This wiki does not contain official documentation and is currently deprecated and read only. Please try reading the documentation on the Liferay Developer Network, the new site dedicated to Liferay documentation. DISCOVER Build your web site, collaborate with your colleagues, manage your content, and more. DEVELOP Build applications that run inside Liferay, extend the features provided out of the box with Liferay's APIs. DISTRIBUTE Let the world know about your app by publishing it in Liferay's marketplace. PARTICIPATE Become a part of Liferay's community, meet other Liferay users, and get involved in the open source project.

Wiki

« 返回到 LDAP

LDAP with OpenDS

详细信息 打印
标签: ldap opends opendj

You can see the configurations in following pictures. 

 

0 附件
33868 查看
平均 (0 票)
满分为 5,平均得分为 0.0。
评论
讨论主题回复 作者 日期
whole the appreciation goes to Tom Yeo. Chris Shayan 2009年12月11日 上午2:34
Hi Chris, Can you add some more details about... Jorge Ferrer 2009年12月11日 上午9:53
Hey about mentionidng the name you're right,... Chris Shayan 2009年12月12日 上午10:31
Also, since I spent some time to find out:... Bruno Vernay 2010年10月22日 上午5:09

Chris Shayan
whole the appreciation goes to Tom Yeo.
在 09-12-11 上午2:34 发帖。
Jorge Ferrer
Hi Chris,

Can you add some more details about the configuration?

Also, please avoid mentioning names in the wiki article text, since that discourages further collaboration by other community members.
在 09-12-11 上午9:53 发帖。
Chris Shayan
Hey
about mentionidng the name you're right, but in the comments i should mention the Tom Yeo's name just to take care about his credit as well. Thx for notice.

What kind of detail configuration you want to know?
在 09-12-12 上午10:31 发帖以回复 Jorge Ferrer
Bruno Vernay
Also, since I spent some time to find out: "isMemberOf" is an "Operational" attribute.

It means that it is calculated from the Group's "member" (or "uniqueMember") attribute, which by opposition is a "User defined" attribute.

Why it is important ? Because "Operational" attribute does not behave like "User defined" attribute. For example, if you define an ACL to authorize read access to all attribute, you may write:
aciemoticontarget = "ldap:///ou=people,dc=ZZtop,dc=com")
(targetattr="*")
(version 3.0; acl "Read all user defined attributes";
allow (read) userdn="ldap:///uid=LifBind,ou=systemAccount,dc=ZZtop,dc=com";)

But if you want to be able to read the "operational" attribute "isMemberOf", you will have to be specific: (targetattr="*||isMemberOf")

Hope that it will avoid others to loose some hours.
By the way check out OpenDJ: http://forgerock.com/opendj.html
在 10-10-22 上午5:09 发帖。