Authentication against Win2000 Active Directory
Hello What's the best practice to authenticate user against Windows 2000 Active Directory? I whould like to use a product with nuxUserGroups (nuxeo user and groups) or develope a part to implement a authentication tool for to use with nuxUser. Thansk for answer... Mit freundlichen GrĂ¼ssen Roger Ineichen ___________________________ Projekt01 GmbH www.projekt01.ch Langackerstrasse 8 6330 Cham phone +41 (0)41 781 01 78 mobile +41 (0)79 340 52 32 fax +41 (0)41 781 00 78 email r.ineichen@projekt01.ch ___________________________ END OF MESSAGE
What's the best practice to authenticate user against Windows 2000 Active Directory?
Try the LDAPUserFolder. I've heard mixed stories of success and failure...
Then I can add a success story. Installed it today, no problems what so ever. Win2kServer, Zope-2_6-branch, CMF HEAD and latest LDAPUserFolder and CMFLDAP. /Magnus
Hello Magnus It will work with nuxUserGroups ? What do you think about the modul LDAPUserGroups? I need nuxUserGroups support. I whould have the useres in zope and just authenticate against Active Directory. Is it possible to do so.
What's the best practice to authenticate user against Windows 2000 Active Directory?
Try the LDAPUserFolder. I've heard mixed stories of success and failure...
Then I can add a success story.
Installed it today, no problems what so ever.
Win2kServer, Zope-2_6-branch, CMF HEAD and latest LDAPUserFolder and CMFLDAP.
/Magnus
Roger <r.ineichen@projekt01.ch> wrote:
Hello Magnus
It will work with nuxUserGroups ? What do you think about the modul LDAPUserGroups? I need nuxUserGroups support. I whould have the useres in zope and just authenticate against Active Directory. Is it possible to do so.
Note that LDAPUserGroups patches an older version of LDAPUserFolder. Nobody has contributed an updated patch yet. I personally haven't the time for it. Florent -- Florent Guillaume, Nuxeo (Paris, France) +33 1 40 33 79 87 http://nuxeo.com mailto:fg@nuxeo.com
Hello Magnus, can you say why you need nuxUserGroups support ? Sorry if you told that to the list, but I start reading right now. LDAPUserFolder has group support and a group-to-role mapping and LDAPRoleTwiddler can map LDAPGroups to ZopeRoles. There is a LDAPRoleExtender too. What exactly do you need ? Regards, Dirk
Dirk Datzert <dirk.datzert@tks-rasselstein.thyssenkrupp.com> wrote:
can you say why you need nuxUserGroups support ? Sorry if you told that to the list, but I start reading right now.
LDAPUserFolder has group support and a group-to-role mapping and LDAPRoleTwiddler can map LDAPGroups to ZopeRoles. There is a LDAPRoleExtender too.
LDAPUserFolder has something that it calls "groups" but that everybody else in Zope calls "roles" :-) User groups are a different matter (see the NuxUserGroups page for use cases). Florent -- Florent Guillaume, Nuxeo (Paris, France) +33 1 40 33 79 87 http://nuxeo.com mailto:fg@nuxeo.com
Hi Fiorent,
LDAPUserFolder has something that it calls "groups" but that everybody else in Zope calls "roles" :-)
I understand that.
User groups are a different matter (see the NuxUserGroups page for use cases).
I read the use case.
I really think that LDAPUserFolder has this support built in: A LDAP User belongs to one or more LDAP Groups. Each LDAP Group can be mapped to a special Zope Role. This feature is in LDAPUserFolder and LDAPRoleTwiddler. Dirk
LDAPUserFolder has something that it calls "groups" but that everybody else in Zope calls "roles" :-)
...simply because group records in LDAP have no knowledge of and nothing to do with zope roles. "groups" are LDAP records that group other records (in this case user records) together. groups are just used by the LDAPUserFolder to map them to real zope roles. it was my goal to keep this distinction visible. hope that cleared it up. jens
participants (6)
-
Chris Withers -
Dirk Datzert -
Florent Guillaume -
Jens Vagelpohl -
Magnus Heino -
Roger