On 10/30/2013 05:48 PM, Stuart Cracraft wrote:
a trac_admin, which is desired.
But, even more desirable is not having to add my name to the neededGroup
membership
list at all. I.e. it would know my name is part of the neededGroup list
in LDAP.
Is that possible with TRAC? We want to minimize maintenance overhead and
administration chores.
I don't know. I mean, LDAP doesn't have any concept of Trac permissions,
so it's reasonable to presume that you would need to define group
permissions for an LDAP group in Trac. The real question, then is if
Trac can get and apply LDAP group memberships.
So, all that said, I did a google for "Trac LDAP group", and found:
http://trac-hacks.org/wiki/LdapPlugin
Which states:
==
LDAP support with group management has been added as a Trac extension.
This extension enables the use of existing LDAP groups to grant
permissions rather than defining permissions for every single user on
the system.
The latest release also permits storage of permissions (both users and
groups permissions) in the LDAP directory itself rather than in the SQL
backend.
The original proposal for LDAP ACL is documented under ticket trac:#535
on the official web site.
This plugin uses the same license as Trac.
==
So, this apparently not only allows you to use LDAP groups in Trac, but
also invalidates my previous assertion that LDAP doesn't know Trac perms
(see the second paragraph) - apparently they've added some Trac
permissions storage scheme. Very clever.
--
Matthew Caron, Software Build Engineer
Red Lion Controls | www.redlion.net
+1 (518) 877-5173 x138 office
--
You received this message because you are subscribed to the Google Groups "Trac
Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to trac-users+unsubscr...@googlegroups.com.
To post to this group, send email to trac-users@googlegroups.com.
Visit this group at http://groups.google.com/group/trac-users.
For more options, visit https://groups.google.com/groups/opt_out.