Marinussen, M.J. (Ria) wrote:

...

Hi,

I'm looking for a zope product that enables me to use our Active Directory LDAP server for verification of login credentials only. I want users still stored in Zope, and access to directories should be also something I can handle in Zope, and I don't want to use LDAP groups because I don't control the LDAP server and there are no groups on the LDAP server I can use.

So really, all I want is that Zope checks the passwords with the LDAP server instead of with it's own userfolder. And perhaps, a possibility to check/search for the available loginnames on the LDAP server when adding a user to the userfolder.

I've checked out LDAPUserFolder but that's not what I'm looking for (I think...).

Does anyone know whether there is such a product, or give me some poiners to adapt an exisiting product to my needs?

There is an LDAPMultiplugin for PluggableAuthService, which might make this easier. It could be as easy as installing LDAPUF in PAS and turning off all its interfaces except for the auth one. However, I don't quite see how you would store users in Zope and then ask for the password in LDAP on a one-to-one basis. Seems like you're relying on an "accidental" correspondence between ZODB-stored user names and LDAP user names. --jcc -- "Building Websites with Plone" http://plonebook.packtpub.com/ Enfold Systems, LLC http://www.enfoldsystems.com