1. Pleiades Single Sign On
    1. OpenLDAP
    2. Apache
    3. Plone
    4. Creating a New User
    5. Group Management
    6. Useful Info
      1. General notes on PlonePAS and LDAP:
      2. How the Plone project does it:

Pleiades Single Sign On

Consolidating authentication across the project's web infrastructure.

OpenLDAP

Pleiades stores all user and group information in a local LDAP directory. We're using OpenLDAP.

Apache

Plone

Creating a New User

For now, Pleiades has adopted a "closed" approach to user account creation; i.e., a Pleiades admin must manually create each user account. Plone does not ship this way. We disable through-the-plone member self-creation in a stock plone as outlined here: http://plone.org/documentation/how-to/closing-site

New users are added "through-the-plone", i.e., an administrative user logs into the Plone site, then selects Preferences or Site Setup. On either of the resulting pages, a portal will appear to the left with the heading Site Setup. One option therein is Users and Groups Administration. This link provides access to mechanisms for creating new users.

Group Management

Privileges in TRAC and SVN, as well as mappings to the basic ZopeRoles, are managed with groups in LDAP. See further: GroupAssignment.

Useful Info

General notes on PlonePAS and LDAP:

http://plone.org/documentation/manual/pas-reference-manual/developing-for-pas/referencemanual-all-pages http://plone.org/documentation/how-to/ldap-authentication-with-plone

How the Plone project does it:

http://plone.org/development/teams/infrastructure/docs/account-database