This wiki does not contain official documentation and is currently deprecated and read only. Please try reading the documentation on the Liferay Developer Network, the new site dedicated to Liferay documentation. DISCOVER Build your web site, collaborate with your colleagues, manage your content, and more. DEVELOP Build applications that run inside Liferay, extend the features provided out of the box with Liferay's APIs. DISTRIBUTE Let the world know about your app by publishing it in Liferay's marketplace. PARTICIPATE Become a part of Liferay's community, meet other Liferay users, and get involved in the open source project.

Wiki

« LDAP に戻る

LDAP with OpenDS

詳細 印刷
タグ: ldap opends opendj

You can see the configurations in following pictures. 

 

0 添付ファイル
33652 参照数
平均 (0 投票)
平均評価は0.0星中の5です。
コメント
コメント 作成者 日時
whole the appreciation goes to Tom Yeo. Chris Shayan 2009/12/11 2:34
Hi Chris, Can you add some more details about... Jorge Ferrer 2009/12/11 9:53
Hey about mentionidng the name you're right,... Chris Shayan 2009/12/12 10:31
Also, since I spent some time to find out:... Bruno Vernay 2010/10/22 5:09

Chris Shayan
whole the appreciation goes to Tom Yeo.
投稿日時:09/12/11 2:34
Jorge Ferrer
Hi Chris,

Can you add some more details about the configuration?

Also, please avoid mentioning names in the wiki article text, since that discourages further collaboration by other community members.
投稿日時:09/12/11 9:53
Chris Shayan
Hey
about mentionidng the name you're right, but in the comments i should mention the Tom Yeo's name just to take care about his credit as well. Thx for notice.

What kind of detail configuration you want to know?
Jorge Ferrerへのコメント。投稿日時:09/12/12 10:31
Bruno Vernay
Also, since I spent some time to find out: "isMemberOf" is an "Operational" attribute.

It means that it is calculated from the Group's "member" (or "uniqueMember") attribute, which by opposition is a "User defined" attribute.

Why it is important ? Because "Operational" attribute does not behave like "User defined" attribute. For example, if you define an ACL to authorize read access to all attribute, you may write:
aciemoticontarget = "ldap:///ou=people,dc=ZZtop,dc=com")
(targetattr="*")
(version 3.0; acl "Read all user defined attributes";
allow (read) userdn="ldap:///uid=LifBind,ou=systemAccount,dc=ZZtop,dc=com";)

But if you want to be able to read the "operational" attribute "isMemberOf", you will have to be specific: (targetattr="*||isMemberOf")

Hope that it will avoid others to loose some hours.
By the way check out OpenDJ: http://forgerock.com/opendj.html
投稿日時:10/10/22 5:09