Project

General

Profile

Feature #245

Fix LDAP user management

Added by Eric Shamow about 12 years ago. Updated over 11 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
Authentication
Target version:
-
Difficulty:
Triaged:
No
Bugzilla link:
Pull request:
Fixed in Releases:
Found in Releases:

Description

In the current version, user management is available via two options: you can create and populate stand-alone users, or you can enable LDAP and allow any user who can authenticate to automatically create an account.

It is desireable to allow LDAP for authentication but to still control authorization, either by enabling an LDAP filter for a particular group, or by creating user accounts which use LDAP for auth.

The latter is doable (thanks olevy) by commenting out the following line in app/controllers/users_controller.rb:

config.actions.exclude :create

This enables LDAP users to be added, but the method is kludgy. There should either be an LDAP filter option (preferable) or a config or GUI-based way to turn limited LDAP on.


Related issues

Has duplicate Foreman - Feature #149: Better LDAP user controlRejected2010-01-07

History

#1 Updated by Ohad Levy almost 12 years ago

  • Target version set to 0.1-6

#2 Updated by Ohad Levy almost 12 years ago

  • Status changed from New to Feedback
  • Assignee changed from Ohad Levy to Eric Shamow

would you be able to confirm that by introducing the internal authentication scheme, the problem is resolved? (can be found in the latest develop branch).

#3 Updated by Ohad Levy over 11 years ago

  • Status changed from Feedback to Need more information
  • Target version deleted (0.1-6)

#4 Updated by Ohad Levy over 11 years ago

  • Status changed from Need more information to Closed

Also available in: Atom PDF