eZ Community » Forums » Install & configuration » LDAP GROUP MAPPING



Thursday 19 November 2009 1:25:15 pm - 2 replies

I'm experiencing LDAP Authentification on active directory with eZ Publish.
Authentification part works. The user I use to log-in is well created (using data from LDAP)
in the default eZ Publish group called 'LDAP' that I specified in the configuration
using LDAPUserGroup[]=LDAP.
My problem concerns the different group mapping methods.
I tryed the 3 without success, and I was wondering if it was possible
to setup eZ Publish - LDAP group mapping with ldap objects with that kind of structure :
In our AD, user objects have many entries looking like :
memberOf: CN=CompUsersG,OU=rrr,OU=ppp,OU=ooo,OU=ggg,OU=Unit placeholder,DC=yyy,DC=xxx,DC=aa
memberOf: CN=IctWlanAccessAllG,OU=eee,OU=rrr,OU=ggg,OU=Unit placeholder,DC=yyy,DC=xxx,DC=aa
memberOf: CN=IctXXX,OU=ttt,DC=yyy,DC=xxx,DC=aa
while group objects have many entries looking like :
member: CN=LoginX,OU=aaa,OU=bbb,OU=ccc,OU=ddd,OU=Unit placeholder,DC=eee,DC=fff,DC=aa
member: CN=LoginY,OU=aaa,OU=bbb,OU=ccc,OU=ddd,OU=Unit placeholder,DC=eee,DC=fff,DC=aa
member: CN=LoginZ,OU=aaa,OU=bbb,OU=ccc,OU=ddd,OU=Unit placeholder,DC=eee,DC=fff,DC=aa
In most of the examples I've seen, group names in LDAP are stored in a custom field employeeType containing a single word value. It's not the case in our AD and we don't have the possibility to change its structure.
What I would like to do is to store a user with a memberOf entry like :
CN=CompUsersG,OU=rrr,OU=ppp,OU=ooo,OU=ggg,OU=Unit placeholder,DC=yyy,DC=xxx,DC=aa
in an eZ Publish group called :
1. Is it possible ?
2. Using which mapping method ?
3. How ? suspicious.gif Emoticon
Thanks in advance,

Thursday 19 November 2009 1:46:00 pm

Using the LDAP Debuging, with our AD structure and while using the "UseGroupAttribute" mapping method,
when specifying
at stage 3/5 : 'real authentication of user', we see that eZ Publish sees memberOf as an array :
'memberof' =>
array (
'count' => 3,
0 => 'CN=CompUsersG,OU=rrr,OU=ppp,OU=ooo,OU=ggg,OU=Unit placeholder,DC=yyy,DC=xxx,DC=aa',
1 => 'CN=IctWlanAccessAllG,OU=eee,OU=rrr,OU=ggg,OU=Unit placeholder,DC=yyy,DC=xxx,DC=aa',
2 => 'CN=IctXXX,OU=ttt,DC=yyy,DC=xxx,DC=aa',
if it can helps someone to answer me ..

Friday 20 November 2009 11:25:14 am

Without providing more explanations, can someone just tell me if it is possible plz ? happy.gif Emoticon


You must be logged in to post messages in this topic!

36 542 Users on board!

Forums menu

Proudly Developed with from