Hi guys, I'm working on a zope3 application at present, and have configured the default site via the ZMI with a pluggable authentication utility which is using ldappas and ldapadapter to authenticate against my OpenLDAP server. I can successfully search for, and grant users within my LDAP directory roles, however the "group search base" in the ldappas authentication plugin appears to do nothing. For example, my configuration is as follows:
---------- Search base: ou=users,dc=openldap,dc=example,dc=com Search scope: sub Group search base: ou=groups,dc=openldap,dc=example,dc=com Group search scope: sub ---------- I have two groups which exist, and their objectClass type is groupOfNames (or groupOfUniqueNames) - I have tried both... None of the my groups show up in the grant search screen...only users. I've looked inside ldappas\authentication.py at the search method, which has the following two lines which worry me a bit: ---------- res = conn.search(self.searchBase, self.searchScope, filter=filter, attrs=[self.idAttribute]) ---------- It looks like it will only ever search for users as principals, and never groups. This doesn't seem right to me, but then again I might just be doing something wrong. Is anyone able to help me get users and groups working properly so that I can assign roles to both...and if I assign a role to a group, have all members of that group "inherit" the role. I am a bit new to all of this, so I may not have explained myself too well... Thank you! Chris Stoyles
_______________________________________________ Zope3-users mailing list Zope3-users@zope.org http://mail.zope.org/mailman/listinfo/zope3-users