LDAP - more flexibility in group-member-association #7301
Labels
Comments
|
cc @nextcloud/ldap |
MorrisJobke
added
0. Needs triage
|
Good idea. Implementation requires some refactoring of this handling, but would improve the code in fact. Personally, I won't have resources for this however. As always, PRs are welcome and supported :) |
|
Ah, that said, I would leave the most common options as they are and only offer the switching to a self-defined attribute as another option. Otherwise it would be just too complicated for people with little knowledge of LDAP. And too inconvenient for others. |
|
Sure, all this staff should be available in 'expert' tab, the default options are not so bad ;) |
blizzz
changed the title
|
Any progress on this feature? What exactly does "Dynamic Group Member URL" in advanced->directory settings? Seems that's not documented at all. |
skjnldsv
added
1. to develop
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Actually, user_ldap application does not permit to precise the exact configuration of the directory in terms of groups membership. The only parameter we can choose is 'Group-Member association', where one cannot mention a particular attribute's name, only selection from drop-down list is possible. Later, the application use this choice to select an attribute name AND select the supposed type of content of this attribute (DN or UID).
Unfortunately, there is no standard of groups implementation in LDAP. There are several types of implementation that cannot be used with NextCloud. So, NextCloud should be a little bit more flexible:
I think that such improvement (with good documentation) could decrease the number of questions about LDAP configuration and bug-reports about LDAP groups not working.
The text was updated successfully, but these errors were encountered: