Products.PloneLDAP is a Plone product intended to make it easier to use LDAP connections in a Plone website. It builds upon the excellent LDAPMultiPlugins_ and "LDAPUserFolder_ products which provide the basic LDAP infrastructure.
The extra functionality provided by this product require features beyond that are not part of the standard Pluggable Authentication Service, which is why they are not included in LDAPMultiPlugins.
PloneLDAP integrates LDAP fully into your Plone site:
* users in an LDAP database can be used as normal users in Plone. You can search for them, assign roles to them, create them and remove them.
* groups in an LDAP database can be used as normal groups in Plone. You can view them, manage group members, create new groups and remove them. LDAP groups can only have LDAP users as members. LDAP users can be group members of non-LDAP groups.
* member properties for LDAP users need not be stored completely in the LDAP database: you can mix LDAP and ZODB-stored properties.
Please note that if you are using Active Directory all access is read-only.
· Plone CMS
What's New in This Release: [ read full changelog ]
· Only the LDAP plugin implements IGroupManagement, not the ActiveDirectory plugin. This is for adding, removing and editing groups.
· Code moved to https://github.com/collective/Products.PloneLDAP
· Let only the LDAP multi plugin implement the IGroupCapability interface (add a user to a group or remove a user from a group). Previously the AD multi plugin claimed to implement this too, but it lacked the required methods, so this could lead to tracebacks. We could instead add those methods via the mixin class, but but this gave other tracebacks (in removePrincipalFromGroup) when I tried it in one AD setup.
· Fix setProperties to split value into lines if lines property receives a string instead of an iterable.
· When creating an Active Directory plugin configure LDAPUserFolder to ignore disabled or non-user accounts. This requires Products.LDAPUserFolder 2.11 or later.