LDAPUserManager - Add: Create a new LDAPUserManager object
Description
The LDAPUserManager is designed to be run in conjunction
with the LDAPLoginAdapter. The LDAPLoginAdapter is a
replacement for a Zope user folder. It does not store its
own user objects but builds them on the fly after
authenticating a user against the LDAP database. For more
information about the LDAPLoginAdapter please visit
http://www.dataflake.org/software/ldaploginadapter/.
The LDAPUserManager allows you to add, edit or delete
user and role (a.k.a. group) records on the LDAP server
that acts as the backend for the LDAPLoginAdapter.
Controls
-
Title
- The (optional) title for this adapter
-
LDAP Server
- Specify the server name or IP address, optionally followed by
a colon and a port number. If no port number is given a default of 389, which
is the standard port LDAP servers listen on, will be assumed. The server name
must not contain any prefixes like "ldap://".
The LDAPUserManager does not support secure LDAP connections via SSL.
-
Search base DN for users
- The DN for the branch of your LDAP database that
contains user records.
-
User Search Scope
- Choose the depth for all searches from the user search base dn
-
Search base DN for groups
- The DN for the branch of your LDAP database that
contains group records. These group records are of the LDAP class
"groupOfUniqueNames" and the entry CN attribute constitutes the group name.
Groups embody Zope roles. A user which is part of a "Manager" group will
have the "Manager" role after authenticating through the LDAPLoginAdapter.
-
Group Search Scope
- Choose the depth for all searches from the group search base dn
-
LDAP bind UID and password
- These are usually required when you want to
add, edit or delete user records on your LDAP server.
-
Add
- Instantiate the LDAPUserManager.