Feature #863
add ability to restrict ldap authentication to a security group
Description
I would like to be able to specify ldap authentication to only do name lookups by a specific group:
example:
can I restrict by group like this : cn=foremanadmins, ou=Security Groups, dc=MYDOMAIN,dc=CORP
I currently have this enabled with my subversion setup so I was hoping I could do it on foreman as well.
Related issues
Associated revisions
History
#1
Updated by Benjamin Papillon over 11 years ago
And also important, affect role based on LDAP group.
If it's possible to create a LDAP Group type,(auto create user option enabled) then when the user from a group connect for the first time, the good role is automatically assigned.
#2
Updated by monte olvera over 11 years ago
I would also like to have ldap auth restricted to members of an ldap group.
#3
Updated by Karl Vollmer about 10 years ago
I need this for work, so I put $100 down for anyone who will complete this functionality.
#4
Updated by Mikael Fridh almost 10 years ago
just a bit of a pseudo-code version of doing it (untested): https://github.com/frimik/foreman/compare/863-ldap_group_restriction
The actual search method code was tested against Active Directory before I hackishly put this example in the Foreman code though as I recently built some puppet functions to get canonical user and group information from Active Directory with net-ldap.
Perhaps it can inspire someone to clean it up, make it work and add it as a configuration setting?
#5
Updated by Nils Domrose over 9 years ago
#6
Updated by Dominic Cleal over 9 years ago
- Description updated (diff)
- Category set to Authentication
- Status changed from New to Ready For Testing
#7
Updated by Dominic Cleal over 9 years ago
- Target version set to 1.3.0
#8
Updated by Anonymous over 9 years ago
- Status changed from Ready For Testing to Closed
- % Done changed from 0 to 100
Applied in changeset 4e4671ce95fc666b3c087351177247cb39d1a4c3.
fixes #863 - added ldap_filter to LDAP auth sources to filter lookups using RFC 2254 filters