Backend user permission to LDAP users

autjoe · 2016-09-12 00:42:01 UTC

Hi,
Currently, we have LDAP (Simple Edit User) linked to our user groups. When a backend user try to find the details of the LDAP users in the user group, it displays as restricted asset. How do we allow a backend user to view the LDAP users deatils in users folder?
Thanks.

Douglas · 2016-09-12 03:22:19 UTC

What we’ve done in the past using a nested asset listing is to assign read permissions on the groups for a site for a group containing the admins for a site.

They’ve then been able to see the LDAP user details e.g. username (bridge assetid:LDAP DN) for the LDAP users linked in to the groups for the site.

autjoe · 2016-09-12 04:56:52 UTC

Thanks Douglas.
However, we would like to allow the backend user to assign LDAP user to a metadata field if possible.

Douglas · 2016-09-12 23:35:28 UTC

If the users are using _admin, you could try linking the user groups in to a site that the users have access to - we 've used a type 2 link from an ‘admin’ asset for it so it’s hidden via obscurity and with permissions locked down the developer / admins / updaters.

Our bridge also has some permissions set to allow various groups read, but I’m not 100% sure that’s needed or not.