Please read the README.txt before reading this.

At the end of this doc there is a How-To for storing field email address of a 
CMFMember subclass in LDAP 

CMFMember supports LDAP as storage through LDAPUserFolder. The implementation
made with AT StorageLayer and is configurable at runtime. 

REQUIRMENTS

  * GRUF 3.x
  
  * Plone compatible with GRUF 3.x 
    Plone 2.0.5 seams to work well but check (for branch) in SVN 
  
  * LDAPUserFolder
  
  * Running LDAPserver
    Only verified against an OpenLDAP.  
    
  * Python ldap
  
INSTALLATION
  
  New Plone site
  
    When creating fresh Plone site you can use customization policy CMFMember+LDAP to 
    install CMFMember and LDAPUserFolder in GRUF.
    
    The customization policy looks for a file called ldap_config.py in the CMFMember 
    directory and if it exists it uses it to configure LDAPUserFolder. The content of
    the file should look like this:
    
    
		settings = { 'title'  : 'LDAP User Folder'
		           , 'server' : 'localhost:389'
		           , 'login_attr' : 'cn'
		           , 'uid_attr': 'cn'
		           , 'users_base' : 'ou=people,dc=dataflake,dc=org'
		           , 'users_scope' : 2
		           , 'roles' : 'Anonymous'
		           , 'groups_base' : 'ou=groups,dc=dataflake,dc=org'
		           , 'groups_scope' : 2
		           , 'binduid' : 'cn=Manager,dc=dataflake,dc=org'
		           , 'bindpwd' : 'mypass'
		           , 'binduid_usage' : 1
		           , 'rdn_attr' : 'cn'
		           , 'local_groups' : 0
		           , 'use_ssl' : 0
		           , 'encryption' : 'SHA'
		           , 'read_only' : 0
		           }
  
    If you don't have a ldap_config.py you need to configure your LDAPUserFolder 
    before doing anything else. See README/INSTALLATION notice in LDAPUserFolder 
    for more information.
  
  Old Plone site
  
    Install CMFMember.
    
    Migrate
  
  
  Usage with ATSE
    
    1 Go to the portal_memberdata (Member profiles) and click the schema editor tab.
    2 Choose a member type, schema and then field to edit. 
    3 Choose storage LDAPUserFolder.
    4 Enter the LDAP field id, example mail for the email field. If you don't enter 
      a value, the field name is used.
    5 Enter User source, look in GRUF if you have more sources, otherwise default is 
      Users.
      
      
******************************************************************
How-To: Storing field email address of a CMFMember subclass in LDAP
        A HOWTO by Thomas Wenger
******************************************************************

The following is a short How-To, that describes how to
get the email field of your CMFMember subtype stored in
LDAP instead of ZODB. Other fields are handled the same
way.

***********************
A. LDAPUserFolder Setup
***********************

1. Go to acl_users and add a new LDAPUserFolder

2. Do the configuration of the new LDAPUserFolder:
   - Users Base DN (ou=people,dc=example,dc=com)
   - Group storage (Groups not stored on LDAP Server)
   - Manager DN (cn=admin,dc=example,dc=com)
   - Password (your admin Password)
   - Manager DN Usage (always)
   - Default Roles (Member)
   - Server (localhost:389)

3. In LDAP Schema configure the mapping:
   name -> email (means name on LDAP side, email on Plone side)

4. In acl_users move the new LDAPUserFolder in front of the standard User Folder

5. Test if new users are created in LDAP via Users Tab of GRUF and LDAP User
Folder


************************************************
B. Change the store of the email field in schema
************************************************

1. In the CMFMember subclass instantiate a LDAPUserFolderStorage object
   with all field mappings:

      myLDUFStorage = LDAPUserFolderStorage( mappings={'email' : 'mail' } )

2. Add a storage line in the schema to your email field definition:

      storage = myLDUFStorage,  

3. Set the follwoing attributes in your subclass, so that LDAPStorage
   gets in in use:

      externalStorage = True
      externalStorages = [ myLDUFStorage ]


*************************************************************
Now the field email should be stored in LDAP.
*************************************************************