[Zope] Re: Novell NDS (Was: LDAPUserFolder and Zope 2.5.1)

Jens Vagelpohl jens@zope.com
Wed, 8 May 2002 16:15:44 -0400


dirk gave a simple example, but here is a general rule:

<rant>
using LDAP in general is not easy unless you know what you are doing! it 
is not straightforward like connecting to a database and issuing SQL! 
using LDAP for zope authentication requires knowledge about how LDAP works 
and how the directory is structured!
</rant>

if you're just curious or playing around and have no real need for it, 
have fun...  if you must use it you should familiarize yourself with LDAP.
  knowing "next to nothing" about LDAP is not helpful when you have to face 
the multitude of configuration options that are exposed by products 
written for LDAP authentication, such as the LDAPUserFolder.

jens


On Wednesday, May 8, 2002, at 02:32 , Dirk Datzert wrote:

>
> The most important thing is the searchbase of your users and groups in
> the NscpDS.
>
> example:
>
> LDAP base directory:
> 	o=your-domain.net
> Sub directories:
> 		ou=Users
> 		ou=Groups
>
> the searchbase for Users is called:  ou=Users,o=RHG
> the searchbase for Groups is called: ou=Groups,o=RHG
>
> The second thing you need to know is details about Users and Groups.
> For NscpDS:
> login attribute for Users is uid (objectclass: top,person)
> name attribute of Groups is cn (objectclass: groupOfUniqueNames,
> groupOfNames)
>
> make a group called cn=Manager and put a user into this group.
>
> enter all infos into the LDAPUserFolder (best as superuser),
> do manage_zmi_logout and login as the LDAP-user
>
> Hope this helps you
>
> Dirk
>
>
> "Schmidt, Allen J." schrieb:
>>
>> Has anyone done anything to connect to a Netscape Directory? I understand
>> its LDAP also but I know next to nothing about it or LDAP in general for
>> that matter. I have all the server, port, user, etc. info but just don't
>> know how to go about getting data out of it.
>>
>> Thanks
>>
>> -Allen