search

Ylianst / MeshCentral

A complete web-based remote monitoring and management web site. Once setup you can install agents and perform remote desktop session to devices on the local network or over the Internet.
https://meshcentral.com
Apache License 2.0
4.29k stars 573 forks source link

Combine LDAP and Local authentication #6442

Open JairoVV opened 1 month ago

JairoVV commented 1 month ago

We are trying to combine LDAP and local authentication, but as we have discussed with a project collaborator, this is currently not possible. When we enable LDAP login, it is not possible to log in with the local site administrator because the login system always searches LDAP to validate accounts.

We would like to be able to use both LDAP and local authentication within the same domain. Maybe it's possible by a new configuration parameter like "ldapfallbacktolocal": true.

We tried using different domains and it works, but the site information is different for both domains and we cannot manage the same computers for different domains.

We hope this new feature is useful to the community. Thank you in advance for your time and effort.

si458 commented 1 month ago

im just looking at the source code and this might be a little tricky to implement, the login part is easy, but when you login as local if ldap was unavailable, you wont have permissions to do things like (add/edit/change users)/change passwords/email verify this is because parts of the source code check if you are in LDAP which you WOULD be as this is your default method of login so we would need to add additional checks to allow those features

JairoVV commented 1 month ago

Thank you very much for your efforts and explanations about the implementation of these features.