<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"><HTML DIR=ltr><HEAD><META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1"></HEAD><BODY><DIV><FONT face='Arial' color=#000000 size=2>
<DIV><FONT face=Arial color=#000000 size=2>
<DIV><FONT face=Arial color=#000000 size=2>I have searched and posted in
plone-users and I can't find an answer to this question on using PAS and
ldap:</FONT></DIV>
<DIV><FONT face=Arial color=#000000 size=2>How do you add custom zope roles, and
then map them to ldap groups?<BR> <BR>I work in a university setting and
have the need for finer grained
role-control..<BR> <BR>Thanks!<BR>Andy<BR> <BR>Plone 2.5<BR>Zope
2.8.7<BR>python 2.3.5<BR>python-ldap<BR>ldapUserfolder 2.7
beta<BR>ldapMultiPlugins 1.2<BR>Fedora Core 4 server @ <A
href="/exchweb/bin/redir.asp?URL=http://thewell.mhc.edu"
target=_blank>http://thewell.mhc.edu</A> </FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV>
<DIV><FONT face=Arial color=#000000 size=2>
<DIV><FONT face=Arial size=2>background:</FONT></DIV>
<DIV><FONT face=Arial size=2>I have an acl_users folder (PAS) in my Plone site
and inside that, I have an LDAPMultiPlugin. Inside the plug-in is an
LDAPUserFolder. I feel that it is configured correctly because all
my domain un/pw's work,</FONT><FONT face=Arial size=2> and I can
search for users and list all my groups. </FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>I figured out that it is preferable to map my LDAP
groups to Zope roles by using the portal_role_manager, and it is working - as
long as I use the built-in Zope roles.</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>My requirement is to add custom roles within Zope
and map my LDAP roles to those. </FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>In the past I added custom roles from the security
tab at the root of my Plone site. This method does not seem to work anymore.
What is the preferred method of adding custom Zope roles and mapping them to
LDAP
groups?</FONT></DIV></FONT></DIV></DIV></FONT></DIV></FONT></DIV></BODY></HTML>