You are here: Home / Documentation / How To's / Use Dynamic Groups from LDAP on 4.0+ site

Use Dynamic Groups from LDAP on 4.0+ site

by gutow published Nov 15, 2013 01:24 PM, last modified Aug 16, 2016 10:50 AM
Follow these instructions to assign people to groups on your site based on information available from the Campus LDAP/NetID server.

1) You must have a site that uses the Campus LDAP/NetID server for logins.

2) Create the groups you want to populate in the "Group" control panel.  Make note of both the id's you assign and the titles.  You will need them.

3) In the ZMI navigate to /acl_users.

4) From the "Add" menu select "Dynamic Groups Plugin".  Name it something like "dynamic_groups" with a title like "Dynamic Groups Provider".

5) Navigate into the newly created "dynamic_groups" item.

6) Click on "Add Group".  

  1. Assign the group an id and title for one of the groups you previously created.  For example, I created a group with id = student and title = Students, which I use to keep track of who is a student.
  2. Put a python expression in the "Predicate" field.  Example for the student group (see this how-to for more choices of properties available):
python:'student' in (principal.getProperty('eduPersonAffiliation',None) or [])

Save the group

7) Navigate back to the "dynamic_groups" item. Then in the "activate" tab check both the "Group_Enumeration" and "Groups" items.  Then click "Update".

8) Navigate back to the list of your groups in the "dynamic_groups" item.  Then select each group in turn, checking the "activate" box and then clicking "Save Changes".