Thanks for the responses. There are no security errors on the AD box we are connecting to, and I am fairly confident that isn't the issue (I tested this possibility using a domain admin account as the manager proxy). http://ingeniweb.sourceforge.net/Products/GroupUserFolder/doc/README-LDA P.html seems to indicate in the 'Groups Support Info' section that adding groups should be supported though.
We are interested in this due to the division of roles in our IT shop. The Networking team manages Active Directory, and the web team manages authorization in what will soon be a rather large Plone installation (we will be looking at somewhere near 100 subdirectories with unique permissions). While there are other solutions (request new groups from the NIS team, grant web team users limited access to AD, etc.) it would be a bit more elegant imo to use the zmi - which will be familiar - to manage the groups rather than accessing AD directly. This would seem closest to the default plone behavior, and would simply be swapping out where the users and groups are stored. Christopher Emery Information Technology Services Central Piedmont Community College 704.330.6809 [EMAIL PROTECTED] -----Original Message----- From: Alan Runyan [mailto:[EMAIL PROTECTED] Sent: Friday, April 07, 2006 12:18 PM To: Chris Emery; [email protected] Subject: RE: [Setup] LDAPUserfolder and Active Directory groups management I do not believe that operation is supported. Check your event logs on server to see if your getting a security error. This is probably not a good idea in the long term. Alan _______________________________________________ Setup mailing list [email protected] http://lists.plone.org/mailman/listinfo/setup
