4 | | The plugin extends AD group membership into the trac namespace. This means you can specify permissions for different groups of authenticated individuals. |
| 4 | The plugin extends Directory group membership into the trac namespace. This means you can specify permissions for different groups of authenticated individuals. |
| 5 | |
| 6 | == Theory == |
| 7 | LDAP maintains groups by defining the objectClass, and usually contains member or memberUID as the identifier for each person in a group. When a request for a group, as defined in the permissions, is searched, the group is expanded to the members. It's then used to match. |
| 8 | |
| 9 | == Usage == |
| 10 | |
| 11 | 1. create the groups in the directory you'd like ( say cn=Staff,dc=home,dc=net ) |
| 12 | 2. add users to the groups |
| 13 | 3. goto Admin -> Permissions and create a group by adding permissions to the group name as defined below. Ao for example use Grant Permission with |
| 14 | Subject: @staff |
| 15 | Permission: WIKI_EDIT |
| 16 | |
| 17 | '''NOTE:''' groups will NOT show up per user until they're defined from the Permissions page. |
| 18 | == Validation == |
| 19 | To validate users, you'll need to login wiht perms to the TRAC_HOME directory .. and then use |
| 20 | {{{ |
| 21 | me@here > sudo trac-admin /var/trac/mytrac permission list {user} |
| 22 | }}} |