[CalendarServer-users] Errors with group based access control

[Frank Strauß]

Josh Wisenbaker wrote:
> On Thu, December 14, 2006 8:09 am, Frank Strauß wrote:
>> This happens when I try to "get details" in Mulberry on a group's
>> directory, no matter whether I am a member of that group or not.
>> (I am using the XML directory backend as long as I don't know how to use
>> LDAP.)
> 
> No idea on the get details issue, but as soon as I get my lab set back up
> after my move I plan to evaluate the new trunk and then write my article
> on LDAP integration.
> 
> The only bit that wasn't working for me was kerb, which I realized doesn't
> matter as I haven't seen any kerberized caldav clients to use. :)
> 
> The basics are...
> 
> 1. Extend your schema to add a calendar principal attribute.
> 2. Rebuild and install PyOpenDirectory with your custom attribute.

Thanks, Josh!

You motivate me to give it another try... :-) But I have some further 
questions:

Where did you take the OID 1.3.6.1.4.1.63.1001.1.1.1.1.99 from? Is it 
kind of official? Does it matter in any way which OID we use (as long as 
we are testing it in our own environments)?

What values do you put into calendarPrincipalURI attributes? Full URIs 
with a "http://cal.example.com:8008" prefix or just something like 
"/principals/user/josh"?

I'm no Python guru. Do you know how this warning can be avoided? 
Probably at some place, my Tiger Python-2.3 stuff is used, although 2.5 
is available and the first in my $PATH.

2006/12/14 15:49 +0200 [-] 
/private/var/automount/home/strauss/Developer/CalendarServer/twistedcaldav/directory/appleopendirectory.py:30: 
exceptions.RuntimeWarning: Python C API version mismatch for module 
opendirectory: This Python has API version 1013, module opendirectory 
has version 1012.