[SAC] LDAP / Web Tools


I have implemented a few new features in my LDAP / Python web pages.

1) https://www.osgeo.org/cgi-bin/auth/ldap_group.py will now let anyone
in "cn=admin,ou=projects" to edit any group in addition to members of a
group being able to edit their own group.

2) https://www.osgeo.org/cgi-bin/auth/ldap_web_search.py is a new variation
on the existing public ldap search form. But this one requires authentication
as a member of "cn=admin,ou=projects", and it will show the email addresses as
well as userids and common name. It also includes a link to ldap_edit_user.py
for each user found.

3) https://www.osgeo.org/cgi-bin/auth/ldap_edit_user.py will now allow anyone
in "cn=admin,ou=projects" to edit any osgeo userid (in addition to allowing
the user themselves to edit). This means we no longer need to go through
phpldapadmin to reset a password for instance.

I have also taken the section on LDAP out of the migration document and made it
a standalone wiki page at:


And I added notes on the various web tools available. I don't feel some of
this info is particularly appropriate for the "outward facing" page at

Currently the "admin" group includes Tyler, Martin, Howard, Shawn and myself.
As far as I know, the only purpose it serves is this admin role for the various
web scripts. So only folks intended to have ldap update access should be in

Best regards,
I set the clouds in motion - turn up | Frank Warmerdam, warmerdam@pobox.com
light and sound - activate the windows | http://pobox.com/~warmerdam
and watch the world go round - Rush | President OSGeo, http://osgeo.org