[Zope] LdapUserFolder 2.4 Authentication Woes

[Edward Pollard]

I'm in the midst of a hardware upgrade, which has precipitated some 
software upgrades since its a convenient time.

I'm moving from:
Zope 2.6.0/Python 2.1.3/LDAPUserFolder 2.3
to:
Zope 2.7.4/Python 2.3.4/LDAPUserFolder 2.4


My problem is that LDAPUserSatellites don't seem to work.

My process:

First, I deleted the old LDAP folders and satellites, and recreated new 
ones. Aside from the new login name attribute, the folders were 
identical. (I've set Login Name, User ID, and RDN all to UID)

I then created an acl_sattelite one folder down, and mapped a  LDAP 
group to Manager.

I then tried to log into the ZMI. It did not work, and the cache in the 
LDAP User Folder only showed my account with the authenticated and 
anonymous roles. So, I'd logged in fine, I just didn't get any Zope 
roles out of the deal, which is what the LDAP satellite was supposed to 
do, right?

I then deleted the satellite, and copied the LDAP User Folder down to 
where the satellite was. I then mapped the same LDAP group to Manager 
in the User Folder

I could then log into the ZMI

...

My understanding of the process is that these two setups are logically 
equivalent, and as such something is not working the way its supposed 
to, which is why I'm bothering all you fine people.


One more little puzzler:
With LDAPUserFolder 2.3, when I log in the Cache shows all my LDAP 
Groups (and there are many) in the Roles field. In 2.4, it no longer 
does this. In the configuration that works above it did add Manager to 
my Roles field (as opposed to just Authenticated and Anonymous in the 
configuration that did not work). Is this reflecting just a change in 
the logic of the product (I could see why), or is this reflecting some 
facet of the problem I'm experiencing?

Thanks,

---
Edward J. Pollard, B.Sc
Webmaster, University of Lethbridge