Specifying admin user via LDAP #106
Labels
enhancement
New feature or request
Comments
tchapi
added
enhancement
|
Hi Pavel, Very clear, thanks for the issue! It would be possible, yes, but it would need a bit of a rewrite for the admin auth part. |
|
Maybe the davical ldap driver helps to implement such a feature https://gitlab.com/davical-project/davical/-/blob/master/inc/drivers_ldap.php It supports user and group filters and synchronization. This could help to import (sync) groups from ldap. |
|
Closing in favor of the Github project created for the roadmap: https://github.com/users/tchapi/projects/1/views/1 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi,
I would like to ask if it would be possible to leverage existing LDAP authentication for specifying admin user. The current situation is that you can have all your user accounts (admin included) stored in LDAP, but you have to specify admin username and password by utilizing environment variables like
ADMIN_LOGINandADMIN_PASSWORD. It would be very handy to leverage existing user database for that purpose.To give you an example: in another application we are using there is a configuration option called
Admin Filterthat accepts values like(&(objectClass=posixAccount)(uid=%s)(memberOf=cn=calendar,ou=groups,dc=example,dc=com)). Any LDAP account that matches this filter is then considered to be an administrator account - simple and effective.Thank you for your great application and have a nice day
Pavel
The text was updated successfully, but these errors were encountered: