[Zope] Manager DN Specification

Krishna ksridhar@zeomega.com
Wed, 26 Feb 2003 15:22:21 +0530


Thanks for your help !! ...  With the information you gave me I could 
authenticate / add and delete users.

Below is the complete list of LDAP ACLs I have currently active.


**************************************************
  defaultaccess read
  access to dn="ou=People,dc=mysite,dc=com"
          by dn="uid=zeo,ou=People,dc=mysite,dc=com" write
          by * read
  access to dn="ou=zope-grps,dc=mysite,dc=com"
          by dn="uid=zeo,ou=People,dc=mysite,dc=com" write
          by * read
  access to filter="objectclass=cdObject"
          by dn="uid=zeo,ou=People,dc=mysite,dc=com" write
          by * read
  access to attr=userpassword
          by self write
          by * read
  access to *
          by * read
*********************************************************

I also provided the Manager Dn in the LDAP user folder as...
cn=Manager,dc=mysite,dc=com


Now with all these settings i can successfully add / modify / delete / 
authenticate the relevant users.

But what I need to know is .....do we need the Manager DN/passwd  within 
the LDAP user folder??... In fact, the manager should only be used for 
server administrative  tasks,  we use it to get system account 
information into the LDAP directory.

I need to know if there is a way for me to achieve the same WITHOUT 
specifying the Manager DN within the LDAPUserFolder !!!! .... would be 
helpful if I get some guidance :-) ...!!!!

Thanks once again,

Kris :-)