[Typo3-dev] Usergroup memberships FE and BE with openldap (Files)

Didier Gehéniau didier.geheniau at feas.net
Sun Feb 20 00:34:55 CET 2005 

Hi Daniel,

I have changed the files. Some one have to test them if they still work with
the old configuration. I think they do but I do not have a ADS test
environment.

Changes your can find between "Start of FEAS donation" and "End of FEAS
donation" comments.

Regarding the configuration
For Feusers/BEusers I added:

Rootobject:

useStaticGroups = 1
type = FE_USERS or BE_USERS
group_basedn = <base_dn_of_fe_or_be_groups>
group_filter = <ldap_filter_to_find_only_fe_or_be_groups>
memberAttr = <attribute_name_wich_holds_the_members>

Fields:

usergroup = MAP_OBJECT
usergroup{
	   attribute=uid
	   userFunc = tx_ldapserver->getStaticGroups
	   userFunc	{
			pid = 2
			attribute = uid
                  table = fe_groups
			type = FE_GROUPS
                  identField = title
			searchAttr = uid=
			}
	   }

For be_groups I added this to get the admin flag from ldap:

admin = MAP_OBJECT
admin  {
       attribute=uid
       userFunc = tx_ldapserver->isLdapAdmin
       userFunc {
                pid = root
                attribute = uid
                table = be_groups
                searchAttr= uid= 			// in our ldap
server the uniqueMember 
                                                // attribute is filled with
uid=<username>
                admingroup = Administrators     // name of the group that
holds admins
                }

For Fegroups and Begroups I added:

type = FE_GROUPS or BE_GROUPS
memberAttr = uniqueMember
admingroup = Administrators				// name of the group
that holds admins, this group will
								// be
ignored when importing groups

I don not understand the attribute "attribute" in userFunc I have to fill it
to call the functions but I think the functions are not using it.

Further more I have still the problem with the group/user import when a new
group is added to ldap. I can't change the order on wich typo3 handels the
import. When I do that I get a sql error. I am not going to debug it, you
can use the work a round to do a second sync.

Also I want to make it possible to notimport/mark/delete a user when it has
no group membership. I thought of handeling suche a user as if he is not in
ldap. So if the usergroup returns empty (exept for admins) it is ignord for
import or the account is marked/deleted. I can't sort out the handleNotFound
process. If I did a can fix this one also.

Regards,


Didier M.J.C. Gehéniau

______________________________________________________________________
This message is intended only for the named recipient and may contain
confidential or privileged information. If you have received it in error,
please advise the sender by return e-mail and delete this message and any
attachments. Any unauthorized use or dissemination of this information is
strictly prohibited.

More information about the TYPO3-dev mailing list