[Zope-CMF] Problems with and questions about LDAPUserFolder

Bert Vanderbauwhede bert.vanderbauwhede@rug.ac.be
Thu, 28 Feb 2002 09:54:09 +0100


Hi,

I got a couple of problems with the LDAPUserFolder.

This is my configuration:
- Python 2.1.2
- Zope 2.5
- LDAPUserFolder 1.2
- CMF 1.2

I have a CMF Site where I replace the default UserFolder 
with a LDAPUserFolder. I configure this as follows:
- LDAP Server
- Login Name Attribute
- RDN Attribute
- Users Base DN
- Scope: Subtree
- Group Storage: Groups not stored on LDAP Server
- User object classes: top,person
- User password encryption: crypt
- Default User Roles: Anonymous
- Authentication: Cookie Authentication

The LDAPUserFolder connects to the LDAP server. I can go to
the Users screen and search for a user, and get the results
back, but when I try to add a group/role to the user I get a
AttributeError in LDAPUserFolder.py, line 1611:

  AttributeError: 'None' object has no attribute '_expire'


As a result, no group/role is assigned to that user.

Another problem is that I can't login on the site with a
user that is stored in LDAP. This could be the result from
the previous problem, but I can't tell.

(All this happens in a CMF Site, but I have also tried it
in an ordinary folder, with the same results.)

I also got a couple of questions:

Eventually, the groups/roles will be defined in LDAP. In
the help files, you say that the groups have to be of the
LDAP class groupOfUniqueNames. Yet, in the groups screen
you can define groups of other classes: groupOfNames and
group. Our LDAP server already contains entries of class
groupOfNames, but the LDAPUserFolder doesn't find them.
Do you have an idea what's going on?

Can the LDAPUserFolder work with CMF? is it sufficient to
install the LDAPUserFolder and delete the CookieCrumbler?
Do I have to define any custom forms, or can I use the CMF
login screens as is?


Bert Vanderbauwhede...
---
"All PCs are compatible.
 But some of them are more
 compatible than others."