Ask Question
« General Questions on Nuxeo

Ldap description group

Hello, in nuxeo, my group come from my ldap. They are ok , but I don't know how to get the description of my ldap group; I have the “groupname” ok but not “description” () my file default-ldap-users-directory-config.xml :

<extension target=“org.nuxeo.ecm.directory.multi.MultiDirectoryFactory”

point="directories">
<directory name="userDirectory">

  <!-- definition des sources de donnees pour les utilisateurs -->
  <!-- schema utilise -->
  <schema>user</schema>

  <!-- attributs correspondant (dans le schema nuxeo) à l'identifiant et au mot de passe -->
  <idField>username</idField>
  <readOnly>false</readOnly>
  <passwordField>password</passwordField>

  <!-- déclaration de la source ldap, definie plus bas -->
  <source name="ldapUserDirectory">
    <subDirectory name="ldapUserDirectory"/>
  </source>

  <!-- declaration de la source locale que nous allons definir dans un autre point d'extension -->
  <source name="sqlUserDirectory" creation="true">
    <subDirectory name="sqlUserDirectory"/>
  </source>
</directory>

<extension target=“org.nuxeo.ecm.directory.multi.MultiDirectoryFactory”

point="directories">
<directory name="groupDirectory">
  <!-- definition des sources de donnees pour les groupes -->

  <!-- schema utilise -->
  <schema>group</schema>

   <!-- attribut correspondant à l'identifiant du groupe (dans schema nuxeo) -->
  <idField>groupname</idField>
  <idField>description</idField>
  <readOnly>false</readOnly>

  <!-- declaration de la source ldap pour les groupes, definie plus bas -->
  <source name="ldapGroupDirectory">

    <subDirectory name="ldapGroupDirectory"/>
  </source>

  <!-- declaration de la source locale definie dans un autre fichier -->
  <source name="sqlGroupDirectory" creation="true">
    <subDirectory name="sqlGroupDirectory"/>
  </source>
</directory>

<extension target=“org.nuxeo.ecm.directory.ldap.LDAPDirectoryFactory”

point="servers">

 <!-- definition de la connexion ldap au serveur ldap-->
<server name="default">
  <ldapUrl>***</ldapUrl>
  <bindDn></bindDn>
  <bindPassword></bindPassword>
</server>

<extension target=“org.nuxeo.ecm.directory.ldap.LDAPDirectoryFactory”

point="directories">

<!--definition de l'annuaire comme source de donnees utilisateur -->
<directory name="ldapUserDirectory">

  <!-- utilise la connexion qu'on vient de définir juste avant -->
  <server>default</server>
  <schema>user</schema>
  <idField>username</idField>
  <passwordField>password</passwordField>
  <searchBaseDn>ou=people,dc=isae,dc=fr</searchBaseDn>

   <searchFilter>(&amp;(objectClass=supannPerson)(eduPersonPrimaryAffiliation=employee))</searchFilter>
  <searchScope>onelevel</searchScope>
  <readOnly>true</readOnly>
  <cacheTimeout>3600</cacheTimeout>
  <cacheMaxSize>1000</cacheMaxSize>
  <querySizeLimit>0</querySizeLimit>
  <creationBaseDn>ou=people,dc=isae,dc=fr</creationBaseDn>
  <creationClass>top</creationClass>
  <creationClass>supannPerson</creationClass>
  <creationClass>eduPerson</creationClass>
  <creationClass>inetOrgPerson</creationClass>
  <rdnAttribute>uid</rdnAttribute>

  <!-- mapping d'attributs, doit être en cohérence avec ce qui est stipulé dans le fichier esup-login-config.xml
       Dans notre exemple, on utilisait l'uid pour notre idp local, on fait donc un mapping avec l'uid) -->
  <fieldMapping name="username">uid</fieldMapping>
  <fieldMapping name="firstName">givenName</fieldMapping>
  <fieldMapping name="lastName">sn</fieldMapping>
  <fieldMapping name="company">cn</fieldMapping>
  <fieldMapping name="email">mail</fieldMapping>
  <references>
    <inverseReference field="groups" directory="groupDirectory"
      dualReferenceField="members" />
  </references>
</directory>

<extension target=“org.nuxeo.ecm.directory.ldap.LDAPDirectoryFactory”

point="directories">

<!-- on definit maintenant l'annuaire comme source de donnees -->
<directory name="ldapGroupDirectory">

 <!-- connexion utilisee -->
  <server>default</server>

  <!-- schema utilise -->
  <schema>group</schema>

 <!--attribut correspondant à l'identifiant (dans schema nuxeo) -->
  <idField>groupname</idField>
  <idField>description</idField>
  <searchBaseDn>ou=Group,dc=isae,dc=fr</searchBaseDn>
  <searchFilter>(&amp;(objectclass=posixGroup)(|(cn=si)(cn=doc)(cn=qse)))</searchFilter>
  <searchScope>subtree</searchScope>
  <cacheTimeout>3600</cacheTimeout>
  <cacheMaxSize>1000</cacheMaxSize>
  <querySizeLimit>10000</querySizeLimit>
  <creationBaseDn>ou=Group,dc=isae,dc=fr</creationBaseDn>
  <creationClass>top</creationClass>
  <creationClass>groupOfUniqueNames</creationClass>
  <rdnAttribute>cn</rdnAttribute>

  <!-- Mapping entre attributs du schema nuxeo et attributs de l'annuaire -->
  <fieldMapping name="groupname">cn</fieldMapping>
  <fieldMapping name="description">description</fieldMapping>
  <references>
    <ldapReference field="members" directory="ldapUserDirectory"
      forceDnConsistencyCheck="false"
      staticAttributeId="uniqueMember"
      dynamicAttributeId="memberURL" />
    <ldapReference field="subGroups" directory="ldapGroupDirectory"
      forceDnConsistencyCheck="false"
      staticAttributeId="uniqueMember"
      dynamicAttributeId="memberURL" />
    <inverseReference field="parentGroups"
      directory="groupDirectory" dualReferenceField="subGroups" />
  </references>
</directory>

Have you any idea of my problem ?

vjoussot
Member (2.5K)   2   5   4 		06/12/2013 ( History)
0 votes
1 answers
2702 views
ANSWER
ANSWERS

I have the solution :

vjoussot
Member (2.5K)   2   5   4 		06/12/2013 ( History)
-1 votes
Follow
Tags
Linked Questions
Related Questions
Unable to create users or Groups in Nuxeo when connected to Active Directory
LDAP : impossible de voir les groupes
Connection with multidirectory
Nuxeo LDAP groups not loading
LDAP : users et groupes
configure the connexion to the LDAP to get the group
Active Directory connection only login new users and not old ones
Nuxeo 7.10 ldap authentication
creating groups fails with gidNumber: value #0 invalid per syntax