Open jsaathof opened 5 years ago
I have found a successor of the project Adldap2 called ldaprecord. There is a lot of documentation available on the site. I can install the module but when I have to change the authentication I'm kind of lost.
Hummm....
I assume the following setting. You have:
The question is more how do you determine the local ID for the used. For the connection, you could basically add a line to check against a user in the LDAP server here: https://github.com/LycheeOrg/Lychee/blob/376f8c7c9c463816252319dcbdab2975d221ed8a/app/ModelFunctions/SessionFunctions.php#L141
Hi,
I do have an LDAP server, that is the main reason to request LDAP support. And I am running Lychee. But I’m not a PHP programmer. So I’m having a hard time implementing this myself. I will take a look at the code you mentioned.
-- Sincerely,
Jurriaan
On 30 Mar 2021, at 12:25, Benoît Viguier @.***> wrote:
Hummm....
I assume the following setting. You have:
• a LDAP server • a Lychee install. The question is more how do you determine the local ID for the used. For the connection, you could basically add a line to check against a user in the LDAP server here: https://github.com/LycheeOrg/Lychee/blob/376f8c7c9c463816252319dcbdab2975d221ed8a/app/ModelFunctions/SessionFunctions.php#L141
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub, or unsubscribe.
The YunoHost Lychee integration would become most excellent if it included LDAP integration. That Lychee-YunoHost integration is currently declared "YunoHost level 8" meaning "quite good" but its lack of integration with YunoHost's user account system is quite a drawback.
In fact, any self-hosting these days is hampered by having its own user account management. Single Sign-On (SSO) is the way to go, if we want to get ordinary people using our lovely self-hosted FOSS things. And LDAP support is a step towards SSO.
Now the good news: apparently Lychee LDAP integration already exists: see the Lychee-LDAP fork by 'hfr'.
Some caveats: I haven't tested or studied it; I see a gripe/grudge written in its README which is a bit in bad taste; it looks substantially documented but also a bit complex, and I don't know if that's just how complex it has to be (as LDAP's a bit fiddly itself anyway).
Surely it's worth a good look?
Now the good news: apparently Lychee LDAP integration already exists: see the Lychee-LDAP fork by 'hfr'.
The fork from hfr has not been updated since its creation. See https://github.com/LycheeOrg/Lychee/pull/1322 for the associated Pull Request and why it was not merged.
We are still open to a pull request for LDAP. :)
Thanks for the feedback and the link to the PR. I have skimmed and digested that now. What a pity.
I opened a place-holder issue in YunoHost: lychee_ynh: Lychee LDAP integration #57, effectively blocked on this one.
I can only hope some new developer will come along and pick up the pieces and put it all together.
If someone wants to give it a try, there are a package that would make the integration with Lychee easier. https://github.com/DirectoryTree/LdapRecord-Laravel https://ldaprecord.com/docs/laravel/v3/
What a coincidence: I opted the same module three years ago...
I have created a pull request (#2386) adding Keycloak as option for Oauth. Since opening this ticket I have added a Keycloak environment (together with PrivacyIdea for centralized 2FA) to my setup. And Keycloak supports LDAP so my issue would be solved.
I have created a pull request (#2386) adding Keycloak as option for Oauth. Since opening this ticket I have added a Keycloak environment (together with PrivacyIdea for centralized 2FA) to my setup. And Keycloak supports LDAP so my issue would be solved.
And pull request merged ! :) Thanks a lot for your contribution.
I have found Lychee just recently and migrated quickly to the new Laravel version which works just fine for me. Haven't found any issues. I am really happy that I can use my PostgreSQL database instead of having to run an MySQL/MariaDB next to my PostgreSQL database. And I really like the feature of having multiple users.
However my users are in an LDAP database. I would really like to have LDAP authentication added to Lychee-Laravel to simplify user management and having just one password for users. I have found a project to add LDAP to a Laravel application called adldap2. See https://github.com/Adldap2/Adldap2-Laravel. I don't know if that can be used it Lychee-Laravel. I hope LDAP authentication makes it into the application.
Cheers.
Jurriaan