[Zope] [HELP] Zope local roles and LDAP Groups

[Mitch Pirtle]

On Tue, 2002-04-02 at 14:46, Jens Vagelpohl wrote:
>=20
> in order to use a role that a user has because his record is in a certain=
=20
> group in LDAP (first of all, look at the user object to make sure the rol=
e=20
> is actually assigned!) you need to create a role of the same name in zope=
=20
> using the Security tab in a folder or at the root. then you can assign al=
l=20
> the permissions you want to this role, also on the Security tab. the user=
=20
> that has this special role from LDAP will then have those permissions in=20
> that location and "below".

This is not a complaint, but I gotta grok this before I spend any more
time thinking about Zope and LDAP:

1) You create the LDAP schema (including groups and roles)
2) Populate slapd with entries
3) Point LDAPUserFolder to slapd
4) Manually recreate all groups in Zope
5) Manually reassign all users to groups in Zope

Ouch.  You know, with 11,000 users that's gonna hurt.  -;^>=3D

Is anybody working on this? Jens? Bueller?

--=20

Mitch Pirtle
Corporate Security Officer
K=FChne & Nagel Management AG
Tel: +41 1 786 96 45
Fax: +41 1 786 95 95