LDAP questions

Monday 20 June 2005 6:46:42 am

Hi,

we need a LDAP config but I don't quite get it.

We have one eZ install, we configure eZ so that it gets its login info from an LDAP server.
Problem is, where are the rights/rules infos ? In eZ ? If so, what's the point of using LDAP if we have to duplicate the user in eZ with all the info ?

Am I missing something here ?

thanks for your help.

Tuesday 21 June 2005 12:24:26 am

Hi,

If you set your site.ini as:

#LoginHandler[]=Standard
LoginHandler[]=LDAP

Then, LDAP is only used by ez the first time the user connects on the site. This creates a new user in DB. Then, when you want to modify user's password, it only modifies the DB and not LDAP.

When you want to log in with the new password, it doesn't work but with the old one (recorded into LDAP), it works.

It depends from your configuration, but when I use both login handlers, both passwords works to log in.

LoginHandler[]=Standard
LoginHandler[]=LDAP

Does anybody know if a modification of ez has been built to make user password updates changes into LDAP from ez?

Wednesday 22 June 2005 5:40:26 am

Hello Jonny,

First of all, thanks for your reply and the link to your pdf doc.
But my question is still the same. Apparently, the rules/permissions still are in eZ and there is no sync between the LDAP and eZ (am I right ?). If that's so...why using it for you need to create your users in eZ AND in LDAP ?

Or I am missing something here !
Or is it possible to set permissions only using groups in LDAP so :

1 - create groups of users in eZ with permissions on content

2 - use LDAP to connect and use the groups in LDAP ?

Is it possible ? Is it a solution ?

Again : if users have to be duplicated manually , I only see drawbacks...

Thanks

Francis.

Tuesday 28 June 2005 3:01:52 am

thanks Mikael.