On Thu, 11 May 2006 20:35:53 +0000, Jamie Bullock wrote: > Does anyone have a script or any advice for exporting Zope users and groups > to an LDIF file?
I have built such a script for a client, though the 'users' and 'groups' that the script works on are workflowable content objects in Plone (similar to the approach used CMFMember). It is then fairly easy to find users and groups in the portal catalog and map then to appropriate LDAP attributes. Writing LDIF to update an existing LDAP repository (rather than just rebuilding it completely) took me quite a while to get right. The script is about 700 LOC (including blank lines & comments) - it is not trivial, unless you are just going to rebuild your LDAP each time. If not using Plone, CMFMemmber, etc. then imagine you could extract users and groups directly out of Zope and use member properties etc to find the LDAP attributes that you need. Let me know if you want me to ask my client to open source a version of the script. They are generally agreeable with that sort of thing. At some stage we may open source the whole project. PS: The aim of my client's project is to have a central staff directory with all staff usernames and passwords, and group/role based authorization info controlled though a single Plone Web interface. For example, I have set up to be qmailGroup objects in LDAP so that mailing lists can be controlled through the web UI when using mail servers that understand the qmail schema. I am also using PAM LDAP to control access to apache 2 and subversion, and using LDAP to control authentication and authorization on other remote Zope servers. _______________________________________________ Zope maillist - Zope@zope.org http://mail.zope.org/mailman/listinfo/zope ** No cross posts or HTML encoding! ** (Related lists - http://mail.zope.org/mailman/listinfo/zope-announce http://mail.zope.org/mailman/listinfo/zope-dev )