ldap://server2:389</ldapUrl>+
+<ldapUrl>ldaps://server3:389</ldapUrl>+
+"ldaps" means TLS/SSL connection.+
+-->+
+<!-- Credentials used by Nuxeo5 to browse the directory, create+
+and modify entries.+
+Only the authentication of users (bind) use the credentials entered+
+through the login form if any.+
+-->+
+<bindDn>cn=adbind,cn=Users,dc=esperion,dc=com</bindDn>+
+<bindPassword>4db1nd.</bindPassword>+
+</server>+
+</extension>+
+<extension target="org.nuxeo.ecm.directory.ldap.LDAPDirectoryFactory"+
+point="directories">+
+<directory name="userDirectory">+
+<server>default</server>+
+<schema>user</schema>+
+<idField>sAMAccountName</idField>+
+<passwordField>password</passwordField>+
+<searchBaseDn>dc=esperion,dc=com</searchBaseDn>+
+<searchClass>person</searchClass>+
+<!-- To additionally restricte entries you can add an+
+arbitrary search filter such as the following:+
+<searchFilter>(&(sn=toto*)(myCustomAttribute=somevalue))</searchFilter>+
+Beware that "&" writes "&" in XML.+
+-->+
+
<searchFilter>(&(&(&(objectClass=organizationalPerson)(!(objectClass=computer)))(sn=*))(!(userAccountControl:1.2.840.113556.1.4.803:=2)))</searchFilter>+
+<!-- use subtree if the people branch is nested -->+
+<searchScope>subtree</searchScope>+
+<!-- using 'subany', search will match *toto*. use 'subfinal' to+
+match *toto and 'subinitial' to match toto*. subinitial is the+
+default behaviour-->+
+<substringMatchType>subany</substringMatchType>+
+<readOnly>false</readOnly>+
+<!-- comment <cache* /> tags to disable the cache -->+
+<!-- cache timeout in seconds -->+
+<cacheTimeout>3600</cacheTimeout>+
+<!-- maximum number of cached entries before global invalidation -->+
+<cacheMaxSize>1000</cacheMaxSize>+
+<creationBaseDn>ou=Users,dc=esperion,dc=com</creationBaseDn>+
+<creationClass>top</creationClass>+
+<creationClass>person</creationClass>+
+<creationClass>organizationalPerson</creationClass>+
+<creationClass>user</creationClass>+
+<rdnAttribute>sAMAccountName</rdnAttribute>+
+<fieldMapping name="username">sAMAccountName</fieldMapping>+
+<fieldMapping name="password">password</fieldMapping>+
+<fieldMapping name="firstName">givenName</fieldMapping>+
+<fieldMapping name="lastName">sn</fieldMapping>+
+<fieldMapping name="company">o</fieldMapping>+
+<fieldMapping name="email">mail</fieldMapping>+
+<references>+
+<!-- <inverseReference field="groups" directory="groupDirectory"+
+dualReferenceField="members" /> -->+
+ <ldapReference directory="userDirectory" field="groups"
forceDnConsistencyCheck="false" staticAttributeId="memberof" />+
+ +
+</references>+
+</directory>+
+</extension>+
+</component>+
_______________________________________________
ECM mailing list
[email protected]
http://lists.nuxeo.com/mailman/listinfo/ecm
