Fortress and Active Directory
|
View:
New views
8 Messages
—
Rating Filter:
Alert me
|
 |
Fortress and Active Directory
by Chris Roth-2
::
Rate this Message:
I have some big projects comming down and I'd like to leverage some of the new fortress functionality, but I have to have both FCUD AND Active Directory options. Has anyone put in place AD with Fortress? --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "farcry-beta" group. To post to this group, send email to farcry-beta@... To unsubscribe from this group, send email to farcry-beta-unsubscribe@... For more options, visit this group at http://groups.google.com/group/farcry-beta?hl=en -~----------~----~----~----~------~----~------~--~--- |
|
|
Re: Fortress and Active Directory
by Chris Roth-2
::
Rate this Message:
Hmm. I am really confused I guess. I installed the farcryldap plugin and I can see the configuration. I am not sure how I can test if its connecting correctly. Also when I try to view/edit anything in: security - manage security - roles (I get an empty structure) how do i test if I am connecting to my AD domain? how do I map my AD groups to FC roles? --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "farcry-beta" group. To post to this group, send email to farcry-beta@... To unsubscribe from this group, send email to farcry-beta-unsubscribe@... For more options, visit this group at http://groups.google.com/group/farcry-beta?hl=en -~----------~----~----~----~------~----~------~--~--- |
|
|
Re: Fortress and Active Directory
by Matthew Bryant-3
::
Rate this Message:
I am sure Blair will chime in on this one Chris. He may not be available till monday however. Kind regards -- -- Matthew Bryant Product Development Manager Daemon Internet Consultants Adobe Solutions Partner http://www.daemon.com.au/ p. 02 9380 4162 f. 02 9380 4204 On 12/04/2008, at 8:23 AM, Chris Roth wrote: > > Hmm. I am really confused I guess. > > I installed the farcryldap plugin and I can see the configuration. > > I am not sure how I can test if its connecting correctly. > > Also when I try to view/edit anything in: > > security - manage security - roles (I get an empty structure) > > how do i test if I am connecting to my AD domain? > > how do I map my AD groups to FC roles? > > > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "farcry-beta" group. To post to this group, send email to farcry-beta@... To unsubscribe from this group, send email to farcry-beta-unsubscribe@... For more options, visit this group at http://groups.google.com/group/farcry-beta?hl=en -~----------~----~----~----~------~----~------~--~--- |
|
|
Re: Fortress and Active Directory
by Blair McKenzie-2
::
Rate this Message:
Probably the first thing you can do to test is to set the basic server attributes (i.e. server host, username, password), then set the group id attribute and group filter settings. The group id is the ldap attribute that uniquely identifies the group within the server and in FarCry. The all-group-filter is the ldap filter that will fetch every group from the server.
With those set up, you should be able to select those groups in a role. I'm not sure what you mean by "empty structure"? Blair On Sat, Apr 12, 2008 at 8:23 AM, Chris Roth <chris.roth@...> wrote:
--~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "farcry-beta" group. To post to this group, send email to farcry-beta@... To unsubscribe from this group, send email to farcry-beta-unsubscribe@... For more options, visit this group at http://groups.google.com/group/farcry-beta?hl=en -~----------~----~----~----~------~----~------~--~--- |
|
|
Re: Fortress and Active Directory
by Chris Roth-2
::
Rate this Message:
Blair, Thanks, I am getting closer, but my groups stuff is not working. When I go to webtop/security/manage security/roles when i try to "edit" a role, I get an empy screen with a small "aguments-struct" box. On Apr 13, 5:49 pm, "Blair McKenzie" <shi...@...> wrote: > Probably the first thing you can do to test is to set the basic server > attributes (i.e. server host, username, password), then set the group id > attribute and group filter settings. The group id is the ldap attribute that > uniquely identifies the group within the server and in FarCry. The > all-group-filter is the ldap filter that will fetch every group from the > server. > > With those set up, you should be able to select those groups in a role. > > I'm not sure what you mean by "empty structure"? > > Blair > > > > On Sat, Apr 12, 2008 at 8:23 AM, Chris Roth <chris.r...@...> wrote: > > > Hmm. I am really confused I guess. > > > I installed the farcryldap plugin and I can see the configuration. > > > I am not sure how I can test if its connecting correctly. > > > Also when I try to view/edit anything in: > > > security - manage security - roles (I get an empty structure) > > > how do i test if I am connecting to my AD domain? > > > how do I map my AD groups to FC roles?- Hide quoted text - > > - Show quoted text - You received this message because you are subscribed to the Google Groups "farcry-beta" group. To post to this group, send email to farcry-beta@... To unsubscribe from this group, send email to farcry-beta-unsubscribe@... For more options, visit this group at http://groups.google.com/group/farcry-beta?hl=en -~----------~----~----~----~------~----~------~--~--- |
|
|
Re: Fortress and Active Directory
by Chris Roth-2
::
Rate this Message:
hmm. when I "view" a role an exception is thrown: 11:24:49.049 - Application Exception - in E:\InetPub\farcry\core\tags \navajo\display.cfm : line 198 For the default view of an object, create a displayPageStandard webskin. My connection to AD seems to be ok. based on the settings below, I can "login" to farcry but I get the arguments - struct output with nothing else (this makes sens since my group/role can not be determined. Here's what I have (slightly modified since I am posintg this publically) LDAP Configuration Server Host : myadcontroller.mydomain.com Username : Password : Users User start DN : dc=mydomain,dc=com User DN : {userid}@... profileProp=LDAPattr list : firstName=givenName,lastName=sn Override profile values : yes Groups Group start : dc=mydomain,dc=com,o=ADFolder4Site,o=ADFolder4 SecurityGroups,o=ADFolder4 SecurityGroups4Web Group filter : **** Not sure what to put here... inside ADFolder4 SecurityGroups4Web folder I have website1Users,website1Contributors,website1Publishers,website1Admins website2Users,website2Contributors,website2Publishers,website2Admins with the appropriate "active directory" users assigned. All groups filter : objectClass=groupOfNames Group ID attribute : cn Any help appreciated. On Apr 13, 5:49 pm, "Blair McKenzie" <shi...@...> wrote: > Probably the first thing you can do to test is to set the basic server > attributes (i.e. server host, username, password), then set the group id > attribute and group filter settings. The group id is the ldap attribute that > uniquely identifies the group within the server and in FarCry. The > all-group-filter is the ldap filter that will fetch every group from the > server. > > With those set up, you should be able to select those groups in a role. > > I'm not sure what you mean by "empty structure"? > > Blair > > > > On Sat, Apr 12, 2008 at 8:23 AM, Chris Roth <chris.r...@...> wrote: > > > Hmm. I am really confused I guess. > > > I installed the farcryldap plugin and I can see the configuration. > > > I am not sure how I can test if its connecting correctly. > > > Also when I try to view/edit anything in: > > > security - manage security - roles (I get an empty structure) > > > how do i test if I am connecting to my AD domain? > > > how do I map my AD groups to FC roles?- Hide quoted text - > > - Show quoted text - You received this message because you are subscribed to the Google Groups "farcry-beta" group. To post to this group, send email to farcry-beta@... To unsubscribe from this group, send email to farcry-beta-unsubscribe@... For more options, visit this group at http://groups.google.com/group/farcry-beta?hl=en -~----------~----~----~----~------~----~------~--~--- |
|
|
Re: Fortress and Active Directory
by Blair McKenzie-2
::
Rate this Message:
I half suspect the plugin needs to be updated to work with Active Directory. Unfortunately I don't have a setup so I can't test it properly. The arguments struct is how errors are displayed now. If you could expand it and send me the details I'd appreciate it. The "start" configs specify the DN (Distinguished Name) of the node which contains all users or all groups. In most LDAP directories you could just use the root DN. If you need to restrict the number of groups/users (e.g. because the directory is too large otherwise) you can use the start DNs to restrict the search. The user dn is used to retrieve a user by their ID. The authentication process uses a DN containing {userid} to attempt to match a username entered by a website user against the directory. The group filter is used to find groups that a user is a member of. Include {userid} in the LDAP filter as needed for the query. The All Group Filter should return all the groups that FarCry needs to support. Blair On Tue, Apr 15, 2008 at 4:45 AM, Chris Roth <chris.roth@...> wrote:
--~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "farcry-beta" group. To post to this group, send email to farcry-beta@... To unsubscribe from this group, send email to farcry-beta-unsubscribe@... For more options, visit this group at http://groups.google.com/group/farcry-beta?hl=en -~----------~----~----~----~------~----~------~--~--- |
|
|
Re: Fortress and Active Directory
by Chris Roth-2
::
Rate this Message:
Been a while so I thought I bump this up to see if anyone has had any success getting fortress integrated with AD. I seem to be able to authenticate, and get a list of groups, but for the life of me, I can not get the group filter working so that it returns the groups the user belongs to. I have 3 sites I want to move from 4.10 to Fortress but they hinge on AD integration. Anyone that uses AD in 4.x get it working with Fortress? --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "farcry-beta" group. To post to this group, send email to farcry-beta@... To unsubscribe from this group, send email to farcry-beta-unsubscribe@... For more options, visit this group at http://groups.google.com/group/farcry-beta?hl=en -~----------~----~----~----~------~----~------~--~--- |
| Free Forum Powered by Nabble | Forum Help |