To enable the DMCC LDAP Directory Server on an instance of the EDRN portal (version 3.6 or earlier), do the following:

  1. Visit the portal with a browser and log in as a member of the Super User group.
  2. At the bottom, click "Site Setup".
  3. Under Plone Configuration, click "Zope Management Interface" (ZMI).
  4. In the ZMI, click acl_users.
  5. From the "Select type to add" menu, add a new Plone LDAP Plugin:
    Attribute Value to Use
    ID dmccldap
    Title DMCC OpenLDAP with custom shell-based backend
    LDAP Server[:port]
    Use SSL LDAP over SSL
    Login Name Attribute UID (uid)
    User ID Attribute UID (uid)
    RDN Attribute UID (uid)
    Users Base DN dc=edrn,dc=jpl,dc=nasa,dc=gov
    Users Scope ONELEVEL
    Group storage Groups not stored on LDAP server
    Groups Base DN (any value is fine)
    Groups Scope (any value is fine)
    Manager DN (leave blank)
    Password (leave blank)
    User password encryption SHA
    Default User Roles Member

    After filling in the above values, click the "Add" button.

  6. Click on the newly created dmccldap object.
  7. Click on its "Contents" tab.
  8. Click on the internal acl_users object.
  9. Update the User object classes to just inetOrgPerson, then click the "Apply Changes" button.
  10. Click the "LDAP Schema" tab and under "Add LDAP schema item", enter:
    Attribute Value to Use
    LDAP Attribute Name description (lower case)
    Friendly Name Description (capitalized)
    Multi-valued (unchecked)
    Binary (unchecked)
    Map to Name (optional) description (lower case)

    Then click the "Add" button.

  11. Click the "Caches" tab and change the Negative Cache size to 0 (zero), then click the "Change" button.
  12. In the breadcrumb path at the top, click on the leftmost acl_users.
  13. Click on the plugins object.
  14. On the list of plugin types, you will need to make the new dmccldap plugin active, and also make it have higher priority than the plain ldap plugin. The following plugin types need to be updated:
    • Authentication
    • Reset credentials
    • Properties
    • User_enumeration
    • User_management

    On each plugin's type page, click on dmccldap under the "Available Plugins" list and click the → to move it to the "Active Plugins" list. Then, repeatedly click on dmccldap in the "Active Plugins" list and click the ↑ to move it upward in the list, until it is immediately above ldap in the list.

That's it. Try it out by logging out and logging in with an EDRN Secure Site username & password.