[TYPO3] LDAP Help

Strader, William A. WILLIAM.A.STRADER at saic.com
Tue Aug 15 14:09:49 CEST 2006


Actually I do have 1 more question on this... Now that I have the
authentication working with eu_ldap... I have the system setup to use the
eu_ldap for both frontend & backend authentication... Now the question is...
Is there anyway I can say set "Domain Admins" as administrator's to the
system?  And say "Group A" have the rights to modify these pages and
stuff...  I am not really clear on how the backend permissions work yet :-/

Thanks,
 
Billy Strader
WebPool


-----Original Message-----
From: typo3-english-bounces at lists.netfielders.de
[mailto:typo3-english-bounces at lists.netfielders.de] On Behalf Of Strader,
William A.
Sent: Tuesday, August 15, 2006 8:06 AM
To: 'TYPO3 English'
Subject: Re: [TYPO3] LDAP Help


Well I got it working last night.  I used eu_ldap... Now I don't know if it
is my system is slow (test/dev server and runs extremely slow) or what but
when I click on the LDAP Integration the action times out or something (it
says Action Canceled)... However it does allow me to login and it imports
the groups and stuff the person is a member of into the system.  So... It
works...  Thanks for all the help thought :)

Thanks,
 
Billy Strader
WebPool


-----Original Message-----
From: typo3-english-bounces at lists.netfielders.de
[mailto:typo3-english-bounces at lists.netfielders.de] On Behalf Of Joerg
Schoppet
Sent: Tuesday, August 15, 2006 1:48 AM
To: typo3-english at lists.netfielders.de
Subject: Re: [TYPO3] LDAP Help


Strader, William A. wrote:
> Question where can I get more info on the ldap_library and the other
> extensions assiocated with that extension.  I am wanting to intergrate 
> Typo3 v4.0.1 with our AD (Win2k) system and have people authenticate 
> using that vs. a build in system...  So if anyone can point me in the 
> right direction that would be really nice :)
> 
> Thanks,
>  
> Billy Strader
> WebPool

Hi William,

I've also integrated our TYPO3 with our AD, but with an other way.

First, I let the people authenticate with the apache "mod_ldap" module 
against the AD. After this I know, that the person is allowed to view 
our page. For TYPO3 I created an extension which automatically login an 
user (fe and be, configurable for each user and the whole system). If 
the user doesn't exists I create him, with data from the AD (using 
ldap_lib and ldap_server) and assign him to a general group.

The only big problem I had, was that our employees are sorted in the AD 
into regions (e.g. OU=AMER) and countries (e.g. OU=DE), so I normally 
would have to make up to three searches until I found the person (we 
have three regions with there own AD-Servers).
But then I found the magic words "global catalog". This virtual catalog 
contains all "things" in an AD and is accessible over the port 3268.

Hope this helps.

Regards

Joerg Schoppet
_______________________________________________
TYPO3-english mailing list
TYPO3-english at lists.netfielders.de
http://lists.netfielders.de/cgi-bin/mailman/listinfo/typo3-english
_______________________________________________
TYPO3-english mailing list
TYPO3-english at lists.netfielders.de
http://lists.netfielders.de/cgi-bin/mailman/listinfo/typo3-english



More information about the TYPO3-english mailing list