Ian, I haven't looked at the source for the NT User Folder product, but creating the SMB User Folder product was a trivial hack on Michel's etcUserFolder product. Maybe... six lines changed. And that was from Linux using a Python SMB library. It would probably be almost as trivial to change the smbUserFolder product to recognize the platform on which it runs. Then in the code, conditionally import modules (it would need to import some win32 stuff if on NT, or the smb library on UNIX) and conditionally use different SMB validation schemes depending on what OS platform the code detects. here's pseudocode - def authorize: if myplatform == win32: authenticate using markhammond's stuff (win32net) return authentication result elif myplatform == unix: authenticate using smbmodule stuff return authentication result else: return unsupported This seems to me to make more sense than using XML-RPC. It's maybe a 2-hour job. I'd promise to do it, but I'd probably be lying :) Its nuts at work right now. That said, if I get time, I will give it a roll... -----Original Message----- From: Ian Blenke To: zope@zope.org Sent: 10/18/99 7:11 PM Subject: [Zope] NT User Folder - No Domain support? After fighting with the "NT User Folder" product for quite a while, I've run across a "feature" :) Unless your NT server is a PDC/BDC for a Domain (so that the local SAM is queried), it isn't possible to use NT User Folder for authentication of users in the Domain. I'm attempting to run Zope on an IIS server that is member server in a Domain, but not a Domain Controller of any kind. The only way to limit access seems to be by adding/deleting local users and putting them in the ACL for HKLM/Software/DigitalCreations/.../Role SO, I'm entertaining alternatives. How can I reference the users in a remote Zope User Folder? It would be nice to be able to put the "smb User Folder" on a Linux server running Zope, and merely XML-RPC the folder lookups from the NT box to the Linux box. Would it be possible to create a regular acl_users folder with the preresiquite methods defined that would merely redirect the "simulated" method to another Zope server? Yes, it's a kludge. Yes it's sick and twisted. The appropriate solution would be to put the Zope server on a BDC. However, I'm not one for the "easy way out" :) - Ian C. Blenke <icblenke@2c2.com> <ian@blenke.com> _______________________________________________ Zope maillist - Zope@zope.org http://www.zope.org/mailman/listinfo/zope (Related lists - please, no cross posts or HTML encoding! To receive general Zope announcements, see: http://www.zope.org/mailman/listinfo/zope-announce For developer-specific issues, zope-dev@zope.org - http://www.zope.org/mailman/listinfo/zope-dev )