Hi Jens, you were right, there was a problem with the way I configured the added attribute in the LDAP Schema tab.. a stupid problem actually. When you add an attribute that does not exist in LDAP and want to use that as a login name attribute, it obviously does not work and zope simply returns "unauthorized". When you add "samAccountName" for the login ID user in Windows Active directory (and LDAP), and you try to login with the wrong password (or non-existing username) zope returns "unauthorized". So far so good. But when you add "samAccountName" for the login ID user in Windows Active directory (and LDAP), and you try to login with a correct username/password combination, zope returns "TypeError len() of unsized object" And when you use the right case in "sAMAccountName" you can login without errors. So my login problem is solved. I was only confused because it "seemed" that the attribute was working when it was not... Thanks for your support. Ria
Message: 9 Date: Mon, 19 Dec 2005 14:12:03 +0000 From: Jens Vagelpohl <jens@dataflake.org> Subject: Re: [Zope] zope and LDAP for authorisation To: Zope Zope list <zope@zope.org> Message-ID: <F65164AD-565F-4902-A373-B914A67C5280@dataflake.org> Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed
On 19 Dec 2005, at 13:59, Marinussen, M.J. (Ria) wrote:
Hi Jens,
I need the full error traceback to help.
The full traceback on: Zope 2.7.2-0, python 2.3.5, win32 LDAPUserFolder 2.6 OpenLDAP 2.3.11
When I type the correct LDAP password I get this error and traceback (otherwise I get an "Unauthorized" error).
Looking at the code this looks like it is a misconfiguration on your part. It looks like the attribute you use as the login attribute has not been added to the attributes shown on the LDAP Schema tab in the ZMI.
jens