Zend_Auth_Adapter_Ldapdocumentation

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

Zend_Auth_Adapter_Ldapdocumentation

Paweł Chuchmała
Hi,

Is there any reason why documentation of Zend_Auth_Adapter_Ldapis not
complete? I'm talking about this:
http://framework.zend.com/issues/browse/ZF-4730

In Reference guide is nothing about groups support in this component.

Best regards,

--
Paweł Chuchmała
pawel.chuchmala at gmail dot com

--
List: [hidden email]
Info: http://framework.zend.com/archives
Unsubscribe: [hidden email]


Reply | Threaded
Open this post in threaded view
|

Re: Zend_Auth_Adapter_Ldapdocumentation

Stefan Gehrig
Hi Pawel,

The Group-feature has been added long time after the documentation has been written. Unfortunately I didn't haven time to update the documentation (as seen in some parts of the Zend_Ldap documentation too) and currently there is no volunteer who may help in completing the documentation.

Sorry for that... But feel free to contact me or the list if you've got any questions!

Best regards

Stefan

Von meinem iPhone gesendet

Am 19.04.2011 um 03:30 schrieb Paweł Chuchmała <[hidden email]>:

> Hi,
>
> Is there any reason why documentation of Zend_Auth_Adapter_Ldapis not
> complete? I'm talking about this:
> http://framework.zend.com/issues/browse/ZF-4730
>
> In Reference guide is nothing about groups support in this component.
>
> Best regards,
>
> --
> Paweł Chuchmała
> pawel.chuchmala at gmail dot com
>
> --
> List: [hidden email]
> Info: http://framework.zend.com/archives
> Unsubscribe: [hidden email]
>
>

--
List: [hidden email]
Info: http://framework.zend.com/archives
Unsubscribe: [hidden email]


Reply | Threaded
Open this post in threaded view
|

Re: Zend_Auth_Adapter_Ldapdocumentation

Paweł Chuchmała
Hi Stefan,

Thanks for explanaition. I have one problem. It is possible to use
more than one group?
I want to have something like this:
(&(objectClass=user)(sAMAccountName=%s)(|(memberOf=CN=GROUP_1,OU=Applications,DC=domain,DC=pl)(memberOf=CN=GROUP_2,OU=Applications,DC=domain,DC=pl)))

I try diffrent ways of configuration, and i've got only something like this:

(&(&(memberOf=CN=GROUP_1,OU=Applications,DC=domain,DC=pl)(sAMAccountName=...OU=Employees,DC=domain,DC=pl))((objectClass=user)))

It doesn't work for this one group too.

best regards
Paweł Chuchmała


2011/4/19 Stefan Gehrig <[hidden email]>:

> Hi Pawel,
>
> The Group-feature has been added long time after the documentation has been written. Unfortunately I didn't haven time to update the documentation (as seen in some parts of the Zend_Ldap documentation too) and currently there is no volunteer who may help in completing the documentation.
>
> Sorry for that... But feel free to contact me or the list if you've got any questions!
>
> Best regards
>
> Stefan
>
> Von meinem iPhone gesendet
>
> Am 19.04.2011 um 03:30 schrieb Paweł Chuchmała <[hidden email]>:
>
>> Hi,
>>
>> Is there any reason why documentation of Zend_Auth_Adapter_Ldapis not
>> complete? I'm talking about this:
>> http://framework.zend.com/issues/browse/ZF-4730
>>
>> In Reference guide is nothing about groups support in this component.
>>
>> Best regards,
>>
>> --
>> Paweł Chuchmała
>> pawel.chuchmala at gmail dot com
>>
>> --
>> List: [hidden email]
>> Info: http://framework.zend.com/archives
>> Unsubscribe: [hidden email]
>>
>>
>



--
Paweł Chuchmała
pawel.chuchmala at gmail dot com

--
List: [hidden email]
Info: http://framework.zend.com/archives
Unsubscribe: [hidden email]


Reply | Threaded
Open this post in threaded view
|

Re: Zend_Auth_Adapter_Ldapdocumentation

Stefan Gehrig
Hi Pawel,

can you show your adapter configuration and sketch a rough outline of your directory structure in your LDAP?

I suspect that your question actually cannot be solved with the group-membership-feature., because that feature works the other way round: take the user and try to find an object in the tree that contains the user's name or DN in a specific attribute.
It seems that you're trying the following: find a user that has a special value in its attribute collection. That can be accomplished by regular LDAP filters. Have you tried to execute the filters in some LDAP tool tool to check if they are actually working?

Best regards

Stefan

Am 19.04.2011 um 13:26 schrieb Paweł Chuchmała:

> Hi Stefan,
>
> Thanks for explanaition. I have one problem. It is possible to use
> more than one group?
> I want to have something like this:
> (&(objectClass=user)(sAMAccountName=%s)(|(memberOf=CN=GROUP_1,OU=Applications,DC=domain,DC=pl)(memberOf=CN=GROUP_2,OU=Applications,DC=domain,DC=pl)))
>
> I try diffrent ways of configuration, and i've got only something like this:
>
> (&(&(memberOf=CN=GROUP_1,OU=Applications,DC=domain,DC=pl)(sAMAccountName=...OU=Employees,DC=domain,DC=pl))((objectClass=user)))
>
> It doesn't work for this one group too.
>
> best regards
> Paweł Chuchmała
>
>
> 2011/4/19 Stefan Gehrig <[hidden email]>:
>> Hi Pawel,
>>
>> The Group-feature has been added long time after the documentation has been written. Unfortunately I didn't haven time to update the documentation (as seen in some parts of the Zend_Ldap documentation too) and currently there is no volunteer who may help in completing the documentation.
>>
>> Sorry for that... But feel free to contact me or the list if you've got any questions!
>>
>> Best regards
>>
>> Stefan
>>
>> Von meinem iPhone gesendet
>>
>> Am 19.04.2011 um 03:30 schrieb Paweł Chuchmała <[hidden email]>:
>>
>>> Hi,
>>>
>>> Is there any reason why documentation of Zend_Auth_Adapter_Ldapis not
>>> complete? I'm talking about this:
>>> http://framework.zend.com/issues/browse/ZF-4730
>>>
>>> In Reference guide is nothing about groups support in this component.
>>>
>>> Best regards,
>>>
>>> --
>>> Paweł Chuchmała
>>> pawel.chuchmala at gmail dot com
>>>
>>> --
>>> List: [hidden email]
>>> Info: http://framework.zend.com/archives
>>> Unsubscribe: [hidden email]
>>>
>>>
>>
>
>
>
> --
> Paweł Chuchmała
> pawel.chuchmala at gmail dot com


--
List: [hidden email]
Info: http://framework.zend.com/archives
Unsubscribe: [hidden email]