Feature #5702

Please add ldap filters for authentication

Added by Nico Tourneur over 7 years ago. Updated over 5 years ago.

Status:ClosedStart date:2010-06-16
Priority:NormalDue date:
Assignee:-% Done:

0%

Category:LDAP
Target version:-
Resolution:Duplicate

Description

Hello,

It would be great to add the abaility to filter on group membership to the LDAP authentication module.

Actually, I know it's possible to change the search base so only users inside of a defined OU could use the application.
With large LDAP setup (lots of users, LDAP used by multiple apps) you have several users in different OU which will need to be able to use the same application so we use group membership.

It would be really a plus if you add some field to let us do that kind of filtering, something like cacti has would be perfect. So if we can specifiy a group DN, a membership field (like memberUid) and a group member type (username or DN of the user), everything would be perfect.

Thanks and regards,


Related issues

Related to Redmine - Feature #1113: Link LDAP groups with user accounts New 2008-04-25
Related to Redmine - Patch #4755: Create and maintain groups from LDAP attributes New 2010-02-08
Related to Redmine - Feature #5742: Association of an LDAP group to a Redmine group New 2010-06-23
Related to Redmine - Feature #1060: Add a LDAP-filter using external auth sources Closed 2008-04-15

History

#1 Updated by Felix Schäfer over 7 years ago

I can't remember exactly what the LDAP settings in the stock redmine look like, but can't you specify a filter? It's been a while since I got into LDAP that deep, but I seem to remember that the stuff you are asking for could be achieved with a well crafted filter.

#2 Updated by Nico Tourneur over 7 years ago

In the web form, in only see the base DN that could be used as some kind of filter, unfortunately it's not enough. Is there any other place where I can configure that ? yml file ?

#3 Updated by Felix Schäfer over 7 years ago

Nico Tourneur wrote:

In the web form, in only see the base DN that could be used as some kind of filter, unfortunately it's not enough. Is there any other place where I can configure that ? yml file ?

No, then it's in one of the patches I applied sorry. Depending on your skill level, search around the tracker, I think there are 2 patches to include more options in the LDAP settings which also include the possibility to specify an arbitrary filter. Be aware though that the patches probably won't apply cleanly to trunk due to several changes to the LDAP Auth between 0.9-stable and trunk.

#4 Updated by Nico Tourneur over 7 years ago

So the best would be to have those patches included in the next release of Redmine :)

#5 Updated by Glenn Gould about 7 years ago

related to #1113, #4755, #5742

#6 Updated by Etienne Massip over 6 years ago

  • Category set to LDAP

#7 Updated by Jean-Philippe Lang over 5 years ago

  • Resolution set to Duplicate

See #1060 implemented in 1.4.0. You can now enter a custom LDAP filter.

#8 Updated by Jean-Philippe Lang over 5 years ago

  • Status changed from New to Closed

Also available in: Atom PDF