Dear Gentlemen,
I've searched through Zenoss's forums as well as Zope and Plone forums regarding this problem (but didn't find any answer :().
I'm using Zenoss 2.3.3 with LDAPUserFolder and it works fine for authentication but the "LDAP group to Zope role mappings" simply doesn't work :evil:.
When the user authenticates, it's possible to see in "Cache" that it correctly belongs to Anonymous and ZenManager roles, but the user simply can't see/ do a thing in the UI. :cry:
Under "acl_users -> Default User Roles" it's possible to set i.e. "ZenUser" but then every user will belong to the ZenUser role even if the user is associated with the "ZenManager" group in LDAP/AD and mapped to ZenManager role.
I know that it's possible to create the user in Zenoss (userManager) and assign the roles there, but then, what would be the point in having LDAP/AD group -> role mappings? :roll:
Several other people in this (and other) forum also had the same problem. It seems that it worked before (with Plone at least) but it's not working anymore.
Does anyone knows why is this happening and whether we can do some workaround/ fix? Maybe using another plugin (other than LDAPUserFolder)?
This is very important. I appreciate your help, thanks! :wink:
Sincerely,
Guilherme
I've searched through Zenoss's forums as well as Zope and Plone forums regarding this problem (but didn't find any answer :().
I'm using Zenoss 2.3.3 with LDAPUserFolder and it works fine for authentication but the "LDAP group to Zope role mappings" simply doesn't work :evil:.
When the user authenticates, it's possible to see in "Cache" that it correctly belongs to Anonymous and ZenManager roles, but the user simply can't see/ do a thing in the UI. :cry:
Under "acl_users -> Default User Roles" it's possible to set i.e. "ZenUser" but then every user will belong to the ZenUser role even if the user is associated with the "ZenManager" group in LDAP/AD and mapped to ZenManager role.
I know that it's possible to create the user in Zenoss (userManager) and assign the roles there, but then, what would be the point in having LDAP/AD group -> role mappings? :roll:
Several other people in this (and other) forum also had the same problem. It seems that it worked before (with Plone at least) but it's not working anymore.
Does anyone knows why is this happening and whether we can do some workaround/ fix? Maybe using another plugin (other than LDAPUserFolder)?
This is very important. I appreciate your help, thanks! :wink:
Sincerely,
Guilherme