nuxsmin
commented
5 years ago Hello, this feature has been discussed a since a time ago, and due to PHP nature (interpreted language) it will require some additional components in order to perform asynchronous tasks (ie. message queuing service). Such components add a higher level of architecture complexity, and because I'm the only developer within this project, I won't be able to manage such issues which this kind of architecture would throw.
I agree with you about such kind of integration, but on the other hand, some other known applications don't make it that way (eg. Gitlab, Rancher, Vault, etc.), so it seems that other wants to keep it simple and do not tightly couple the authorization.
Regards
t0l0
Is your feature request related to a problem? Please describe. Currently you can import groups via ldap, but there are no members imported.
Describe the solution you'd like All imported groups from ldap source should also link to syspass users so we can use the LDAP-source as primary permission source. An ongoing sync which is triggered through user login if a definable timespan has expired (e.g. 30 minutes) which updates the group members would be awesome. In enterprise environments you don't configure permissions on both sides (LDAP source and application). A good example for an ldap implementation with sync can be seen on Nextcloud.