http://www.kbpublisher.com/forums/ Forum Topic: KBPublisher and Microsoft AD working closer en Tue, 06 Jan 2009 14:03:20 +0000 http://www.kbpublisher.com/forums/topic/kpblusher-and-microsoft-ad-working-closer#post-104 Fri, 18 Apr 2008 18:36:10 +0000 onesign 104@http://www.kbpublisher.com/forums/ <p>It is possible.<br /> You have to create all required roles and privileges in KBPublisher.</p> <p>When remote user authenticates you need to know his/her privilege and role<br /> and associate it with privilege and role defined in KBPublisher.</p> <p>Quick example:</p> <pre> function remoteDoAuth($username, $password) { // LDAP routine, return user data if authenticated $user = getLdapUser($username, $password); // if found if($user) { // assign a priv to user (optional) // here we should associate LDAP priv with KBPublisher priv if($user['ldap_priv']) { $user['priv_id'] = 3; // 3 is id for KBPublisher priv } // assign a role to user (optional) // here we should associate LDAP role with KBPublisher role if($user['ldap_priv']) { $user['role_id'] = 1; // 1 is id for KBPublisher role } } return $user; } </pre> http://www.kbpublisher.com/forums/topic/kpblusher-and-microsoft-ad-working-closer#post-102 Thu, 17 Apr 2008 23:43:27 +0000 gwoodslatrobeeduau 102@http://www.kbpublisher.com/forums/ <p>Would it be possible for Roles to be created in KBPUblisher that were actually the names of AD groups and when a user authenticates into KBPublisher, KBpublisher checks which group they belong. ie we have Ad groups created with names such as KBPublisher-Staff, KBPublisher-Students etc.</p> <p>It would also be great if the same could be done with Privileges. ie we have Ad groups created with names such as KBPublisher-Admin, KBPublisher-Moderator etc. </p>