Add a config item admin_groups as a list to define LDAP groups for administration, similar issues are defined in #72 or #160
Who would use this feature?
In a complex infrastructure there are mostly not single admins, so mostly there is a group of admins which is defined by a LDAP group entry
Suggest a solution
Add equal to the allowed_groups the item admin_groups and match it to the internal admin behaviour. On the login the scope can be valid, so that if a user is memberof one of these group administrator access is granted.
Proposed change
Add a config item
admin_groupsas a list to define LDAP groups for administration, similar issues are defined in #72 or #160Who would use this feature?
In a complex infrastructure there are mostly not single admins, so mostly there is a group of admins which is defined by a LDAP group entry
Suggest a solution
Add equal to the
allowed_groupsthe itemadmin_groupsand match it to the internal admin behaviour. On the login the scope can be valid, so that if a user ismemberofone of these group administrator access is granted.