Closed j-mikhail closed 4 years ago
The case matching should be easily fixable. Good catch.
The org invite is not possible with the current version of the admin API. There is an open item to expand the admin API such that the upstream directory connector is supported. That would be ideal.
Just pushed a PR to fix it. Not sure if you're familiar with Rust, but you can give it a look before I merge it and bump the version to trigger a new build.
Thanks Ian, I appreciate your efforts! I'm not too familiar with Rust I'm afraid, but I'm happy to test out your changes once you merge.
No worries. I just merged it. I tested locally.
Hi @ViViDboarder, thanks for the taking the time to develop this tool. I managed to get it up and running, but I'm having some odd errors I'm hoping you can help me with. I have the LDAP filters such that only a single user should match for testing purposes, and that is working.
The first time it ran, I got the following log output (redacted for identities):
Existing user or invite found with email: user.one@domain.com,
Existing user or invite found with email: user.two@domain.com,
Existing user or invite found with email: user.three@domain.com,
Try to invite user: User.Four2@domain.com,
Sent invites to 1 user(s).,
Which is working great so far. The user received their invitation, and I see the user in bitwarden_rs's admin panel. However, the user is not associated with any current organizations in our setup, so my first question is: is there a way to specify which organizations new users should be associated with?
Then, on the next cycle I saw:
Existing user or invite found with email: user.one@domain.com,
Existing user or invite found with email: user.two@domain.com,
Existing user or invite found with email: user.three@domain.com,
Existing user or invite found with email: user.four2@domain.com,
Try to invite user: User.Four2@domain.com,
Sent invites to 1 user(s).,
I note that it's trying to reinvite the same user. I wonder if it isn't because our AD server returns the email address with capital letters in it, and that the matching is being done on a case sensitive level? I note the following in bitwarden_rs's logs seem to reflect the error in attempting to duplicate an existing user:
[2020-03-05 15:15:28][request][INFO] GET /admin/users
[2020-03-05 15:15:28][response][INFO] GET /admin/users (get_users) => 200 OK,
[2020-03-05 15:15:28][request][INFO] POST /admin/invite,
[2020-03-05 15:15:28][error][ERROR] User already exists,
[2020-03-05 15:15:28][response][INFO] POST /admin/invite (invite_user) => 400 Bad Request,
So my second question is: is there a way to fix the case sensitivity of the matching?
Thanks!