Authenticate against external LDAP server (e.g. AD). Sync Password from external to local LDAP Database.
Details
Diff Detail
- Repository
- rP pykolab
- Branch
- master
- Lint
Lint Passed - Unit
No Test Coverage - Build Status
Buildable 38290 Build 15475: arc lint + arc unit
Event Timeline
Thanks for the diff!
Assigning to the Apheleia IT team since I don't feel entitled to decide on the inclusion of new features without prior consultation.
Seems self-contained, so I don't mind if this goes in, but I'm not planning on working on it.
Sorry, but this code looks like another service user account.
I think this is not a code issue, but a configuration issue.
Should be solved with howto doc, not with code on auth/ldap.
@tammus
did you tried to configure the kolab.conf with:
[ldap]
ldap_uri = <sso_uri>
service_base_dn = <sso_base_dn>
service_bind_dn = <sso_bind_dn>
service_bind_pw = <sso_bind_pw>
auth_attributes = mail, alias, uid, sAMAccountName
auth_attributes should do the trick for your sso_kolab_uid_attr sso_ext_uid_attr
Sync AD user and passwords directly with 389ds.
There are howto's for different use cases:
https://directory.fedoraproject.org/docs/389ds/howto/howto-windowssync.html
https://directory.fedoraproject.org/docs/389ds/howto/howto-one-way-active-directory-sync.html
https://directory.fedoraproject.org/docs/389ds/howto/howto-chaintoad.html
and some more howtos, also for windows/AD interaction
https://directory.fedoraproject.org/docs/389ds/documentation.html
finally you could extend/add user profile/s in Kolabwebadmin Interface -> Settings