As a quick note (I did not look into any details) would you be interested by
https://issues.apache.org/jira/browse/OFBIZ-1689 ?
Jacques
From: "Wicus" <[EMAIL PROTECTED]>
Hi,
Within framework/security/config/jndiLdap.properties one can specify the
LDAP - Active Directory integration with ldap.dn.template=cn=%u,cn=Users
Problem is, this will ONLY work with the Administrator account
Note: Users (which is a system folder) is specified as a cn
whereas custom ou's (ie IT etc) is specified as an ou
To allow this to work with normal users, one can specify via Party Manager
-> Party ID (Details) -> Edit under User Names -> LDAP Distinguished Name
the DN as follows i.e.
cn=Christopher Johnstone,ou=IT,ou=Head Office,dc=OURDOMAIN,dc=co,dc=uk
Note: The %u = ChristopherJ <- the logon username
YET for authentication to work, YOU NEED to specify the FULL NAME
"Christopher Johnstone" !
Can anyone please advice on a variable one can use to forward the FULL NAME
and NOT the USERNAME?
Secondly, as we have OUs for different departments, branches etc, ofbiz
users is spread all across the site, includiing child domains.
I have created a ofbiz OU with a ofbiz group within the ofbiz OU. Then made
all the related users members of this ofbiz group.
This would be a very efficient solution, should I get it to work... The DN
specification I tried is:-
cn=Christopher Johnstone,ou=ofbiz,dc=OURDOMAIN,dc=co,dc=uk
Naturally, user Christopher Johnstone (ChristopherJ) is part of the OFBIZ
group located within the OFBIZ ou.
This does not work for me at present though. Any ideas would be greatly
appreciated.
I hope the addtional notes help others in due time.
Thanks
--
View this message in context:
http://www.nabble.com/LDAP---Active-Directory-tp19217057p19217057.html
Sent from the OFBiz - User mailing list archive at Nabble.com.
