Document Library

Silva users and LDAP

Bug #139339 reported by Richard H. on 2007-09-13

2

Affects		Status	Importance	Assigned to	Milestone
	Document Library	Fix Committed	Medium	Martijn Faassen

Bug Description

Having manually created a new LDAPUsersFolder (acl_users) in the test instance of Zope, we are now experiencing some odd behaviour.

I have a Silva Simple User account already in existence in 'Members' (rhewison) which was created by David Sparkes a while ago. It allows me to login to any of the Silva instances on arana (formerly on kumo). I used this account to login to Silva and get LDAP working. I then looked up David Sparkes (via LDAP) in Silva and then assigned him the Manager role.

Unfortunately, we have noticed a few things so far regarding David's Silva account. He is unable to lookup any users via LDAP in Silva (using the 'access' tab and searching for users to add to the clipboard). It always returns an empty search result. The only account he is able to lookup is his own!

If I lookup users (using my Silva Simple User account) then I am able to look up other users, assign them roles etc (as I originally did with David's account). However, we have also noticed that whenever it returns a search result, the users in that result are added to the acl_users folder in Zope even though we might not have done anything with those accounts (i.e. not assigned them any roles). Is this how it is meant to behave?

Revision history for this message

Richard H. (richard-hewison) wrote on 2007-09-13:

#1

Sorry, the last paragraph should have read 'the users in that result are added to the 'members' folder in Zope' (NOT the acl_users folder)

Eric Casteleijn (thisfred) on 2007-09-13

Changed in documentlibrary:
assignee:	nobody → daniel.nouri

Revision history for this message

Richard H. (richard-hewison) wrote on 2007-09-17:

#2

I think this might possibly be related to incorrect credentials entered when configuring LDAP for use with Silva (via acl_users). Can someone confirm what Zope roles are expected of the credentials entered for Manager DN, or is this nothing to do with the problem? (For what it's worth, Elisabeth has exactly the same issues - she can't lookup any users in Silva even though she is a Silva manager).

Revision history for this message

Richard H. (richard-hewison) wrote on 2007-09-20:

#3

For whatever reason, users added to Silva via LDAP are not allowed to search for other users (via LDAP) in the usual Silva way (via the access tab) for assigning roles, even if the user performing the search has been give the 'Manager' role. David can login to Silva via LDAP but cannot get search results. If David logs in as 'admin' then he can.

Can someone please look at this as is this another 'show stopper' for LDAP enabled Silva?

Eric Casteleijn (thisfred) on 2007-09-20

Changed in documentlibrary:
assignee:	daniel.nouri → faassen

Revision history for this message

Martijn Faassen (faassen) wrote on 2007-09-21:

#4

I will mail you the INSTALL.txt file of the LDAP integration.

Revision history for this message

Richard H. (richard-hewison) wrote on 2007-09-21: [Bug 139339] Re: Silva users and LDAP

#5

Thanks. Is this file going to be sitting somewhere on arana already?

>>> On 21/09/2007 at 13:53, Martijn Faassen <email address hidden> wrote:
> I will mail you the INSTALL.txt file of the LDAP integration.
>
> --
> Silva users and LDAP
> https://bugs.launchpad.net/bugs/139339
> You received this bug notification because you are a direct subscriber
> of the bug.

Revision history for this message

Martijn Faassen (faassen) wrote on 2007-09-21:

#6

I just did some experimenting and I think the problem is resolved. Summary, in LDAP User Folder set 'Manager DN Usage' to 'Always'.

Changed in documentlibrary:
status:	New → Fix Committed

Revision history for this message

Martijn Faassen (faassen) wrote on 2007-09-21:

#7

On 9/21/07, Richard H. <email address hidden> wrote:
> Thanks. Is this file going to be sitting somewhere on arana already?

There is an INSTALL.txt in SilvaBedfordshireLDAP which is in the
products directory.
I relealized when looking at it is that it is out of date. I will update it.

Revision history for this message

Martijn Faassen (faassen) wrote on 2007-09-21:

#8

That is, I will update this file in our version control system so we
can at least reference ourselves. On your server we would need to
install the new version first to update the INSTALL.txt. :)

Revision history for this message

Kit Blake (kitblake) wrote on 2007-11-12:

#9

This is fixed, just setting importance.

Changed in documentlibrary:
importance:	Undecided → Medium

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.