This site has been archived and you can no longer log in or post new messages. For up-to-date community resources please visit

eZ Community » Forums » Suggestions » ldap groups <---> ez groups

ldap groups <---> ez groups

ldap groups <---> ez groups

Wednesday 03 May 2006 10:11:00 pm - 1 reply


I have setup Ez Publish with authentication against a ldap server.

I've read I can put a user from ldap in different groups by using a special attribute on the user ('memberof' for example).

That's fine but I think it would also be interesting to use the existing groups defined in ldap by searching in the groups for the use who logs in.
I've experienced a setup of Plone which permits that with the module LDAPUserFolder and it's quite impressive.

How it could work :

1) in the ldap setup :
-configuration of the ldap branch where groups are stored (ou=groups,dc=example,dc=com)
- configuration of some mappings
ldapGrpsToEzGrps["ldap_grp1"] = myEzGrpForLdapGrp1

2) When the user logs in, a search is performed on "ou=groups,dc=example,dc=com" for groups haing an attribute "member" or "uniquemember" equal to the dn of the authenticated user.

If that can be any source of inspiration, here's the python code of

Best regards,


Saturday 02 December 2006 9:05:34 pm

A reply just for the sake of completeness as the url to this post is mentionned in the Ez 3.9 feature list.

If you're interested by this feature, you'll want to read these posts :




You must be logged in to post messages in this topic!

36 542 Users on board!

Forums menu

Proudly Developed with from