Personal tools
You are here: Home Products PAS Groups From LDAP
Document Actions

PAS Groups From LDAP

RSS Feed Category: Auth and User Management — Other products by this author
Reads all groups with its titles and members from a LDAP server and provide them as Plone groups.

Current release

No stable release available yet.

Experimental releases

Upcoming and alpha/beta/candidate releases

  • Alpha releases should only be used for testing and development.
  • Beta releases and Release Candidates are normally released for production testing, but should not be used on mission-critical sites.
  • Always install on a separate test server first, and make sure you have proper backups before installing.
PAS Groups From LDAP 1.0 (Beta release 4) Released Apr 25, 2007
Fixed caching of group-objects, value-escaping for ActiveDirectory is now TTW configureable, minor polishings.

Project Description

Project resources

This PAS plugin let you connect to some LDAP-Server. We've tested it with OpenLDAP, Apples OpenDirectory and Microsoft Active Directory.

Groups are read-only, so you cant add new groups from Plone into LDAP. This may be added optional in future.

You dont need any mapping like in LDAPMultiPlugins. It just take all groups from the DN you search in. We're using PASGroupsFromLDAP together with LDAPMultiPlugins. But we disabled all group related plugins of LDAPMultiPlugins

PASGroupsFromLDAP is a multi-plugin supporting the interfaces:

  • IGroupsPlugin (from PluggableAuthService, short PAS)
  • IGroupEnumerationPlugin (from PAS)
  • IGroupIntrospection (from PlonePAS)
  • IPropertiesPlugin (from PAS)

Installation

Latest release or subversion needs those steps:

  • make sure you have python-ldap installed, for example sudo apt-get install python-ldap
  • fetch the generic python module bda.ldap from SVN
  • install it: sudo python setup.py install
  • fetch the Product PASGroupsFromLDAP from SVN or take the latest release.
  • copy it into your Products folder.
  • use quickinstaller and install it.
  • in ZMI YOURPLONE/acl_users/groups_from_ldap/manage you can make your LDAP settings
  • go to the IPropertiesPlugin configuration and make sure groups_from_ldap is on the top.

TODO:

  • refine connection checker, it just check if bind works, nothing else.
  • find out if the query-string escaping feature needed for AD can be enabled for OpenLDAP et al too.
  • set groups_from_ldap in IPropertiesPlugin at top.
  • add a ZMI-add form; at the moment you need to quickinstall it or use generic setup to get the plugin into your acl_users.

Copyright

Authors: Jens Klein jens@bluedynamics.com, Robert Niederreiter robertn@bluedynamics.com, Georg Gogo. Bernhard g.bernhard@akbild.ac.at

Copyright (C) 2007 BlueDynamics Alliance, Klein & Partner KEG, Innsbruck, Austria

License: GNU General Public License Version 2 or later

by Jens W. Klein last modified March 18, 2008 - 07:31

For any issues with the web site functionality, please file a ticket.

Please consult the policy on plone.org content if you want your content published on this site.

Servers and hosting by