[Zope] LDAPUserFolder Question

Meilicke, Scott scott.meilicke@intp.com
Thu, 22 Aug 2002 09:19:39 -0700


There are 8 groups associated.  From the web page after clicking on the user
entry:

LDAP Groups for cn=Scott.Meilicke,cn=Recipients,ou=North America 3,o=Crane 

Then a list of eight groups.

However, on the exchange server, there are only 8 non-hidden distributions
lists (groups), and this user only belongs to a few of them, but not all.
Yet the web page shows all the groups listed.  Also, none of the check boxes
next to any of the groups are checked - should the groups the user belongs
to be checked?  

Something that just came to mind - I'm using anonymous access to the LDAP
directory.  Would that affect user authentication?

Thanks for your continued help Jens.
 - Scott

-----Original Message-----
From: Jens Vagelpohl [mailto:jens@zope.com]
Sent: Wednesday, August 21, 2002 8:25 PM
To: Meilicke, Scott
Cc: 'zope@zope.org'
Subject: Re: [Zope] LDAPUserFolder Question


does that user record have any groups associated with it? search for it 
again and then click on it to get the detailed view. it seems that it does 
not have any group association, which makes that lookup fail during 
authentication.

jens


On Wednesday, August 21, 2002, at 10:32 , Meilicke, Scott wrote:

> (9) Aug 21 07:27:53: scott.meilicke not found (getUser)
>
> More info:
>
> When I do a search for meilicke against the cn within the users tab:
>
> cn=Scott.Meilicke,cn=Recipients,ou=North America 3,o=Crane
>
> I am using:
>
> cn=Recipients,ou=North America 3,o=Crane
>
> as the Users Base DN.
>
> When I change Login Name Attribute from cn to sn and try to login I get a
> traceback from zope, attached below.  No entry in the LDAPUserFolder log.
>
> Thanks for helping out.
>
> Traceback:
>
> Zope has encountered an error while publishing this resource.
>
> Error Type: INAPPROPRIATE_AUTH
> Error Value: {'desc': 'Inappropriate authentication'}
>
> Troubleshooting Suggestions
>
>     * The URL may be incorrect.
>     * The parameters passed to this resource may be incorrect.
>     * A resource that this resource relies on may be encountering an
error.
>
> For more detailed information about the error, please refer to the HTML
> source for this page.
>
> If the error persists please contact the site maintainer. Thank you for 
> your
> patience.
>
> Traceback (innermost last):
>   File D:\PROGRA~1\inside\lib\python\ZPublisher\Publish.py, line 223, in
> publish_module
>   File D:\PROGRA~1\inside\lib\python\ZPublisher\Publish.py, line 187, in
> publish
>   File D:\PROGRA~1\inside\lib\python\Zope\__init__.py, line 226, in
> zpublisher_exception_hook
>     (Object: portal_ldap)
>   File D:\PROGRA~1\inside\lib\python\ZPublisher\Publish.py, line 162, in
> publish
>   File D:\PROGRA~1\inside\lib\python\ZPublisher\BaseRequest.py, line 450,
>  in
> traverse
>   File
> D:\PROGRA~1\inside\lib\python\Products\LDAPUserFolder\LDAPUserFolder.py,
> line 614, in validate
>     (Object: acl_users)
>   File D:\PROGRA~1\inside\lib\python\AccessControl\User.py, line 616, in
> validate
>     (Object: acl_users)
>   File
> D:\PROGRA~1\inside\lib\python\Products\LDAPUserFolder\LDAPUserFolder.py,
> line 594, in authenticate
>     (Object: acl_users)
>   File
> D:\PROGRA~1\inside\lib\python\Products\LDAPUserFolder\LDAPUserFolder.py,
> line 505, in getUser
>     (Object: acl_users)
>   File
> D:\PROGRA~1\inside\lib\python\Products\LDAPUserFolder\LDAPUserFolder.py,
> line 262, in _lookupuser
>     (Object: acl_users)
>   File
> D:\PROGRA~1\inside\lib\python\Products\LDAPUserFolder\LDAPUserFolder.py,
> line 845, in _searchResults
>     (Object: acl_users)
> INAPPROPRIATE_AUTH: (see above)
>
>
> -----Original Message-----
> From: Jens Vagelpohl [mailto:jens@zope.com]
> Sent: Wednesday, August 21, 2002 4:57 AM
> To: Meilicke, Scott
> Cc: 'zope@zope.org'
> Subject: Re: [Zope] LDAPUserFolder Question
>
>
> could you provide the exact text of the log entry that says "First.Last
not
> found"? that enables me to check where in the code it failed.
>
> jens
>
>
> On Tuesday, August 20, 2002, at 07:07 , Meilicke, Scott wrote:
>
>> Hi - I am trying to authenticate against LDAPUserFolder 1.5.  I'm using 
>> a
>> MS
>> Exchange 5.5 directory (I know, I know...).  I can connect, and search
for
>> members based on both the cn and sn, but can't authenticate using CMF 1.
>> 1
>> and the CMFLDAP tools.   I'm trying to authenticate using the cn.  When 
>> I
>> do
>> a search, the cn shows as First.Last.  When I try to logon using
>> First.Last,
>> I get a logon failure, and the log set at debugging level(9) shows
>> First.Last not found.
>>
>> Any thoughts on being able to authenticate?
>>
>> Thanks - Scott
>>
> The information contained in this email message may be privileged and is
> confidential information intended only for the use of the recipient or any
> employee or agent responsible for delivering it to the intended recipient.
> Any unauthorized use, distribution or copying of this information is
> strictly prohibited and may be unlawful.  If you have received this
> communication in error, please notify the sender immediately and destroy 
> the
> original message and all attachments from your electronic files.
>
> _______________________________________________
> Zope maillist  -  Zope@zope.org
> http://lists.zope.org/mailman/listinfo/zope
> **   No cross posts or HTML encoding!  **
> (Related lists -
>  http://lists.zope.org/mailman/listinfo/zope-announce
>  http://lists.zope.org/mailman/listinfo/zope-dev )
The information contained in this email message may be privileged and is
confidential information intended only for the use of the recipient or any
employee or agent responsible for delivering it to the intended recipient.
Any unauthorized use, distribution or copying of this information is
strictly prohibited and may be unlawful.  If you have received this
communication in error, please notify the sender immediately and destroy the
original message and all attachments from your electronic files.