Metadata-Version: 1.0
Name: Products.PloneLDAP
Version: 1.0rc3
Summary: LDAP/AD support for Plone
Home-page: http://svn.plone.org/svn/collective/PloneLDAP
Author: Wichert Akkerman - Simpon
Author-email: wichert@simplon.biz
License: GPL
Description: Introduction
        ============
        The PloneLDAP product is intended to make it easier to use LDAP connections in
        a Plone website. It builds upon the excellent LDAPMultiPlugins_ and
        "LDAPUserFolder_ products which provide the basic LDAP infrastructure.
        
        The extra functionality provided by this product require features
        beyond that are not part of the standard Pluggable Authentication Service,
        which is why they are not included in LDAPMultiPlugins.
        
        .. _LDAPMultiPlugins: http://www.dataflake.org/software/ldapmultiplugins
        .. _LDAPUserFolder: http://www.dataflake.org/software/ldapuserfolder
        
        PloneLDAP integrates LDAP fully into your Plone site:
        
        * users in an LDAP database can be used as normal users in Plone. You
        can search for them, assign roles to them, create them and remove them.
        
        * groups in an LDAP database can be used as normal groups in Plone. You
        can view them, manage group members, create new groups and remove them.
        LDAP groups can only have LDAP users as members. LDAP users can be
        group members of non-LDAP groups.
        
        * member properties for LDAP users need not be stored completely in the
        LDAP database: you can mix LDAP and ZODB-stored properties.
        
        Please note that if you are using Active Directory all access is read-only.
        
        
        Requirements
        ============
        
        * Plone 2.5 or later
        * python-ldap_
        * LDAPUserFolder 2.8
        * LDAPMultiPlugins 1.5
        
        .. _python-ldap: http://python-ldap.sourceforge.net/
        
        PloneLDAP has been developed for Plone 3.0. While it does support Plone 2.5
        it is highly recommended to use Plone 3.0.
        
        
        Installation
        ============
        
        First you need to install the python-ldap package and the LDAPUserFolder,
        LDAPMultiPlugins and PloneLDAP products.
        
        PloneLDAP provides PAS plugins that you can use to get your site talking to
        LDAP or Active Directory. To install them go the acl_users folder in your
        site. Select the right plugin from the dropdown menu in the top right: use
        'Plone LDAP Plugin' if you want to connect to a standard LDAP server or
        'Plone Active Directory Plugin' if you want to connect to a Microsoft Active
        Directory server.
        
        After selecting the plugin type you will see a screen where you need to
        submit the configuration information. Consult your LDAP or AD administrator
        if you are not sure what the correct information is.
        
        After creating the plugin it has to be activated. To do this go to the
        plugin in the ZMI and go to the 'navigate' tab, select all plugin types
        and click on the 'Update' button.
        
        As a final change you will need to reorder the plugin order. Reodering
        can be done by clicking on the name of a plugin type, selecting a plugin
        in the 'Active Plugins' list and using the up and down arrows to change
        the ordering. The required ordering changes are:
        
        * Properties: LDAP has to be the top plugin
        * Group_Management: LDAP should be the top plugin if you want to
        create groups in the LDAP database
        * User_Adder: has to be the top plugin if you want new users to be
        created in LDAP
        * User_Management: LDAP has to be the top plugin
        
        
        LDAP caveats
        ============
        
        LDAPUserFolder
        ~~~~~~~~~~~~~~
        Inside the PloneLDAP PAS plugin you will see another acl_users user folder.
        This is a ''LDAPUserFolder'' instance, which is used to manage the low-level
        communication with the LDAP server. By updating its properties you can
        reconfigure your LDAP connection.
        
        The LDAPUserFolder instance is only used to communicate with the LDAP server.
        Its user and group management facilities are not used. You can use it to
        quickly test if your LDAP connection is correctly configured.
        
        If you make any changes in users or groups through the LDAPUserFolder ZMI
        interfaces these will be applied to the LDAP server but the caches used
        by the PloneLDAP plugin will not be invalidated correctly. This may lead
        to unexpected results and it is strongly recommended to only use the Plone
        interface to update users and groups.
        
        
        Credits
        =======
        
        Funding
        CentrePoint_
        
        Implementation
        Simplon_, Wichert Akkerman
        
        
        .. _Simplon: http://www.simplon.biz/
        .. _CentrePoint: http://centrepoint.org.uk/
        
        
        Copyright
        =========
        
        PloneLDAP is copyright 2007 by Simplon_ and licensed under the GNU General
        Public License, version 2.
        
        Changes
        =======
        
        1.0rc3
        ~~~~~~
        
        * Fix getGroupMembers to return user ids instead of login names for group
        members. This broke group membership listing in environments where userid
        and login name differ (for example AD environments). Thanks to Netcentric
        for discovering this and helping me fix it.
        
        * Add some protection against invalid (None) results of group related
        searches.
        
        * Add more information about the capabilities and caveats of LDAP use in Plone.
        
        
        1.0rc2
        ~~~~~~
        
        * Improve the documentation.
        
        * Add missing cache invalidation for role management and user deletion.
        
        * Fix updating of single-valued member properties.
        
        * Use a different method to get the containing LDAPUserFolder. This allows
        use of PloneLDAP outside of a CMF site.
        
        
        1.0rc1
        ~~~~~~
        
        * Fix setting of object classes when creating a new plugin instance.
        
        * Fix member property sheets: RAM caching does not like it when you try
        to store non-pickleable data.
        
        
Keywords: Zope CMF Plone LDAP authentication
Platform: UNKNOWN
Classifier: Framework :: Plone
Classifier: Framework :: Zope2
Classifier: Programming Language :: Python
Classifier: Topic :: Software Development :: Libraries :: Python Modules
Classifier: Topic :: System :: Systems Administration :: Authentication/Directory :: LDAP
