[Setup] problem on plone.app.ldap with plone 4.1.3

Thu, 02 Feb 2012 10:58:45 -0800 

Hi,

I am struggling to get plong.app.ldap working with a new Plone 4.1.3
installation.  It partially works, and I'm trying to understand what I
can do to debug or fix the remaining problem.

Installation details:

- new install of 4.1.3 with Unified installer
- python_ldap-2.4.7
- openldap-2.4.23
- plone.app.ldap 1.2.7 with patch from
        https://github.com/plone/plone.app.ldap/issues/1

The ldap server runs on the same machine (apacheds 1.5.7 on port
10389).  The ldap server has ~270 users in the DIT.

Behavoir:

- Connection of Plone to the ldap server is okay.

- Plone LDAP configuration (ldap-controlpanel) works fine (after the
  patch listed above)

- LDAP Schema mapping is saved including:

      ldap       plone
      uid
      kmail      ->email
      cn         ->fullname
      kURL       ->home_page
      kBiography ->description
      kLocation  ->location

The Main Problem:

   Items in "Personal Information" page (eg.
   /Plone/@@user-information?userid=marshall) are not filled in from
   ldap.  That is, the forms where a user would edit these fields
   {Full Name, E-mail, Home Page, Biography, Location} are blank.  I
   was expecting that these fields would be filled in from ldap.  They
   are blank for both the administrator or a regular user.

   However, when accessing via the ZMI at
   /Plone/acl_users/ldap-plugin/acl_users/manage_workspace and using
   the search function under the "Users" tab, the fields are filled
   in.

The Questions:

   1.) What can I do to trace the source of the problem. Specifically how
   can I debug the code that generates the "Personal Information" page.
   It seems like it should get the same info that the corresponding ZMI
   page uses.

A Comment:

This particular ldap client setup (plone.app.ldap+python-ldap+openlap)
seems to be rather inefficient in terms of communication with the ldap
server (apacheds here).  The ldap server log files show a large number
of transactions per user search including some very unusual filter
definitions.  In fact, I had to check the "many users", "many groups"
boxes because otherwise it took ~1 minute for plone to update the
"users overview" page (/Plone/@@usergroup-userprefs).  It may be due
to plone's idea of the user tree or may be due to plone.app.ldap's
design.

thanks for listening,
Stuart








_______________________________________________
Setup mailing list
[email protected]
https://lists.plone.org/mailman/listinfo/plone-setup

Reply via email to