List Info

Thread: LDAPUserfolder and Active Directory groups management
LDAPUserfolder and Active Directory groups management
user name
 2006-04-07 17:33:01 
As far as I know, Enfold Server has some of the most
sophisticated
Active Directory interaction and we do not support adding
users nor
groups to Active Directory.  There are other mechanisms we
provide to
add custom members/groups to Plone.  But manipulating a
canonical
authentication source from the CMS has been requested by any
purchaser
of Enfold Server nor any of our clients at Enfold Systems
have asked
for. 

If other people have this use case I would love to hear
about it.  None
of our clients would allow us to write to Active Directory.

Cheers,
Alan Runyan 

> -----Original Message-----
> From: setup-bounceslists.plone.org 
> [mailto:setup-bounceslists.plone.org] On Behalf
Of Chris Emery
> Sent: Friday, April 07, 2006 11:54 AM
> To: setuplists.plone.org
> Subject: RE: [Setup] LDAPUserfolder and Active
Directory 
> groups management
> 
> Thanks for the responses. 
> 
> There are no security errors on the AD box we are
connecting 
> to, and I am fairly confident that isn't the issue (I
tested 
> this possibility using a domain admin account as the
manager proxy).
> http://ingeniweb.sourceforge.net/Products/GroupUse
rFolder/doc/
> README-LDA
> P.html seems to indicate in the 'Groups Support Info'
section 
> that adding groups should be supported though.
> 
> We are interested in this due to the division of roles
in our IT shop.
> The Networking team manages Active Directory, and the
web 
> team manages authorization in what will soon be a
rather 
> large Plone installation (we will be looking at
somewhere 
> near 100 subdirectories with unique permissions). 
> 
> While there are other solutions (request new groups
from the 
> NIS team, grant web team users limited access to AD,
etc.) it 
> would be a bit more elegant imo to use the zmi - which
will 
> be familiar - to manage the groups rather than
accessing AD 
> directly. This would seem closest to the default plone 
> behavior, and would simply be swapping out where the
users 
> and groups are stored.
> 
> Christopher Emery
> Information Technology Services
> Central Piedmont Community College
> 704.330.6809
> chris.emerycpcc.edu
> 
> -----Original Message-----
> From: Alan Runyan [mailto:alanenfoldsystems.com]
> Sent: Friday, April 07, 2006 12:18 PM
> To: Chris Emery; setuplists.plone.org
> Subject: RE: [Setup] LDAPUserfolder and Active
Directory 
> groups management
> 
> I do not believe that operation is supported.
> Check your event logs on server to see if your getting
a 
> security error.
> 
> This is probably not a good idea in the long term.
> 
> Alan
>  
> _______________________________________________
> Setup mailing list
> Setuplists.plone.org
> http://
lists.plone.org/mailman/listinfo/setup
> 
_______________________________________________
Setup mailing list
Setuplists.plone.org
http://
lists.plone.org/mailman/listinfo/setup
[1]

about | contact  Other archives ( Real Estate discussion Medical topics )