Open GeKasap opened 3 years ago
I have also added the respective messages in en.inc.php
and tried to translate for fr.inc.php
.
Please feel free to update them, if needed.
Hello @GeKasap
thanks for this proposition.
I understand your use case, but I don't think that asking admin credentials for all actions are a good solution.
People installing Service Desk should protect the configuration file and the server to avoid any credentials leak.
Moreover, you seems to introduce buggy changes in your code, like replacing the value for pwdAccountLockedTime.
I would be happy to have feedback from other users of Service Desk before accepting this code.
Hello @coudot , thanks for replying. I understand that providing the admin password each time is not very comfortable, but IMHO having the password inside config in plain text is a serious security issue. Especially since I am using it in a docker container. Ok, I can put the password in a sealed secret, but then I have to pass it as configMap, which also is not secure. Moreover, using a single bind account does not provide transparency as of which admin locked or modified an account, unless you search the log entries of Service Desk. Last, about the "buggy changes", you are correct. I mis-read the definition of pwdAccountLocketTime. I will revert it. But a comment should be added in user's information, that the account has been disabled by an administrator.
I know it's a bit late to participate, and I'm "just a user". But in my opinion, you should use Apache config (or any other web server you can use) to protect this application. In my case, i put an apache config which ask for name and password, and looks in a specific OU of the LDAP for the account given. So, there's no password in plain text in the configuration, and you can authorize many account for using this application. This is my very little contribution to this subject.
Hello @micter59
using Apache authentication does not prevent to use a dedicated account in Service Desk to connect to the LDAP directory.
Sorry, I misunderstood the question.
Setting bind user in configuration is not safe in some deployments, as this user should have permissions to modify the following attributes in LDAP:
For that reason, the
always_authenticate_admin
variable has been introduced inconfig.inc.php
. When set to true, input fields for administrator's username and password appear inReset Password
andLock/Unlock Account
forms. When user submits one of this form, thenldap_bidndn
andldap_bindpw
are taken from the respectivePOST
variables, overwriting any value they have inconfig.inc.php
orconfig.inc.local.php
files. The default value ofalways_authenticate_admin
is false, providing the old functionality.