WHICH PLUGIN INTERFACES DO WE WANT TO ACTIVATE?
===============================================

With PlonePAS and LDAPMultiPlugins you can and should specify which
functions (called plugin interfaces) you want your LDAP to perform.
Do you just want authentication or do you also want to add users to
LDAP from within Plone?  Things like that.

Below is a description of the various Plugin interfaces that are
defined in PluggableAuthService or PlonePAS.

Some plugin interfaces are marked below as: "needs patch".  That means
it only works with LDAPMultiPlugins 1.2 patched with the file:
http://antiloop.plone.org/LDAPMultiPlugins-plone.org.patch


Patch instructions
==================

# Get LDAPMultiPlugins 1.2:
wget http://www.dataflake.org/software/ldapmultiplugins/ldapmultiplugins_1.2/LDAPMultiPlugins-1_2.tar.gz/download
# Get the patch:
wget http://antiloop.plone.org/LDAPMultiPlugins-plone.org.patch
# Untar 1.2 and change to that dir
tar xzf LDAPMultiPlugins-1_2.tar.gz
cd LDAPMultiPlugins
# Apply the patch:
patch -p0 < ../LDAPMultiPlugins-plone.org.patch

Note: patching 1.3 gives one error.  Should be solvable I guess, but
it may not be necessary to use 1.3.


Plugin Interface descriptions
=============================

Now we give a short description of the available plugins and say if it
needs a patch or needs LDAPMultiPlugins version 1.3.  If nothing is
said, it works with version 1.2 (and should also work with 1.3).


From Products.PluggableAuthService.interfaces.plugins
=====================================================

- IAuthenticationPlugin: Map credentials to a user ID.

- ICredentialsResetPlugin: Callback:  user has logged out.

- IGroupEnumerationPlugin: Allow querying groups by ID, and searching
  for groups.

- IGroupsPlugin: Determine the groups to which a user belongs.

- IPropertiesPlugin:  Return a property set for a user.

- IRoleEnumerationPlugin: Allow querying roles by ID, and searching
  for roles.

- IUserEnumerationPlugin: Allow querying users by ID, and searching
  for users; also needed for listing users in a group.

- IRolesPlugin: Determine the (global) roles which a user has.

- ICredentialsUpdatePlugin: Callback: user has changed her password.
  Needs LDAPMultiPlugins 1.3

- IUserAdderPlugin: Create a new user record in a User Manager.
  Needs patch.

From Products.PlonePAS.interfaces.group
=======================================

- IGroupManagement: add, update, remove, set roles for group.
  Needs patch.

- IGroupIntrospection: get group ids etc, get members of group.

From Products.PlonePAS.interfaces.plugins
=======================================

- IUserManagement: Manage users (change password or delete user)
  Needs patch.