I'm having trouble configuring permissions to work via LDAP groups. I can currently authenticate to CMapServer with an LDAP account. I cannot use groups from the LDAP tree to assign permissions to a folder, though. I can assign permissions to individual users in the LDAP tree but not to groups.
I have a folder in which I explicitly granted user rights to an LDAP user. I connect to Server with Tools as that user. I can create new maps and save them.
* CMapServer for Linux 5.04 on Ubuntu 10.4
* CMapTools for Windows 5.04 on WinXP, 32bit mode
I want to assign rights to the folder for an LDAP group called "Teachers" which exists in the "group" ou. I right-click on the folder in the Tools directory and select Permissions. From the Permissions List I select Add User. I click Browse, then set the User Type to "Group" and hit Search. No results appear. If I set user type to "All" or "Individual" I do get the users from the LDAP people ou.
My users are members of the groups, as listed in each group's memberUid attributes.
LDAP options from serverconfig.txt:
Code: Select all
# DN of the container where individual users are stored ldap.user.directory.usersBaseDN=ou\=people,dc\=myownserver,dc\=com # DN of the container where groups are stored ldap.user.directory.groupsBaseDN=ou\=groups,dc\=myownserver,dc\=com # Name of the attribute which holds the user's ID ldap.user.directory.userAttr=uid # Name of the attribute which holds the group's ID ldap.user.directory.groupAttr=cn
Code: Select all
dc=myownserver,cd=com +--> ou=groups | ---> cn=Admins | ---> cn=Facilitator | ---> cn=Leadership | ---> cn=Teacher +--> ou=people | ---> cn=Cameron Goble | ---> cn=CMapServer Admin | ---> cn=Testy Testerson
Thanks very much for your help!
Albuquerque NM USA