Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

LDAP: Users in admin-groups hasn't admin privileges #257

Open
Zerka30 opened this issue Apr 24, 2024 · 0 comments
Open

LDAP: Users in admin-groups hasn't admin privileges #257

Zerka30 opened this issue Apr 24, 2024 · 0 comments

Comments

@Zerka30
Copy link

Zerka30 commented Apr 24, 2024

Hi 👋 ,

I tried to setup wg-portal throught ldap authentification. Most things is working perfectly but I tried to configured the admin-groups but the users contains is this groups is never set has admin in wg-portal.

I already take a look to #187 but I supposed I'm currently running v2 has I used docker image with the following tag wgportal/wg-portal:latest

This is my configuration file :

config.yml contents
advanced:
  log_level: trace
  log_pretty: true
  ldap_sync_interval: 10m

core:
  admin_user: admin@vpn.domain.tld
  admin_password: <REDACTED>
  create_default_peer: true
  create_default_peer_on_creation: true
  editable_keys: true
  import_existing: true

statistics:
  use_ping_checks: true
  ping_check_workers: 10
  ping_check_interval: 1m
  data_collection_interval: 5m
  collect_interface_data: true
  collect_peer_data: true

mail:
  host: mail.infomaniak.com
  port: 465
  encryption: tls
  cert_validation: true
  username: no-reply@domain.tld
  password: <REDACTED>
  auth_type: login
  from: Wireguard <no-reply@domain.tld>

auth:
  callback_url_prefix: http://172.16.0.90:8888/api/v0
  ldap:
    - id: ldap.domain.tld
      display_name: Login with</br>LDAP
      url: ldap://ldap.domain.tld:389
      start_tls: false
      cert_validation: false
      base_dn: ou=staffs,ou=internal,dc=domain,dc=net
      bind_user: uid=wireguard,ou=system,ou=internal,dc=domain,dc=tld
      bind_pass: <REDACTED>
      synchronize: true
      registration_enabled: true
      disable_missing: true
      admin_group: cn=wireguard-admins,ou=production,ou=groups,ou=internal,dc=domain,dc=tld
      login_filter: (&(objectClass=organizationalPerson)(uid={{login_identifier}}))
      sync_filter: (objectclass=inetOrgPerson)

web:
  external_url: http://172.16.0.90:8888
  request_logging: true

What I'm doing wrong?

And something else that has nothing to do with the previous problem but I configured the mail server when I supposed to received mail ? Did we have a test command ?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant