Open Yoronex opened 2 weeks ago
Priority high? Also, I think this can be implemented in the LDAP sync that we created for the members, we only really need to define the service accounts groups as a sudosos role / permission.
Yes this is pretty high priority in my opinion, because I am currently using my own API key, which is pretty dangerous if you ask me. Before, I used yours.
What would you like?
SudoSOS should always synchronize service accounts from AD.
Why is this needed?
Service accounts can be used to integrate SudoSOS with external services, like Aurora or barcommissie.nl. You want to use service accounts, as they can only access the things they are allowed to. However, there is currently no way to use such accounts. SudoSOS only synchronizes AD accounts that exist in SudoSOS. However, for an AD user to be created, the user has to log in with AD once, but this is impossible for service accounts (which often do not have a password).
How could it be implemented?
SudoSOS should create a new user account for an AD user during synchronization, if the to-be-added user is a service account.
Other information
No response