[Archivesspace_Users_Group] LDAP with migration

Chris Fitzpatrick Chris.Fitzpatrick at lyrasis.org
Mon Jun 23 13:17:33 EDT 2014


Hi Ben,


Yeah, I think what you're seeing is generally the expected behavior, but it's not really handled very well in the UI. When a user authenticates, I think the user account should be made, but an administrator will need to grant them access to specific repositories.

However, I agree there should be a way for admins to create user account in the manage. I made this feature request https://www.pivotaltracker.com/story/show/73730396


That manage groups issue is definatly a bug. I am wondering if we should have the user account made when you add a user to a group ( since the assumption is if you're adding them to a group, you want the account made in ASpace ). Does that sound right?


I've also added a feature request to map LDAP groups to ASpace groups here => https://www.pivotaltracker.com/story/show/73730396


best,chris.




Chris Fitzpatrick | Developer, ArchivesSpace
Skype: chrisfitzpat  | Phone: 918.236.6048
http://archivesspace.org/
________________________________
From: archivesspace_users_group-bounces at lyralists.lyrasis.org <archivesspace_users_group-bounces at lyralists.lyrasis.org> on behalf of Ben Goldman <bmg17 at psu.edu>
Sent: Friday, June 20, 2014 5:45 PM
To: Archivesspace Users Group
Subject: Re: [Archivesspace_Users_Group] LDAP with migration

Hello everyone,

Some additional questions/commentary regarding LDAP in ASpace:

  *   It appears there are only two ways to get LDAP accounts added to the users table in ASpace: 1) to have each individual user login to ASpace using their LDAP login and password, which throws the "no repository access" error but does create the user, which allows the Administrator to then add the account to a group, or 2) write LDAP accounts directly to the user table via SQL statement. I don't see any way to add an LDAP user from the Manage Users screen. Is this an accurate reading?
  *   It does, however, appear that from the Manage Groups screen in ASpace, if I type the first couple letters of an LDAP username, it will show all the qualifying usernames and even allow me to add one, but when I click save, it throws an error: "Members - translation missing: en.validation_errors.user_[username]_does_not_exist" presumably because the user does not yet exist in the users table. It would be great if adding a user here also resulting in adding that account to local ASpace instance.
  *   It might be useful to be able to assign LDAP groups to ASpace groups. I didn't see this that this was possible, but I may have missed something.

Thanks,
Ben


Ben Goldman
Digital Records Archivist
Penn State University Libraries
University Park, PA
814-863-8333
http://www.libraries.psu.edu/psul/speccolls.html


________________________________
From: "Patrick Galligan" <PGalligan at rockarch.org>
To: "archivesspace users group" <archivesspace_users_group at lyralists.lyrasis.org>
Sent: Tuesday, June 17, 2014 9:27:57 AM
Subject: [Archivesspace_Users_Group] LDAP with migration

Hi,

Has anyone been working with LDAP and the migration tools? We were wondering if migrating the users from AT and their old passwords causes any issues with LDAP authentication that we should know about.

Let me know if you've used LDAP along with user migration, and whether  there are any possible traps we should watch out for.

Patrick Galligan
Rockefeller Archive Center
Assistant Digital Archivist
914-366-6386


_______________________________________________
Archivesspace_Users_Group mailing list
Archivesspace_Users_Group at lyralists.lyrasis.org
http://lyralists.lyrasis.org/mailman/listinfo/archivesspace_users_group

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lyralists.lyrasis.org/pipermail/archivesspace_users_group/attachments/20140623/998e7a93/attachment.html>


More information about the Archivesspace_Users_Group mailing list