Crivaledaz
commented
1 year ago Hi,
Thank you for your feedback. I am happy to know that Mattermost-LDAP is making your life easier.
Regarding your question, Mattermost-LDAP only serves as a connector/proxy between Mattermost and LDAP. It does not have a daemon or running background process to perform daily checks.
Mattermost-LDAP only processes authentication against LDAP. Once it is done and successful, it returns the user data to Mattermost. After that, Mattermost-LDAP and Mattermost do not exchange any information. Thus, if you deactivate or delete a user from your AD/LDAP, even if Mattermost-LDAP was aware of it, it has no means to inform the Mattermost server.
However, if the user tries to authenticate again, the AD/LDAP authentication will fail, and the user will not be able to access the Mattermost server.
In Mattermost, you can define the session duration. During this time, Mattermost does not ask the user to reauthenticate. If you want to ensure that deleted users cannot access Mattermost, you should set the session time to 24 hours. But please note that everyone will have to authenticate once a day to access Mattermost.
Have a good day.
Regards,
Hello! Thank you for your great work, which makes life easier!
Everything works just fine! But there are a few questions that I can't find the answer to.
If the user is deleted in AD, then he can still read and watch messages in MM. Whether there is no check on an urgency of the user in the domain? Let's say once a day to run through the domain and put the user's status in an additional column in the DB?
Sorry for my English! The app is great! Thanks again!