<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML xmlns="http://www.w3.org/TR/REC-html40" xmlns:o =
"urn:schemas-microsoft-com:office:office" xmlns:w =
"urn:schemas-microsoft-com:office:word"><HEAD>
<META http-equiv=Content-Type content="text/html; charset=us-ascii">
<META content="MSHTML 6.00.2900.2838" name=GENERATOR>
<STYLE>@font-face {
        font-family: Verdana;
}
@page Section1 {size: 8.5in 11.0in; margin: 1.0in 1.25in 1.0in 1.25in; }
P.MsoNormal {
        FONT-SIZE: 12pt; MARGIN: 0in 0in 0pt; FONT-FAMILY: "Times New Roman"
}
LI.MsoNormal {
        FONT-SIZE: 12pt; MARGIN: 0in 0in 0pt; FONT-FAMILY: "Times New Roman"
}
DIV.MsoNormal {
        FONT-SIZE: 12pt; MARGIN: 0in 0in 0pt; FONT-FAMILY: "Times New Roman"
}
A:link {
        COLOR: blue; TEXT-DECORATION: underline
}
SPAN.MsoHyperlink {
        COLOR: blue; TEXT-DECORATION: underline
}
A:visited {
        COLOR: purple; TEXT-DECORATION: underline
}
SPAN.MsoHyperlinkFollowed {
        COLOR: purple; TEXT-DECORATION: underline
}
SPAN.EmailStyle17 {
        COLOR: windowtext; FONT-FAMILY: Arial; mso-style-type: personal-compose
}
DIV.Section1 {
        page: Section1
}
</STYLE>
</HEAD>
<BODY lang=EN-US vLink=purple link=blue>
<BLOCKQUOTE dir=ltr
style="PADDING-LEFT: 5px; MARGIN-LEFT: 5px; BORDER-LEFT: #0000ff 2px solid; MARGIN-RIGHT: 0px">
<DIV class=OutlookMessageHeader lang=en-us dir=ltr align=left><FONT face=Arial
size=2><SPAN style="FONT-SIZE: 10pt; FONT-FAMILY: Arial">Hello
all,<o:p></o:p></SPAN></FONT></DIV>
<DIV class=Section1>
<P class=MsoNormal><FONT face=Arial size=2><SPAN
style="FONT-SIZE: 10pt; FONT-FAMILY: Arial"><o:p> </o:p></SPAN></FONT></P>
<P class=MsoNormal><FONT face=Arial size=2><SPAN
style="FONT-SIZE: 10pt; FONT-FAMILY: Arial">I am using Using Plone 2.1,
LDAPUserfolder 2.6, python-ldap 2 to authenticate my plone instance to M$
Active Directory. Overall it is working quite nicely.
<o:p></o:p></SPAN></FONT></P>
<P class=MsoNormal><FONT face=Arial size=2><SPAN
style="FONT-SIZE: 10pt; FONT-FAMILY: Arial"><o:p> </o:p></SPAN></FONT></P>
<P class=MsoNormal><FONT face=Arial size=2><SPAN
style="FONT-SIZE: 10pt; FONT-FAMILY: Arial">Authentication works, managing
group membership works (meaning I can add AD user objects to existing AD
groups), and I can manage permissions by assigning local roles to AD groups,
but when I try to add a new Group through the ZMI I receive the following
somewhat vague error: <o:p></o:p></SPAN></FONT></P>
<P class=MsoNormal><FONT face=Arial size=2><SPAN
style="FONT-SIZE: 10pt; FONT-FAMILY: Arial"><o:p> </o:p></SPAN></FONT></P>
<P class=MsoNormal><FONT face=Verdana color=#660033 size=2><SPAN
style="FONT-SIZE: 10pt; COLOR: #660033; FONT-FAMILY: Verdana">UNWILLING_TO_PERFORM
LDAPDelegate.insert: {'info': '0000054F: SvcErr: DSID-031A0FBC, problem 5003
(WILL_NOT_PERFORM), data 0\n', 'desc': 'Server is unwilling to perform'}
(2006-04-07 11:54)<o:p></o:p></SPAN></FONT></P>
<P class=MsoNormal><FONT face=Verdana color=#660033 size=2><SPAN
style="FONT-SIZE: 10pt; COLOR: #660033; FONT-FAMILY: Verdana"><o:p> </o:p></SPAN></FONT></P>
<P class=MsoNormal><FONT face=Arial size=2><SPAN
style="FONT-SIZE: 10pt; FONT-FAMILY: Arial">Any light that anyone can shed
upon this would be most welcome. </SPAN></FONT><FONT face=Verdana
color=#660033 size=2><SPAN
style="FONT-SIZE: 10pt; COLOR: #660033; FONT-FAMILY: Verdana"><o:p></o:p></SPAN></FONT></P>
<P class=MsoNormal><FONT face=Arial size=2><SPAN
style="FONT-SIZE: 10pt; FONT-FAMILY: Arial"><o:p> </o:p></SPAN></FONT></P>
<P class=MsoNormal><FONT face=Arial size=2><SPAN
style="FONT-SIZE: 10pt; FONT-FAMILY: Arial">emery</SPAN></FONT><o:p></o:p></P>
<P class=MsoNormal><FONT face="Times New Roman" size=3><SPAN
style="FONT-SIZE: 12pt"><o:p></o:p></SPAN></FONT> </P><FONT
face="Times New Roman" size=3><SPAN style="FONT-SIZE: 12pt"><o:p>
<DIV dir=ltr align=left><FONT face=Arial color=#0000ff size=2><SPAN
class=435460916-07042006>Emery,</SPAN></FONT></DIV>
<DIV dir=ltr align=left><FONT face=Arial color=#0000ff size=2><SPAN
class=435460916-07042006></SPAN></FONT> </DIV>
<DIV dir=ltr align=left><FONT face=Arial color=#0000ff size=2><SPAN
class=435460916-07042006>Can't help you on this, we do all of our Active
Directory maintenance through the MS gui tools. This works fine and our Plone
site just has read access to our AD info. I don't know if anyone else is
managing AD users and groups through Plone...</SPAN></FONT></DIV><!-- Converted from text/plain format -->
<P><FONT size=2>Larry Pitcher<BR>Internet Product Manager<BR>Baker Boyer
Bank<BR>Walla Walla, WA<BR>509.526.1429<BR>pitcherl@bakerboyer.com</FONT> </P>
<DIV> </DIV>
<P
class=MsoNormal> </o:p></SPAN></FONT></P></DIV></BLOCKQUOTE></BODY></HTML>