Title: RE: [Zope-PAS] groups/roles and PAS
Ben, you are awesome - I really struggled with this!

One thing to note, after following your directions I got an error after
the new role-type tried to add content, even though permissions seemed
high enough in the folderish object, I had to adjust the privies up on
the portal_workflows (workflows>plone_workflow>published (and
It seems because we adjusted out workflow so docs go straight to
"published", the default permissions in the workflows had to be adjusted
as well.
All so simple, why couldn't I figure this one out?
Andy Mrozkowski

From: Ben Mason [mailto:[EMAIL PROTECTED]
Sent: Wed 7/19/2006 5:38 PM
To: Mrozkowski, Andy; zope-pas@zope.org
Subject: RE: [Zope-PAS] groups/roles and PAS


Add the role using the role manager plugin within PAS as well as the
security tab on the plone root.

You should then be able to map these roles within the LDAP Multi Plugin.


-----Original Message-----
Behalf Of Mrozkowski, Andy
Sent: 19 July 2006 18:22
To: zope-pas@zope.org
Subject: [Zope-PAS] groups/roles and PAS

I have searched and posted in plone-users and I can't find an answer to
this question on using PAS and ldap:
How do you add custom zope roles, and then map them to ldap groups?

I work in a university setting and have the need for finer grained


Plone 2.5
Zope 2.8.7
python 2.3.5
ldapUserfolder 2.7 beta
ldapMultiPlugins 1.2
Fedora Core 4 server @ http://thewell.mhc.edu

I have an acl_users folder (PAS) in my Plone site and inside that, I
have an LDAPMultiPlugin. Inside the plug-in is an LDAPUserFolder. I feel
that it is configured correctly because all my domain un/pw's work, and
I can search for users and list all my groups.

I figured out that it is preferable to map my LDAP groups to Zope roles
by using the portal_role_manager, and it is working - as long as I use
the built-in Zope roles.

My requirement is to add custom roles within Zope and map my LDAP roles
to those.

In the past I added custom roles from the security tab at the root of my
Plone site. This method does not seem to work anymore. What is the
preferred method of adding custom Zope roles and mapping them to LDAP

Zope-PAS mailing list

Reply via email to