Hi.
I am evaluating XWiki's LDAP-based authentication capabilities. The
intention is to have a locked-locked-light wiki instance for my group in a
large AD-based corporate environment. The LDAP documentation in xwiki.cfg
clarifies how to map LDAP groups to XWiki groups. However, for ease of ACL
administration, I would like to treat only users belonging to
xwiki.authentication.ldap.group_mapping as "registered" users and the rest of
the users within the corporation as "Guests".
Is there any way of achieving this mapping?
Presently, I have setup LDAP config to authenticate any user within the
corporation using
xwiki.authentication.ldap.user_group=cn=workers,ou=etc.etc.
This causes every user to be treated as a registered user (after successful
authentication of course).
The only work around I can see is to have an AD group (say X) that contains all
the mapped groups specified in xwiki.authentication.ldap.group_mapping, but
that requires X to be updated in sync with changes made to
xwiki.authentication.ldap.group_mapping. If I can avoid the need for setting
and maintaining X, that would be nice.
Thanks,
Milind
_______________________________________________
users mailing list
users@xwiki.org
http://lists.xwiki.org/mailman/listinfo/users
