Bonjour,
Après installation de CPSLDAPSetup 1.0, nous rencontrons un
problème que certains d’entre vous ont déjà eu, mais les nombreux
posts sur le sujet ne nous ont pas permis de nous en tirer.
En résumé, la situation est la suivante (pour beaucoup en référence
à la documentation d’installation):
1- Installation de python-ldap : OK ; Test par « import Ldap
» : OK
2- Installation OK dans Products de CPSLDAPSetup, dans sa
version proposée par Philippe BONNARDEL le 30/05/2006 (merci
beaucoup au passage, cela rend vraiment service !)
3- Import du profil LDAP SETUP dans portal_setup OK (Par
contre, nous n’avons trouvé nulle part comment importer CPS LDAP
SETUP READONLY PROFILE… Quelqu’un aurait une idée ??)
4- Paramétrage de l’ensemble pour se connecter à notre AD sur
2003 Server : OK. Dans /cps/portal_directories/members_ldap,
l’onglet SEARCH renvoit bien les utilisateurs déclarés dans l’AD.
5- Dans acl_users (CPS User Folder), on positionne Users
directory: login field à sAMAccountName et Users directory:
password field à userPassword. sAMAccountName est par ailleurs
positionné pour LDAP rdn attribute (create) dans
portal_directoiries/members_ldap, pour Field for entry id (dans
portal_directories/members_stack) et pour Field for entry id dans
portal_directories/members
Lors de la connexion au portail avec un utilisateur déclaré dans
l’AD, le message « L'authentification a échoué » est renvoyé, mais
sans erreur.
La connexion au portail avec le compte admin fonctionne, et lorsque
l’on clique sur « Annuaires » / « Membres », l’interrogation ramène
bien tous les utilisateurs définis dans l’AD. Si on en choisit un,
la « fiche » s’ouvre, affichant nom d’utilisateur, nom complet,
etc… Par défaut, son rôle est « Membre ». Si l’on rajoute le rôle «
Administrateur » et que l’on valide, on obtient un message
d’erreur (voir plus bas -Exception Type Key Error).
Par ailleurs, toujours en admin, je cherche à attribuer un droit
sur un espace privé. Pour cela, une fois dans l’espace, je clique
sur droits d’accès. Lorsque je lance une recherche d’utilisateurs,
je constate :
1- Que je retrouve bien mes utilisateurs déclarés dans l’AD, et que
je peux leur assigner des droits sans déclencher d’erreurs.
2- Que les droits attribués aux anciens utilisateurs (c’est-à-dire
avant mise en œuvre de LDAP Setup) sont toujours visibles.
Pourtant, toute tentative de connexion au portail avec ces anciens
comptes échoue (ce qui est normal à priori). N’est-ce pas un peu «
bizarre » ?
En résumé, donc, deux problèmes : impossible d’identifier nos
utilisateurs AD ; Message d’erreur lors du rajout du rôle admin
pour un user.
Merci pour votre aide car l’abondante littérature de posts a été
insuffisante pour nous guider.
Bonne journée,
AM
Site Error Log at /error_log
Exception traceback
Time 2006/12/01 08:58:20.413 GMT+1
User Name (User Id) Admin (Admin)
Request URL http://localhost/cps/cpsdirectory_entry_edit_form
Exception Type KeyError
Exception Value 'CN=Alain MAINAR,OU=Informatique,OU=Utilisateurs
CCML,DC=CCML,DC=local'
Traceback (innermost last):
Module ZPublisher.Publish, line 113, in publish
Module ZPublisher.mapply, line 88, in mapply
Module ZPublisher.Publish, line 40, in call_object
Module Shared.DC.Scripts.Bindings, line 311, in __call__
Module Shared.DC.Scripts.Bindings, line 348, in _bindAndExec
Module Products.CMFCore.FSPageTemplate, line 195, in _exec
Module Products.CMFCore.FSPageTemplate, line 134, in pt_render
Module Products.PageTemplates.PageTemplate, line 104, in pt_render
<FSPageTemplate at /cps/cpsdirectory_entry_edit_form>
Module TAL.TALInterpreter, line 238, in __call__
Module TAL.TALInterpreter, line 281, in interpret
Module TAL.TALInterpreter, line 749, in do_useMacro
Module TAL.TALInterpreter, line 281, in interpret
Module TAL.TALInterpreter, line 457, in do_optTag_tal
Module TAL.TALInterpreter, line 442, in do_optTag
Module TAL.TALInterpreter, line 437, in no_tag
Module TAL.TALInterpreter, line 281, in interpret
Module TAL.TALInterpreter, line 715, in do_condition
Module TAL.TALInterpreter, line 281, in interpret
Module TAL.TALInterpreter, line 749, in do_useMacro
Module TAL.TALInterpreter, line 281, in interpret
Module TAL.TALInterpreter, line 715, in do_condition
Module TAL.TALInterpreter, line 281, in interpret
Module TAL.TALInterpreter, line 457, in do_optTag_tal
Module TAL.TALInterpreter, line 442, in do_optTag
Module TAL.TALInterpreter, line 437, in no_tag
Module TAL.TALInterpreter, line 281, in interpret
Module TAL.TALInterpreter, line 691, in do_loop_tal
Module TAL.TALInterpreter, line 281, in interpret
Module TAL.TALInterpreter, line 457, in do_optTag_tal
Module TAL.TALInterpreter, line 442, in do_optTag
Module TAL.TALInterpreter, line 437, in no_tag
Module TAL.TALInterpreter, line 281, in interpret
Module TAL.TALInterpreter, line 691, in do_loop_tal
Module TAL.TALInterpreter, line 281, in interpret
Module TAL.TALInterpreter, line 457, in do_optTag_tal
Module TAL.TALInterpreter, line 442, in do_optTag
Module TAL.TALInterpreter, line 437, in no_tag
Module TAL.TALInterpreter, line 281, in interpret
Module TAL.TALInterpreter, line 715, in do_condition
Module TAL.TALInterpreter, line 281, in interpret
Module TAL.TALInterpreter, line 457, in do_optTag_tal
Module TAL.TALInterpreter, line 442, in do_optTag
Module TAL.TALInterpreter, line 437, in no_tag
Module TAL.TALInterpreter, line 281, in interpret
Module TAL.TALInterpreter, line 691, in do_loop_tal
Module TAL.TALInterpreter, line 281, in interpret
Module TAL.TALInterpreter, line 457, in do_optTag_tal
Module TAL.TALInterpreter, line 442, in do_optTag
Module TAL.TALInterpreter, line 437, in no_tag
Module TAL.TALInterpreter, line 281, in interpret
Module TAL.TALInterpreter, line 507, in do_setLocal_tal
Module Products.PageTemplates.TALES, line 221, in evaluate
URL: file:CPSSkins/skins/CPSSkins/cpsskins_main_template_default.pt
Line 41, Column 16
Expression: <PythonExpr isRenderable and content.render_cache
(shield=shield, context_obj=context_obj, enable_esi=enable_esi,
boxedit=boxedit, template=template, options=options)>
Names:
{'container': <CPSDefaultSite at /cps>,
'context': <CPSDefaultSite at /cps>,
'default': <Products.PageTemplates.TALES.Default instance at
0x014E4F08>,
'here': <CPSDefaultSite at /cps>,
'loop': <Products.PageTemplates.TALES.SafeMapping object at
0x04C31468>,
'modules':
<Products.PageTemplates.ZRPythonExpr._SecureModuleImporter instance
at 0x014D84B8>,
'nothing': None,
'options': {'args': ()},
'repeat': <Products.PageTemplates.TALES.SafeMapping object at
0x04C31468>,
'request': <HTTPRequest, URL=http://localhost/cps/
cpsdirectory_entry_edit_form>,
'root': <Application at >,
'template': <FSPageTemplate at /cps/cpsdirectory_entry_edit_form>,
'traverse_subpath': [],
'user': <User 'Admin'>}Module Products.PageTemplates.ZRPythonExpr,
line 47, in __call__
__traceback_info__: isRenderable and content.render_cache
(shield=shield, context_obj=context_obj, enable_esi=enable_esi,
boxedit=boxedit, template=template, options=options)
Module Python expression "isRenderable and content.render_cache
(shield=shield, context_obj=context_obj, enable_esi=enable_esi,
boxedit=boxedit, template=template, options=options)", line 1, in
<expression>
Module Products.CPSSkins.PortalBoxGroup, line 315, in render_cache
Module Products.CPSSkins.PortalBoxGroup, line 259, in render
Module Products.CPSPortlets.CPSPortlet, line 495, in render_cache
Module Products.CPSDocument.CPSDocument, line 68, in render
Module Products.CPSDocument.FlexibleTypeInformation, line 753, in
renderObject
Module Products.CPSDocument.FlexibleTypeInformation, line 715, in
_renderLayouts
Module Products.CPSSchemas.Layout, line 391, in renderLayoutStructure
Module Products.CPSSchemas.BasicWidgets, line 2135, in render
Module Products.CPSPortlets.PortletWidgets.MainContentWidget, line
27, in renderMainContent
Module Products.CMFCore.FSPageTemplate, line 134, in pt_render
Module Products.PageTemplates.PageTemplate, line 104, in pt_render
<FSPageTemplate at /cps/cpsdirectory_entry_edit_form>
Module TAL.TALInterpreter, line 238, in __call__
Module TAL.TALInterpreter, line 281, in interpret
Module TAL.TALInterpreter, line 749, in do_useMacro
Module TAL.TALInterpreter, line 281, in interpret
Module TAL.TALInterpreter, line 457, in do_optTag_tal
Module TAL.TALInterpreter, line 442, in do_optTag
Module TAL.TALInterpreter, line 437, in no_tag
Module TAL.TALInterpreter, line 281, in interpret
Module TAL.TALInterpreter, line 772, in do_defineSlot
Module TAL.TALInterpreter, line 281, in interpret
Module TAL.TALInterpreter, line 507, in do_setLocal_tal
Module Products.PageTemplates.TALES, line 221, in evaluate
URL: file:CPSDirectory/skins/cps_directory/
cpsdirectory_entry_edit_form.pt
Line 25, Column 2
Expression: <PythonExpr dir.renderEditEntryDetailed(id,
request=edit_request)>
Names:
{'container': <CPSDefaultSite at /cps>,
'context': <CPSDefaultSite at /cps>,
'default': <Products.PageTemplates.TALES.Default instance at
0x014E4F08>,
'here': <CPSDefaultSite at /cps>,
'loop': <Products.PageTemplates.TALES.SafeMapping object at
0x04B02850>,
'modules':
<Products.PageTemplates.ZRPythonExpr._SecureModuleImporter instance
at 0x014D84B8>,
'nothing': None,
'options': {'args': ()},
'repeat': <Products.PageTemplates.TALES.SafeMapping object at
0x04B02850>,
'request': <HTTPRequest, URL=http://localhost/cps/
cpsdirectory_entry_edit_form>,
'root': <Application at >,
'template': <FSPageTemplate at /cps/cpsdirectory_entry_edit_form>}
Module Products.PageTemplates.ZRPythonExpr, line 47, in __call__
__traceback_info__: dir.renderEditEntryDetailed(id,
request=edit_request)
Module Python expression "dir.renderEditEntryDetailed(id,
request=edit_request)", line 1, in <expression>
Module Products.CPSDirectory.BaseDirectory, line 617, in
renderEditEntryDetailed
Module Products.CPSSchemas.DataModel, line 337, in _commit
Module Products.CPSSchemas.DataModel, line 363, in _commitData
Module Products.CPSSchemas.StorageAdapter, line 144, in setData
Module Products.CPSDirectory.MetaDirectory, line 688, in _setData
Module Products.CPSDirectory.BaseDirectory, line 513, in _editEntry
Module Products.CPSSchemas.DataModel, line 337, in _commit
Module Products.CPSSchemas.DataModel, line 363, in _commitData
Module Products.CPSSchemas.StorageAdapter, line 144, in setData
Module Products.CPSDirectory.StackingDirectory, line 442, in _setData
Module Products.CPSDirectory.BaseDirectory, line 502, in _editEntry
Module Products.CPSDirectory.BaseDirectory, line 898, in _getDataModel
Module Products.CPSSchemas.DataModel, line 263, in _fetch
Module Products.CPSDirectory.LDAPBackingDirectory, line 968, in
getData
Module Products.CPSDirectory.LDAPBackingDirectory, line 496, in
_getEntryFromLDAP
KeyError: 'CN=Alain MAINAR,OU=Informatique,OU=Utilisateurs
CCML,DC=CCML,DC=local'
Display traceback as text
REQUEST
form
widget__title 'MR'
widget__cpsGroups []
widget__sn 'MAINAR'
widget__postalAddress ''
widget__telephoneNumber ''
widget__email '[EMAIL PROTECTED]'
widget__userPassword '<password obscured>'
widget__fullname 'Alain MAINAR'
widget__ou ''
widget__o ''
widget__givenName 'ALAIN'
dirname 'members'
id 'a.mainar'
cpsdirectory_entry_edit_form 'Enregistrer'
widget__cpsRoles ['Member', 'Manager']
cookies
tree-s 'eJzTyCkw5NLIKTDiClZ3hANXW3WuAmOuxEQ9AIOOB9Q'
__ac_name 'Admin'
_ZopeId '72567993A2nkFdCnHe4'
lazy items
SESSION <bound method SessionDataManager.getSessionData of
<SessionDataManager at /session_data_manager>>
other
cpsdirectory_entry_edit_form 'Enregistrer'
_ec_cache {78061360: <Products.PageTemplates.TALES.Context instance
at 0x04A5F350>}
PATH_INFO '/cps/cpsdirectory_entry_edit_form'
AcceptCharset <Products.Localizer.Accept.AcceptCharset instance at
0x04583058>
dirname 'members'
id 'a.mainar'
_oai_cache {78061360: <Products.CMFCore.ActionInformation.oai
instance at 0x04B74648>}
AUTHENTICATED_USER <User 'Admin'>
USER_PREF_LANGUAGES <Products.Localizer.Accept.AcceptLanguage
instance at 0x04A5FF58>
SERVER_URL 'http://localhost'
AUTHENTICATION_PATH ''
traverse_subpath []
cpsskins_base_url '/cps/'
cpsskins_url 'http://localhost/cps/cpsdirectory_entry_edit_form'
cpsskins_effective_theme_page ('default', 'defautCCML')
ACTUAL_URL 'http://localhost/cps/cpsdirectory_entry_edit_form'
URL 'http://localhost/cps/cpsdirectory_entry_edit_form'
cpsskins_cmfactions {'object': [{'url': '/cps/
cpsdirectory_entry_search_form?dirname=members', 'category':
'object', 'id': 'search_entry', 'name':
'cpsdir_label_search_entry'}, {'url': '/cps/
cpsdirectory_entry_create_form?dirname=members', 'category':
'object', 'id': 'new_entry', 'name': 'cpsdir_label_create_entry'},
{'url': '/cps/cpsdirectory_entry_view?dirname=members&id=a.mainar',
'category': 'object', 'id': 'view_entry', 'name':
'cpsdir_label_view_entry'}, {'url': '/cps/
cpsdirectory_entry_edit_form?dirname=members&id=a.mainar',
'category': 'object', 'id': 'edit_entry', 'name':
'cpsdir_label_edit_entry'}, {'url': '/cps/cpsdirectory_entry_delete?
dirname=members&id=a.mainar', 'category': 'object', 'id':
'delete_entry', 'onclick': u"return window.confirm('\xcates-vous
certain ?')", 'name': 'cpsdir_label_delete_entry'}], 'workflow':
[], 'global': [{'category': 'global', 'available': True, 'title':
'action_manage_vocabularies', 'url': 'http://localhost/cps/
vocabularies_manage_form', 'name': 'action_manage_vocabularies',
'visible': True, 'allowed': True, 'id': 'manage_vocabularies',
'permissions': ('Modify portal content',)}, {'category': 'global',
'available': True, 'title': 'Directories', 'url': 'http://localhost/
cps/cpsdirectory_view', 'name': 'Directories', 'visible': True,
'allowed': True, 'id': 'directories', 'permissions': ('View',)},
{'category': 'global', 'available': True, 'title': 'Type
management', 'url': 'http://localhost/cps/cpstypes_list', 'name':
'Type management', 'visible': True, 'allowed': True, 'id':
'typemaker', 'permissions': ('Manage portal',)}, {'category':
'global', 'available': <bound method ActionInfo._checkCondition of
{...}>, 'title': '_action_themes_reconfig_', 'url': 'http://
localhost/cps/cpsskins_themes_reconfig_form', 'name':
'_action_themes_reconfig_', 'visible': True, 'allowed': <bound
method ActionInfo._checkPermissions of {...}>, 'id':
'configThemes', 'permissions': ('View',)}, {'category': 'global',
'available': True, 'title': 'Reconfigure Portal', 'url': 'http://
localhost/cps/config_form', 'name': 'Reconfigure Portal',
'visible': True, 'allowed': True, 'id': 'configPortal',
'permissions': ('Manage portal',)}], 'global_header': [{'category':
'global_header', 'available': True, 'title':
'action_accessibility', 'url': <bound method ActionInfo._getURL of
{...}>, 'name': 'action_accessibility', 'visible': True, 'allowed':
True, 'id': 'accessibility', 'permissions': ('View',)},
{'category': 'global_header', 'available': True, 'title':
'action_print', 'url': <bound method ActionInfo._getURL of {...}>,
'name': 'action_print', 'visible': True, 'allowed': True, 'id':
'print', 'permissions': ('View',)}, {'category': 'global_header',
'available': True, 'title': 'action_advanced_search', 'url': <bound
method ActionInfo._getURL of {...}>, 'name':
'action_advanced_search', 'visible': True, 'allowed': True, 'id':
'advanced_search', 'permissions': ('View',)}, {'category':
'global_header', 'available': True, 'title': 'action_contact',
'url': <bound method ActionInfo._getURL of {...}>, 'name':
'action_contact', 'visible': True, 'allowed': True, 'id':
'contact', 'permissions': ('View',)}], 'document_actions':
[{'category': 'document_actions', 'available': True, 'title': 'RSS
feed', 'url': <bound method ActionInfo._getURL of {...}>, 'name':
'RSS feed', 'visible': True, 'allowed': True, 'id': 'rss',
'permissions': ('View',)}, {'category': 'document_actions',
'available': True, 'title': 'ATOM feed', 'url': <bound method
ActionInfo._getURL of {...}>, 'name': 'ATOM feed', 'visible': True,
'allowed': True, 'id': 'atom', 'permissions': ('View',)}], 'user':
[{'category': 'user', 'available': True, 'title': 'Log out', 'url':
'http://localhost/cps/logout', 'name': 'Log out', 'visible': True,
'allowed': True, 'id': 'logout', 'permissions': ('View',)},
{'category': 'user', 'available': True, 'title':
'action_my_subscriptions', 'url': 'http://localhost/cps/
manage_my_subscriptions_form', 'name': 'action_my_subscriptions',
'visible': True, 'allowed': True, 'id': 'my_subscriptions',
'permissions': ('View My Subscriptions',)}], 'folder':
[{'category': 'folder', 'available': True, 'title':
'action_portlets', 'url': 'http://localhost/cps/
portlet_manage_form', 'name': 'action_portlets', 'visible': True,
'allowed': True, 'id': 'portlets', 'permissions': ('Manage
Portlets',)}]}
cpsskins_language 'fr'
cpsskins_mcat None
PUBLISHED <FSPageTemplate at /cps/cpsdirectory_entry_edit_form>
_localizer_placeful_mc_cache {'Localizer/default': <MessageCatalog
at /cps/Localizer/default>}
TraversalRequestNameStack []
_ts_domain_cache {'default': <LocalizerDomain at /cps/
translation_service/>}
breadcrumb_set [{'url': 'http://localhost/cps/cpsdirectory_view',
'id': 'directories', 'title': u'Annuaires'}, {'url': 'http://
localhost/cps/cpsdirectory_entry_search_form?dirname=members',
'id': 'directories', 'title': u'Membres'}]
AcceptLanguage <Products.Localizer.Accept.AcceptLanguage instance
at 0x04A5FF58>
_translation_service_cache <PlacefulTranslationService at /cps/
translation_service used for /cps/portal_layouts/search_portlet/
w__search>
URL0 http://localhost/cps/cpsdirectory_entry_edit_form
URL1 http://localhost/cps
URL2 http://localhost
BASE0 http://localhost
BASE1 http://localhost
BASE2 http://localhost/cps
BASE3 http://localhost/cps/cpsdirectory_entry_edit_form
environ
HTTP_COOKIE '__ac_name="Admin"; _ZopeId="72567993A2nkFdCnHe4";
__ac="QWRtaW46IWFkbWluKiRkb2Muag%3D%3D"; tree-
s="eJzTyCkw5NLIKTDiClZ3hANXW3WuAmOuxEQ9AIOOB9Q"'
SERVER_SOFTWARE 'Zope/(Zope 2.9.0, python 2.4.2, win32) ZServer/1.1
CPS/3.4'
SCRIPT_NAME ''
REQUEST_METHOD 'POST'
PATH_INFO '/cps/'
SERVER_PROTOCOL 'HTTP/1.1'
channel.creation_time 1164959899
CONNECTION_TYPE 'Keep-Alive'
HTTP_USER_AGENT 'Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1;
SV1; .NET CLR 1.1.4322; InfoPath.1)'
HTTP_REFERER 'http://localhost/cps/cpsdirectory_entry_edit_form?
dirname=members&id=a.mainar'
SERVER_NAME 'amainar.CCML.local'
REMOTE_ADDR '127.0.0.1'
PATH_TRANSLATED '\\cps'
SERVER_PORT '80'
CONTENT_LENGTH '1958'
HTTP_HOST 'localhost'
HTTP_CACHE_CONTROL 'no-cache'
HTTP_ACCEPT 'image/gif, image/x-xbitmap, image/jpeg, image/pjpeg,
application/x-shockwave-flash, application/vnd.ms-excel,
application/vnd.ms-powerpoint, application/msword, */*'
GATEWAY_INTERFACE 'CGI/1.1'
HTTP_ACCEPT_LANGUAGE 'fr'
CONTENT_TYPE 'multipart/form-data;
boundary=---------------------------7d635f13120314'
HTTP_ACCEPT_ENCODING 'gzip, deflate'
_______________________________________________
cps-users-fr
Adresse de la liste : [email protected]
Gestion de l'abonnement : <http://lists.nuxeo.com/mailman/listinfo/
cps-users-fr>
