Hi ysusanto... since you are now able to access details from AD, you need to setup groups in Plone, and assign AD accounts to that new group… then, you set the permissions on a Plone folder, and make the contents only accessible to members of that new Plone group…
Quick steps: CREATING NEW GROUP | ASSIGNING MEMBERS • Open up the Zope Management Interface • In the root of your Plone site, click the acl_users folder • Click the source_groups link • Click the Add a group link (next to current groups) • Give the new group an ID, Title and Description o ID: ExecGroup o Title: Executive Group o Description: This group contains members of the executive staff • Click on the ExecGroup link (now listed under Current Groups) • Click the Assign link (next to the group name at the top) • Under Principle ID, type the name of the person you want to add to the group, and click Search • The name should show up in the Available list • Click the name, and then click the arrow pointing to the right to drop the name in the Active group • Repeat this process until all the executive members are in the new ExecGroup CREATING NEW FOLDER | ASSIGING GROUP TO FOLDER • Login to your Plone site through the browser (as an admin) • Create a new folder off the root of the site • Give the folder a title and description • Once the folder is created, leave the State as Private, but click on the Sharing (light green tab) • Under Search for user or group, type the name of the ExecGroup name and Search • The new group should show up under Logged-in users • Check the Can view, Can review, etc. checkboxes in the ExecGroup row, and click Save (leave the inherit permissions box checked) Now when your employees that are in the ExecGroup login to the plone site, they will be the only ones who can see/access that folder. Post all those sensitive materials etc. in that new folder, and you should be set! hope that helps! steve ysusanto wrote: > > Hi all, > > I am using Plone 3.0.5 and PloneLDAP. > > I've managed to create local group and put members into it. I can search > my ldap users and assign them to the group. > > What i can't do is assigning my custom roles to that group. for example. > > I created a group called HRD, I put HR staff to that group. I have a role > named HRDRole. > I would like to give that role to HRD group. > At the /acl_users/portal_role_manager, i can only assign user to roles. I > can't assign group to that role. > > I hope someone can help me with this. desperately need this to work. > > Thanks before for any responses. > > Cheers, > Joel > > > > -- View this message in context: http://www.nabble.com/Assigning-role-to-group-tp15475861s15482p15480783.html Sent from the Installation, Setup, Upgrades mailing list archive at Nabble.com. _______________________________________________ Setup mailing list [email protected] http://lists.plone.org/mailman/listinfo/setup
