Comments (10)
thorin
commented on August 29, 2024
Yes, it would require two requests to ldap.
One to fetch the user and groups and a second one to get the groups names.
It would have to be optional to prevent breaking the support for other ldap servers.
If I have the time I'll have a look.
from redmine_ldap_sync.
JelleHissink
commented on August 29, 2024
Thanks for the response. I hope you can help me with this. If I can help you in any way please let me know.
from redmine_ldap_sync.
thorin
commented on August 29, 2024
JellHissink, I've just added the new feature.
I would be glad to hear your comments.
Don't forget to run rake db;migrate_plugins RAILS_ENV={env}.
from redmine_ldap_sync.
thorin
commented on August 29, 2024
Tomorrow I'll also update the readme with the new changes.
from redmine_ldap_sync.
cforce
commented on August 29, 2024
Seems as new filed won't show up for all already configured ödap server's. I have 3 servers configured any only one shows new options. Waiting for doc of the new options, cause unsure what they really do.
I Thing i will choose "Groupmembership: on the user class" and set "Members attribute (group)" to the attribute name in the group class which indetifies user of this group and "Memberid attribute (user)" to attribute name of the user's class, which indetifies the groups the user's belonks to.
I could also choose "Groupmembership: on the group class", but why should i do else. In my case referencing works both way (user<>group), so choose user, because better perfoemance?
Tx for contributing.
..should make it into the core btw.
from redmine_ldap_sync.
thorin
commented on August 29, 2024
You're right.
I've made a mistake on the elements ids as I didn't count with multiple servers, as so, there is a conflict between the ids.
The performace should be almost the same as I didn't manage to reduce the number of calls to the ldap server.
The main difference is, according to what JalleHissink said, nested groups.
This means that, if you have a group A belonging to a B and an user belonging to the group A, at least in OpenDS, the following occurs:
- If you set group membership on the user class, the user will be member of both group A and B.
- If you set group membership on the group class, the user will only be member of group B.
from redmine_ldap_sync.
thorin
commented on August 29, 2024
cforce, I've just commited a fix for the problem you reported.
from redmine_ldap_sync.
JelleHissink
commented on August 29, 2024
Thorin, thanks for taking the time to implement this. I'll test it this week
from redmine_ldap_sync.
JelleHissink
commented on August 29, 2024
Hi Thorin,
It works for me now, had some problems with the groupid attribute, for OpenDS you should set it to entryDN. Took some debugging with puts, but found it.
My settings if somebody wants to use OpenDS:
- Group base DN: dc=CodeWise,dc=nl
- Group name attribute: cn
- Group membership: On the user class
- Groups attribute (user): isMemberOf
- Groupid attribute (group): entryDN
- Users objectclass: person
- Groups objectclass: groupOfUniqueNames
- Group name pattern:
- Group search filter:
Thanks again for the change!
from redmine_ldap_sync.
thorin
commented on August 29, 2024
I've added your OpenDS configuration to the README.md. Thanks
from redmine_ldap_sync.
Related Issues (20)
- All accounts disabled HOT 8
- Nested group members not picked up HOT 18
- Improve test HOT 1
- Accounts not re-enabled when re-enabled in AD HOT 2
- On Synchronization update user fields
- sync_users DRY_RUN error
- sync_all DRY_RUN error
- sync_groups DRY_RUN error Not a DRY_RUN (writing to DB)
- Group name pattern: # of results different in test vs 'rake task' HOT 1
- No groups from Active Directory HOT 1
- Can not enable synchronization with invalid settings. Please review the configuration. HOT 3
- translation missing: zh.label_ldap_synchronization
- Icon admin menu link missing background-repeat: no-repeat property
- Feature Request - Ability to synchronize ad groups other attributes to use it for group name in redmine
- why my ldap sync plugin can't work? how can help me? HOT 2
- All LDAP Users Archived/Locked after Update to 3.4.6 HOT 1
- Errors during test of ldap sync setup HOT 1
- Synchronise locked users
- no New authentication button or menu HOT 4
- Redmine 4: uninitialized constant User::STANDARD_FIELDS HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from redmine_ldap_sync.