eZ Community » Forums » Suggestions » ldap groups <---> ez groups
expandshrink

ldap groups <---> ez groups

ldap groups <---> ez groups

Wednesday 03 May 2006 10:11:00 pm - 1 reply

Hello,

I have setup Ez Publish with authentication against a ldap server.

I've read I can put a user from ldap in different groups by using a special attribute on the user ('memberof' for example).

That's fine but I think it would also be interesting to use the existing groups defined in ldap by searching in the groups for the use who logs in.
I've experienced a setup of Plone which permits that with the module LDAPUserFolder and it's quite impressive.

How it could work :

1) in the ldap setup :
-configuration of the ldap branch where groups are stored (ou=groups,dc=example,dc=com)
- configuration of some mappings
ldapGrpsToEzGrps["ldap_grp1"] = myEzGrpForLdapGrp1

2) When the user logs in, a search is performed on "ou=groups,dc=example,dc=com" for groups haing an attribute "member" or "uniquemember" equal to the dn of the authenticated user.

If that can be any source of inspiration, here's the python code of LDAPUserFolder.py

http://svn.dataflake.org/filedeta...LDAPUserFolder.py&rev=0&sc=0

Best regards,

Artturi

Saturday 02 December 2006 9:05:34 pm

A reply just for the sake of completeness as the url to this post is mentionned in the Ez 3.9 feature list.

If you're interested by this feature, you'll want to read these posts :

http://ez.no/community/forum/developer/contrib_ldap_group_mappings
http://ez.no/community/forum/deve...h_ldapusermanage_php_on_ldap_contrib

Regards,

Artturi

expandshrink

You must be logged in to post messages in this topic!

36 542 Users on board!

Forums menu

Proudly Developed with from