@jdaviescoates Discourse can have multiple authentication modes active simultaneously, yes.
jdaviescoates last edited by
Just to say, again, I really want LDAP support in Discourse! (and every app)
The use case is that I want to sell managed Cloudron servers and one of the key selling points is Cloudron's awesome LDAP integration.
Sure, we want people to be able to register on public forums too, but all existing uses on the Cloudron should be able to use their existing credentials.
(oh, and I'd still really like to be able to able to filter apps in the app store by which ones have LDAP too)
I wholeheartedly agree with @jdaviescoates
I'm trying to add LDAP support myself. I've added the ldap addon to the package manifest, built and installed it. I've also installed the discourse-ldap-auth plugin. It sort of works!
Here are the settings I could figure out myself:
invite-onlyforums that only want LDAP, that setting has to be turned off. Otherwise LDAP users can't authenticate. The feature can still be achieved by
enable local logins
enable local logins via email
allow new registrations(Brings back the Sign up button, but luckily (!?) it leads to LDAP login too.
- Accounts aren't automatically created. (Not possible currently)
- I don't know what
en_US.login.ldap.nameis or how to map it/fix it.
- I don't know how to map the suggested username to the Cloudron username upon Discourse account creation. I would also want to lock it.
- I don't know any other LDAP settings, I just ripped them from the Wordpress LDAP integration settings
- LDAP sign-in UI looks off-brand and dodgy, possibly signalling phishing attempt for some users.
Any help appreciated!
Oh, not being able to create accounts automatically is a bummer. What does it mean then? You can login via LDAP but the account has to be created with some other means? (how?)
@girish Yeah, it’s unfortunate. But it’s not confirmed as it was only what the discourse-ldap-auth developer thought, so it should be investigated properly.
The only difference is that you need to click the Create New Account button where your credentials come with pre-filled LDAP data. But any increased complexity in such user flows will always generate more support tickets for admins as another step offers another chance to screw up
A general serious bug is that I can't upload Discourse backups for restoring:
There has been an error while uploading 'backup.tar.gz': There is not enough space on disk to upload this backup.
This is even though there's plenty of free space in the Cloudron system itself.
Come to think of it, is it wise to have the Discourse feature of builtin automatic backups enabled by default at all?
@yusf I can reproduce the problem, I have opened https://git.cloudron.io/cloudron/discourse-app/issues/2 . AFAICT, there is no way to disable backups in discourse (atleast cannot find it in the UI)
Import issue is now fixed in the latest package.
there is no way to disable backups in discourse
I think I actually saw a setting in the UI I’ll check it out.
jdaviescoates last edited by