This issue was moved to a discussion.
You can continue the conversation there. Go to discussion →
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Feedback Wanted] Potential improvements for LDAP for future LDAP implementations #8741
Comments
Really want to see the sync functionality mentioned on 3. implemented. |
|
Our setup is pretty simplified: Active Directory domain, one company, simple hierarchy both with locations and chain of command (manager fields all filled out so organizational tree is correct).
|
I would love to see the AD sync based on the SID instead of the samaccountname. When a user changes their last name they get a new username. This causes a second user record to be created in Snipe with assets checked out to the original name. This requires a manual database edit to correct. Also, a flag in the API that identifies that the user was imported from LDAP/AD would be very useful. I have a script that compares AD and Snipe and deletes Snipe users when they are deleted from AD. If any deleted users have assets assigned then it sends an email alert. I have to manually exclude built-in users in my script which is not the cleanest solution. |
All of these sound like great ideas. 16 is tripping us up right now. On MY AD account! I get deactivated every time LDAP syncs. |
How about SAML and SCIM? |
@ChicagoJay That was fixed a few releases ago, I thought.... We've tested it and I don't think we can reproduce, can we, @uberbrady? @trch15 SAML already exists in Snipe-IT. SCIM is outside the scope of the LDAP discussion (as is SAML), IMHO |
I'm happy to help track it down - tell me what you need. My other LDAP users are all fine, AFAICT. We are running Snipe-IT v5.0.11 build 5695 (gfd4ee6027) with Laravel 6.18.10 and PHP 7.3.24-3+ubuntu18.04.1+deb.sury.org+1. Interestingly, I am running this on Ubuntu 20.04.1 but the PHP version seems to think I am on ubuntu 18.04.1. When we installed Snipe-It originally, we were on 18.04.1 but I did an in-place upgrade a few months ago. I don't use the software often enough to tell if that is when it started disabling my account (and ONLY my account) during AD sync. |
|
Hello, I don't know if it falls into that scope, but I'd like to integrate snipe it with a third party app. The workaround I have now, is to ask my people to create an access token from their profile, then to store it in the second app. But it's very not secure to store access tokens. |
Would love to see number 5 seems that people have asked for years for this |
Is there an existing standalone issue for item 9 that I'm too blind to see in search? We're blocked from updating Snipe-IT to v5 because our hosting doesn't provide |
|
The two primary features I'd be interested in in:
|
This issue was moved to a discussion.
You can continue the conversation there. Go to discussion →
I'm just trying to document the various LDAP issues we have all around and trying to collect together the main things I've been seeing into one central location. Feel free to chime in if you don't see something you want, or have had to deal with, listed here.
ldap://
in front of their LDAP server URL, and the system didn't warn them or nudge them at all, it just silently failed. Bummer.php-ldap
module. The ServiceProvider seems to get initialized whether it's used or not. (Potential fix without rewrite: switching to "Deferred Service Providers")The text was updated successfully, but these errors were encountered: