[Deploying Sakai] Managing (restricting) access to courses with LDAP

[Fernando Laudares Camargos]

Hello again,

I'm putting a considerable amount of time trying to figure out how things work in Sakai but still there's a bit I don't quite understand yet and that is how to restrict (or filter) access to Sakai's sites. 

I'm looking to improve the way this particular server operates, which has 500+ manually registered accounts where each user can access any of the available sites. With your guidance I've been able to integrate LDAP authentication, so now we can get rid of the local accounts and centralize identity management in an LDAP server. I know that by default I'm able to restrict LDAP authentication to a particular baseDN in the LDAP server (like uid=*,dc=users,dc=mydomain,dc=com) and that I can map attributes of LDAP accounts to attributes of Sakai accounts, which allows me for instance to use an LDAP attribute to determine the user's role within Sakai. But can I go further than that, is there a way for example to restrict access to site1 to users that are members of the LDAP group 1 (or anything similar to this) ?

I've tried to navigate in the archives of this mailing list since I believe this question is relevant enough to have already been posted here but other than manually open each thread on http://collab.sakaiproject.org/pipermail/production/ I didn't found a solution. Is there a search engine somewhere that can be used for this ?

Thanks for your help. 

Regards,-- 
Fernando Laudares Camargos
     Révolution Linux
http://www.revolutionlinux.com
---------------------------------------
* Tout opinion et prise de position exprimée dans ce message est celle
de son auteur et pas nécessairement celle de Révolution Linux.
** Any views and opinion presented in this e-mail are solely those of
the author and do not necessarily represent those of Révolution Linux.