LDAP control panel for Plone
plone.app.ldap provides a user interface in a Plone site to manage LDAP and Active Directory servers.
This package succeeds the simplon.plone.ldap package.
Active Directory provides an LDAP interface to its data. Using this interface Plone can use both users and groups from an Active Directory system. Writing to Active Directory is not supported.
With Active Directory you can use two different properties as login name: userPrincipalName and sAMAccountName. sAMAccountName is the plain account name without any domain information and is only unique within a single domain. If your environment only uses a single AD domain this option is the best choice. For environments with multiple names the userPrincipalName attribute can be used since this includes both account name and domain information.
Since Plone does not support binary user ids it is not possible to use the objectGUID attribute as user ids. Instead you can use either sAMAccountName or userPrincipalName. The same criteria for choosing a login name also apply to selecting the user id attribute.
LDAP directory servers are fully supported. LDAP users and groups are usable as standard Plone users and groups can be me managed normally. Creating and deleting users and groups is supported.
This package works with Plone 3 and Plone 4. Plone 3 and Plone 4.0 users should install a version in the 1.2.* series (e.g. plone.app.ldap < 1.3, the latest current release is 1.2.8), as release 1.3 will only work with Plone 4.1 or higher.
You need to install PloneLDAP and its requirements in your Zope instance before you can use plone.app.ldap. If you are using Buildout then these requirements are pulled in for you automatically (see Installing with buildout). Otherwise, these dependencies would need to be installed manually; for instance, by downloading its product bundle and extracting that in your Products directory.
Once the package is installed, it will be available as an add-on named "LDAP support", and this add-on can be activated in a Plone instance using the Add-ons section of the Plone Control Panel. Be careful, as this package also currently installs LDAPUserFolder as a dependency, which makes the add-on "LDAPUserFolder CMF Tools" available. Do not install this add-on! It will replace the portal_membership tool and make your Plone site unusable.
Install without buildout
First you need to install this package in the python path for your Zope instance. This can be done by installing it in either your system path packages or in the lib/python directory in your Zope instance.
After installing the package it needs to be registered in your Zope instance. This can be done by putting a plone.app.ldap-configure.zcml file in the etc/pakage-includes directory with this content:
<include package="plone.app.ldap" />
or, alternatively, you can add that line to the configure.zcml in a package or Product that is already registered.
Installing with buildout
If you are using buildout to manage your instance installing plone.app.ldap is even simpler. You can install it by adding it to the eggs line for your instance:
[instance] eggs = plone.app.ldap zcml = plone.app.ldap
The last line tells buildout to generate a zcml snippet that tells Zope to configure plone.app.ldap.
Installing the development version
To specify the current development version you may use:
eggs = plone.app.ldap==dev
- Add Plone 4.3 compatibility, and break compatibility with Plone 4.0 and Plone 3, by not importing from zope.app anymore. [maurits]
- Fix the exporter as GS 1.7 and higher now explicitly only understands strings. Still works for older GS too. [sneridagh]
- Added a z3c.autoinclude entry point to mark this as a Plone add-on. [WouterVH]
- Add Plone 4.1 compatibility when importing IVocabularyFactory. [fvandijk]
- Include Products.CMFCore for Plone 4.1 compatibility. [WouterVH]
- Added import-support for activated interfaces, user_default_roles and password_encryption [awello]
- Update imports for zope.formlib bump in Plone 4.1 [eleddy]
- Update GS import to support plugin id, and update parameter [eleddy]
- Update GS import to read interfaces config for AD plugins, apply cache parameter [eleddy]
- Fix bug where generic setup exports were exporting boolean values as type int. [kteague]
- Fix bug where generic setup imports weren't choosing names correctly. [kteague]
- Fix: Login Name, User ID and RDN attributes were not set correctly on creation. [elro]
- LDAPProperty fields can now be marked as a Binary property. [kteague]
- Ability to import/export an LDAP configuration using generic setup. This feature is the same as the one provided by collective.genericsetup.ldap and exports made with that product can be imported into plone.app.ldap. During import all existing servers, general settings and schema will be overwritten from config file - but no interfaces or cache settings are changed. [kteague]
- Removed locales directory. You can translate this package in the plone.app.locales package now. [vincentfretin]
- Cleaned templates to work with cmf.pt [pilz]
- Fallback to Plone 3 compatible imports. Fix display of cache tab in Plone 3. [kteague]
- Added a tab for display and modifying the cache settings. [kteague]
- Send out notification events for all object additions/modifications/removals so that configuration always gets propogated to the LDAPUserFolder object. [kteague]
- Changed the base class for LDAPConfiguration so that it gets properly rooted in the site (otherwise LDAPConfiguration.__parent__ goes into an infinite loop, pointing to a fresh PersistenComponents instance who's parent is in turn LDAPConfiguration). [kteague]
- Updated the HTML to wrap all control panel forms in a form tag so that tabs are properly displayed in Plone 4. [kteague]
- Fixed i18n domain changes from Vincent. The message factory was defined in the wrong __init__.py. [hannosch]
- Changed i18n domain from plone to plone.app.ldap. Registered locales directory. [vincentfretin]
- Fix ldap schema config for Active Directory [elro]
simplon.plone.ldap - 1.0
- Initial package structure. [zopeskel]