SV: [Zope-dev] LDAP

Magnus Heino magnus.heino@pleon.sigma.se
Fri, 23 Nov 2001 13:42:41 +0100


> as far as your login problems go, look up a user record on the Users tab
> and see if that record has any roles associated with it.

What roles needs to be associated?

> you must also ensure that the user record you are trying to retrieve has
> permissions inside LDAP to look up itself and permission to look up the
> groups associated with it. the ACLs in slapd.conf govern that piece. you
> could use ldapsearch to "emulate" these searches by binding with the
> respective user's DN and passowrd and looking up its own details as well
> as its own groups.

I thought that this was ok since I can loggin to my linux account...

(A while later) Ok. I just locked myself out :-) Great.

> P.S.: LDAP and trying to use it for zope authentication can be very
> painful to set up if you're not experienced with LDAP first. there are a
> *lot* of factors and pitfalls involved. you must have a good
> understanding
> about how LDAP works, knowledge about LDAP schemas and LDAP ACLs.

Any suggestions of how to gain this knowledge? I know alot more now than I
did a week ago, but I certainly need to learn more :-/

Thanks for taking the time explaining things! :)


/Magnus